Commit Graph

44606 Commits

Author SHA1 Message Date
Peter Krempa
42d9807350 qemuxml2argvtest: Don't insert capabilities into cache twice
Fake capabilities are inserted twice, as in a few tests the architecture
is not present in the XML (testing filling in of the architecture).
Since we already know which architecture will be picked we don't need to
be adding the capabilities twice.

This doesn't impact the tests as they use the same approach to determine
the default arch.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
0a4e33ffde qemuxml2argvdata: Use proper arch and emulator for aarch64 real capability tests
Upcoming patches will modify how we populate the capability cache in
tests to be more sane. This also means that the emulator binary and
architecture used in the test files using real capabilities must match
what the real capabilities have.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
c9880b647b qemuxml2argvdata: Use proper arch and emulator for x86 real capability tests
Upcoming patches will modify how we populate the capability cache in
tests to be more saner. This also means that the emulator binary and
architecture used in the test files using real capabilities must match
what the real capabilities have.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
b02f60e316 testutilsqemu: Remove unused fake-caps x86 machine types
None of our tests reference 'isapc', and 'pc-i440fx-2.6'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
d08ce2fdd4 securityselinuxlabeldata: Purge unneeded versioned machine type
Use 'pc' instead.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
f900220494 qemuhotplugtestdomains: Remove unnecessary use of versioned pc machine types
The specific machine type is not important for the test. We can use 'pc'
instead.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
e3a2117488 tests: qemuxml2argvdata: Purge versioned i440fx machine types from fake-caps tests
Use the 'pc' alias for them as it's equivalent.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
ee12bd7b8a qemuxml2(argv|xml)test: Unify usage of DO_TEST_CAPS_LATEST
The qemuxml2argv invocation of some tests used DO_TEST_CAPS_LATEST while
the qemuxml2xmltest invocation uses fake caps. Unify them on
DO_TEST_CAPS_LATEST.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
c05dc2851c qemuxml2(argv|xml)test: Enable 'controller-usb-order' for qemuxml2argv and convert it to latest caps
Since introduction in fc03eb53c0 there wasn't a qemuxml2argv
version. As we are touching the files convert them to
DO_TEST_CAPS_LATEST directly.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
22184d6631 qemuxml2xmltest: Replace 'interface-server' by 'net-server' test case
According to commit 5222256849 the test case was added to verify that
the '<address>' element is covered by the schema. The test was not
registered for qemuxml2argvtest though. We can use 'net-server' instead
as it has the same type. On the other hand that one was not registered
for qemuxml2xmltest.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:14 +01:00
Peter Krempa
83bd28dc8f tests: qemuxml2argvdata: Remove specific q35 machine types from fake-caps tests
Use q35 instead.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:13 +01:00
Peter Krempa
fe25fb51b1 tests: qemuxml2argvdata: Remove use of 'pc-1.0' and 'pc-1.2' machine types
There's nothing special about the tests requiring to use very old
machine types. Most usage is cargo-culted from other tests. Switch all
the tests to use 'pc' instead.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:13 +01:00
Peter Krempa
0a810b4a16 testutilsqemu: Remove unused non-x86 fake machine types
For tests with fake capabilities we fill in a bunch of machine types
which the tests might use. For now there's a random collection of
machine types which are not actually used. Purge the unused ones for
non-x86 machines.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:13 +01:00
Peter Krempa
f36ca73940 qemuxml2argvtest: Remove redundant floppy controller tests
The two test cases were added to avoid regressions such as fixed in
17dff35848. Nowadays the code is much simpler and any Q35 machine
will trigger the explicit FDC.

Remove the '2.11' machine type version and turn the '2.9' version into a
generic q35 machine.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:13 +01:00
Peter Krempa
2168b584a8 qemuDomainNeedsFDC: Simplify and improve checking if a machine needs FDC
Commit c7f3a1f787 turned qemuDomainMachineNeedsFDC() effectively into
qemuDomainIsQ35. Use it instead as it also matches the non-canonicalized
'q35'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:13 +01:00
Peter Krempa
dc5fd559eb qemuProcessPrepareQEMUCaps: Don't clear QEMU_CAPS_CHARDEV_FD_PASS_COMMANDLINE
All the fd-passing setup of chardevs which this hack meant to disable
was moved to the host-preparation phase which is skipped for formatting
of non-real commandlines.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:13 +01:00
Ani Sinha
a85f0095f2 change return type of virURIParamAppend() to void type
virURIParamAppend() unconditionally returns 0. Simplify and make the return type
as void type.

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 08:07:04 +01:00
Andrea Bolognani
058d540bf6 NEWS: Fix indentation
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2022-01-07 08:03:28 +01:00
Vineeth Pillai
dfb5574df6 ch_monitor: Get nicindexes in prep for cgroup mgmt
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Vineeth Pillai
df6d4ff4d2 ch_driver: domainGetVcpuPinInfo and nodeGetCPUMap
Add domainGetVcpuPinInfo and nodeGetCPUMap callbacks to ch driver

Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Praveen K Paladugu
cfe0e657e1 ch_driver, ch_domain: vcpu info getter callbacks
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Vineeth Pillai
bfa2da4ca9 ch_domain: add methods to manage private vcpu data
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Vineeth Pillai
326a4ed2cb ch_domain: add virCHDomainGetMonitor helper method
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Praveen K Paladugu
d73852c499 util: Helper functions to get process info
Move qemuGetProcessInfo and qemuGetSchedInfo methods to util and share them
with ch driver.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Rohit Kumar
dc33c82817 Add VM info to improve error log message for qemu monitor
This change adds the domain name in the error and debug logs during
monitor IO processing so that we may infer which VM experienced
errors such as IO or socket hangup. This may help in debugging
monitor IO errors.

Signed-off-by: Rohit Kumar <rohit.kumar3@nutanix.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-01-06 14:13:14 +01:00
Ani Sinha
f7b59a92db qemu: agent: remove all code around disabled DEBUG_IO/DEBUG_RAW_IO definitions
DEBUG_IO and DEBUG_RAW_IO are disabled and hence the code #defined under them
are useless. Remove them.

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-01-06 14:13:14 +01:00
Peter Krempa
e0291ea028 qemu: monitor: Remove disabled debug infrastructure
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
2022-01-06 14:13:14 +01:00
Michal Privoznik
7d9a7fdcd4 Account for fact that virDomainDeviceDefCopy() does an inactive copy
In a few places (e.g. device attach/detach/update) we are given a
device XML, parse it but then need a copy of parsed data so that
the original can be passed to function handling the request over
inactive XML and the copy is then passed to function handling the
operation over live XML. Note, both functions consume passed
device on success, hence the need for copy.

The problem is in combination of how the copy is obtained and
where is passed. The copy is done by calling
virDomainDeviceDefCopy() which does only inactive copy, i.e. no
live information is copied over (e.g. no aliases).

Then, this copy (inactive XML effectively) is passed to function
handling live part of the operation (e.g.
qemuDomainUpdateDeviceLive()) and the definition containing all
the juicy, live bits is passed to function handling inactive part
of the operation (e.g. qemuDomainUpdateDeviceConfig()).

This is rather incorrect, and XML copies should be passed to
their respective functions.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2036895
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2022-01-06 12:30:04 +01:00
Ján Tomko
2a9264b8b2 util: fix prototype of virDaemonSetupLogging
The commit that added error checking to this function
forgot to adjust the WIN32 stub.

Fixes: a873924e36
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2022-01-05 16:32:28 +01:00
Martin Kletzander
cfb67c8cf4 Do not print error in remote_daemon.c:main
There is no need to do that since both fallible functions do that already.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:41 +01:00
Martin Kletzander
9b652d5841 Dispatch error in virInitialize
Callers that already do this anyway can be cleaned up thanks to this and the one
that does not (daemon startup) gains the benefit of the error being printed to
standard error output changing:

LIBVIRT_LOG_OUTPUTS=1:invalid libvirtd
/home/nert/dev/libvirt/upstream/build/src/libvirtd: initialisation failed

into:

LIBVIRT_LOG_OUTPUTS=1:invalid libvirtd
libvirt:  error : invalid argument: Invalid destination 'invalid' for output '1:invalid'
/home/nert/dev/libvirt/upstream/build/src/libvirtd: initialisation failed

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:40 +01:00
Martin Kletzander
9f6749dea0 util: Check for errors in virLogSetFromEnv
And make callers check the return value as well.  This helps error out early for
invalid environment variables.

That is desirable because it could lead to deadlocks.  This can happen when
resetting logging after fork() reports translated errors because gettext
functions are not reentrant.  Well, it is not limited to resetting logging after
fork(), it can be any translation at that phase, but parsing environment
variables is easy to make fail on purpose to show the result, it can also happen
just due to a typo.

Before this commit it is possible to deadlock the daemon on startup
with something like:

LIBVIRT_LOG_FILTERS='1:*' LIBVIRT_LOG_OUTPUTS=1:stdout libvirtd

where filters are used to enable more logging and hence make the race less rare
and outputs are set to invalid

Combined with the previous patches this changes
the following from:

...
<deadlock>

to:

...
libvirtd: initialisation failed

The error message is improved in future commits and is also possible thanks to
this patch.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:40 +01:00
Martin Kletzander
a873924e36 Exit on errors from virDaemonSetupLogging
This prevents starting any daemons with improper logging settings.  This is
desirable on its own, but will be even more beneficial when more functions start
reporting errors and failing on them, coming up in following patches

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:39 +01:00
Martin Kletzander
b863085493 util: Initialize virLogMutex statically
The only difference is that we are not going to be guaranteed that the mutex is
normal (as opposed to recursive, although there is no system known to me that
would default to recursive mutexes), but that was done only to find occasional
errors (during runtime, back in 2010, commit 336fd879c0).  Functions using
this mutex are mostly stable and unchanging, and it makes the virLogOnceInit()
function only return 0 (or possibly abort in glib calls).  On top of that we can
assume that the virLogMutex is always initialized which enables us to be more
consistent in some early error reporting.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:39 +01:00
Martin Kletzander
ed5a93e4ed util: Report error in virLogSetDefaultOutputToFile
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:38 +01:00
Martin Kletzander
47fb83f8b7 util: Do not hide errors in virLogSetDefaultOutput
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:38 +01:00
Martin Kletzander
3e54152d9f util: Report error in virLogParseDefaultPriority
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:37 +01:00
Jim Fehlig
c4b3e26d67 NEWS: Mention new virDomainSetLaunchSecurityState API
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Jim Fehlig
3fc65ae9e2 tools: Add domsetlaunchsecstate virsh command
After attesting a domain with the help of domlaunchsecinfo,
domsetlaunchsecstate can be used to set a secret in the guest
domain's memory prior to running the vcpus.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Jim Fehlig
00f324bc3c qemu: Implement the virDomainSetLaunchSecurityState API
Set a launch secret in guest memory using the sev-inject-launch-secret
QMP API. Only supported with qemu >= 6.0.0 and SEV-enabled guests in a
paused state.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Jim Fehlig
a26d99c2b1 qemu_capabilities: Introduce QEMU_CAPS_SEV_INJECT_LAUNCH_SECRET
The 'sev-inject-launch-secret' qmp command is only available with
qemu >= 6.0.0. Introduce a capability for sev-inject-launch-secret.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Jim Fehlig
dd6321a2fb remote: Add RPC support for the virDomainSetLaunchSecurityState API
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Jim Fehlig
d46142a2f9 libvirt: Introduce virDomainSetLaunchSecurityState public API
This API allows setting a launch secret within a guests's memory. The
launch secret is created by the guest owner after retrieving and
verifying the launch measurement with virDomainGetLaunchSecurityInfo.

The API uses virTypedParameter for input, allowing it to be expanded
to support other confidential computing technologies. In the case of
SEV, a basic guest launch workflow is described in the SEV API spec
in section "1.3.1 Launch"

https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Andrea Bolognani
4c7316b2f0 ci: Refresh configuration
Notable changes:

  * drop parted and XFS headers.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2022-01-04 18:08:28 +01:00
Jim Fehlig
be3f6fefba NEWS: Add entries for libxl changes during 8.0.0 development
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-04 09:46:35 -07:00
Michal Privoznik
e429c062cb virnetdevopenvswitch: Fix 'burst' value passed to ovs-vsctl
As described in the previous commit, the units for 'burst' are
kibibytes and not kilobytes, i.e. multiples of 1024 not 1000.
Therefore, when constructing ovs-vsctl command the burst value
must be multiplied by 1024 and not just 1000. And because ovs
expects this size in bits the value has to be multiplied again by
8.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1510237#c26
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-01-04 16:40:10 +01:00
Michal Privoznik
f3b422d9cc docs: Clarify 'burst' units for QoS
The burst attribute for bandwidth specifies how much bytes can be
transmitted in a single burst. Therefore, the unit is in
multiples of 1024 (thus kibibytes) not SI-like 1000. It has
always been like that.

The 'tc' output is still confusing though, for instance:

  # tc class add dev $DEV parent 1: classid 1:1 htb rate 1000kbps burst 2097152
  # tc class show dev vnet2
  class htb 1:1 root rate 8Mbit ceil 8Mbit burst 2Mb cburst 1600b

Please note that 2097152 = 2*1024*1024. Even the man page is
confusing. From tc(8):

  kb or k        Kilobytes
  mb or m        Megabytes

But I guess this is because 'tc' predates IEC standardisation of
binary multiples and thus can't change without breaking scripts
parsing its output.

And while at it, adjust _virNetDevBandwidthRate struct member
description, to make it obvious which members use SI/IEC units.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-01-04 16:40:10 +01:00
Michal Privoznik
d2a9c24b84 domain_conf: Use virXMLFormatElement*() more in virDomainDefFormatFeatures()
There are few places in virDomainDefFormatFeatures() which can
use virXMLFormatElement() or virXMLFormatElementEmpty() instead
of writing directly into the output buffer.

After this, there are still a lot of places left, but that is
much bigger task.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-04 16:40:10 +01:00
Michal Privoznik
51f7f7d109 qemuxml2xmloutdata: Turn kvm-features*.xml into symlinks
There's no real difference between input and output XMLs for
kvm-features and kvm-features-off test cases. Do what we usually
do in such case - turn the output file into a symlink of the
input file.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-04 16:40:10 +01:00
Andrea Bolognani
8c2d9794dc docs: Move font definitions with other CSS files
We have a subdirectory specifically for CSS files now, so it makes
sense to have the stylesheet that defines fonts to be there too.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 15:47:28 +01:00