Commit Graph

46828 Commits

Author SHA1 Message Date
Tim Wiederhake
ad5a9fbb97 cputestdata: Fix test data for EPYC 7502
Commit 5c17a7ba41 introduced a new feature (ibrs) but did not update
existing cputestdata.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-10-19 14:25:57 +02:00
Jim Fehlig
124ca008e8 NEWS: Mention new channel and redirdev devices in domcaps
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-10-18 07:28:40 -06:00
Jim Fehlig
71d9836ca1 conf: Add channel devices to domain capabilities
As qemu becomes more modularized, it is important for libvirt to advertise
availability of the modularized functionality through capabilities. This
change adds channel devices to domain capabilities, allowing clients such
as virt-install to avoid using spicevmc channel devices when not supported
by the target qemu.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-10-17 11:39:00 -06:00
Ján Tomko
2cf14c311b docs: formatdomain: fix since tag for TPM PCR banks
Fixes: a5bbe1a8b6
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2022-10-17 14:27:21 +02:00
Peter Krempa
e8213fb70a qemu: validate: Clarify error messages for unsupported 3d video acceleration
The error message doesn't really convey the information that 3d
acceleration works only for the 'virtio' model and similarly the same
error would be reported if qemu doesn't support acceleration, which is
hard to debug.

Split and clarify the errors.

Noticed in https://gitlab.com/libvirt/libvirt/-/issues/388

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2022-10-17 14:13:24 +02:00
Jiang Jiacheng
c341df33ac capabilities: use g_autofree in capabilities.c
Use g_autofree in capabilities.c for some pointers still using manual cleanup,
and remove unnecessary cleanup.

Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-10-17 10:56:38 +02:00
ttxine
c90ee1441f virvhba.c: use g_autofree
Change strings to use g_autofree.

Signed-off-by: Maxim Kostin <ttxinee@outlook.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-10-17 10:52:11 +02:00
Michal Privoznik
babcbf2d5c qemu: Create base hugepages path on memory hotplug
Users can play all sorts of games with mount points. For
instance, they can unmount and mount back a hugetlbfs and only
after that attempt to hotplug memory.

This has an unfortunate consequence though. During memory
hotplug, when qemuProcessBuildDestroyMemoryPaths() is called the
path is created with very restrictive mode (0700) because under
the hood g_mkdir_with_parents(path, 0700) is called.

Therefore, create the driver generic portion of the path
separately.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2134009
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-10-17 08:40:58 +02:00
Michal Privoznik
72adf3b717 qemu: Separate out hugepages basedir making
During its initialization, the QEMU driver iterates over
hugetlbfs mount points, creating the driver specific path in each
of them ($prefix/libvirt/qemu). This path is created with very
wide mode (0777) because per-domain directories are then created
under it.

Separate this code into a function so that it can be re-used.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-10-17 08:40:18 +02:00
Jim Fehlig
e7d6f2d958 qemu: Use command line to properly check for spice support
domcapabilities reports spice graphics support even against a minimal
qemu installation without spice modules. Checking for 'query-spice'
in the list of qmp commands supported by qemu is not sufficient to
determine spice support. Checking the command line produces acurrate
results.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-10-14 16:10:11 -06:00
Jim Fehlig
4e13cc4adb conf: Add USB redirect devices to domain capabilities
As qemu becomes more modularized, it is important for libvirt to advertise
availability of the modularized functionality through capabilities. This
change adds USB redirect devices to domain capabilities, allowing clients
such as virt-install to avoid using redirdev devices when not supported
by the target qemu.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-10-14 16:10:01 -06:00
Peter Krempa
ad5c4be09f schema: Re-structure schema for <filesystem> to avoid broken validation
The validation of a '<filesystem type='mount'>' device fails if the
elements inside are not ordered in the order in the schema despite using
<interleave>. This is a bug in libxml2's validator as removing the
'<optional>' property from the definition of the 'type' attribute with
'mount' variable fixes the problem.

I've reported it as another instance of a seemingly related issue:

  https://gitlab.gnome.org/GNOME/libxml2/-/issues/131

Meanwhile libvirt can re-arrange the schema by extracting the common
bits into a new definition and referencing them from each of the choice
groups explicitly.

Resolves: https://gitlab.com/libvirt/libvirt/-/issues/392
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-10-14 09:40:56 +02:00
Daniel Henrique Barboza
06ebad7c78 tests: refactor pseries features parse failure tests
The qemuxml2argvtest pseries-feature parse failure tests uses a symlink
to the pseries-features.xml test domain and control which feature it is
supposed to fail by excluding it from the capabilities list. The
advantage of this approach is that the same XML can be used in multiple
tests.

One downside is that any new pseries capability must be declared in all
existent tests, otherwise all other tests can break if this new
capability happens to be validated early in qemu_validate.c. Any new
parse_error test must declare all other existent capabilities.

Another downside is the fact that we're testing fairly improbable
scenarios: all pseries capabilities being tested here were introduced by
the same QEMU version, 4.2.0, at least as far as libvirt is aware of.
This means that it's no possible to have a scenario where, for example,
ccf-assist is not present but cfpc is. And last, but not the least, it's
getting in the way of our effort to convert all pseries tests to not use
explicit capabilities.

Changing all these tests to use DO_TEST_PARSE_ERROR_NOCAPS() will allow
us to test exactly what we want to test, which is the parse error given
for each feature if the binary does not have support for it. The XML
being used for each test can be simplified to just declare a single
feature. In the end we'll end up with more XML lines, but less
complexity inside qemuxml2argvtest.c.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-10-13 16:28:01 -03:00
Daniel Henrique Barboza
8ff73d22c7 tests: change qemuxml2argv pseries tests to TEST_CAPS_LATEST
Eliminate most of the pseries tests that are using explicit qemu caps
instead of CAPS_LATEST. The remaining tests will be handled in the next
patch.

The changes made are trivial: rename the .args/.err files to
ppc64-latest.(args/err) and do the required changes to match the newest
capabilities.

A notable expection were tests pseries-console-native,
pseries-serial-compat and pseries-serial+console-native. These are
aliases of the pseries-serial-native tests.  In this case we needed to
re-create the symlink accordingly.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-10-13 16:27:16 -03:00
Daniel Henrique Barboza
41c685292b tests: qemucapabilities: bump ppc64 caps with qemu 7.1.0
No significant changes from the 7.0.0 capabilities.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2022-10-13 16:26:58 -03:00
Peter Krempa
bb0bec4827 ci: Install python RPMs from libvirt/libvirt-python CI artifacts
After addition of the new libvirt-client-qemu sub-package which is using
python bindings (thus creating a circular dependency between the libvirt
and libvirt-python projects) the integration jobs fail with:

  Error:
   Problem: conflicting requests
    - nothing provides python3-libvirt >= 8.9.0-1.el9 needed by libvirt-client-qemu-8.9.0-1.el9.x86_64

The libvirt-python project now provides the RPMs in artifacts:
 https://gitlab.com/libvirt/libvirt-python/-/merge_requests/96

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-10-13 12:23:01 +02:00
Jens Petersen
2fb71217f9 spec: change gettext requires to gettext-runtime for F37
See https://fedoraproject.org/wiki/Changes/GettextRuntimeSubpackage

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2022-10-12 10:08:25 -04:00
Jiang Jiacheng
1241670abd qemu: Init address before qemuProcessShutdownOrReboot during reconnect process
When libvirt is restarted, the qemuProcessShutdownReboot command is
executed to restore the VM that is being restarted. In this case, a
coredump may occur when we hotplug a pci device since the PCI address
hasn't be inited yet. Moving the initialization of address to the front
of qemuProcessShutdownOrReboot to ensure that we have the address inited.

Signed-off-by: Jiang Jiacheng <jiangjiacheng@huawei.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-10-12 14:47:55 +02:00
Pierre LIBEAU
f30843142a qemu: Fix race condition when detaching a device
If QEMU replies to device_del command with "DeviceNotFound"
error, then libvirt doesn't clean the device from the live
configuration.

This is because qemuMonitorDelDevice() returns -2 to
qemuDomainDeleteDevice() and instead of calling
qemuDomainRemoveDevice() the qemuDomainDetachDeviceLive() jumps
right onto cleanup label.

Resolves: https://gitlab.com/libvirt/libvirt/-/issues/359
Signed-off-by: Pierre LIBEAU <pierre.libeau@corp.ovh.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-10-12 14:08:42 +02:00
Zhenyu Zhang
c4dcec1318 cpu_map: Introduce Neoverse N1/N2/V1
Add Neoverse N1/N2/V1 as a supported cpu model.

Signed-off-by: Zhenyu Zhang <zhenyzha@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-10-12 10:43:19 +02:00
Peter Krempa
2f856d617b ci: potfile: Add 'variables' to definition
The 'potfile' job is lacking the 'variables' section which defines the
'NAME' variable used by the 'image' property resulting in the 'potfile'
job failing with:

 Pulling docker image registry.gitlab.com/libvirt/libvirt/ci-:latest ...
 WARNING: Failed to pull image with policy "always": invalid reference format (manager.go:235:0s)
 ERROR: Job failed: failed to pull image "registry.gitlab.com/libvirt/libvirt/ci-:latest" with specified policies [always]: invalid reference format (manager.go:235:0s)

Fixes: 491d918502
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-11 10:18:04 +02:00
Michal Privoznik
68bf647788 qemu: Avoid memory leak in virQEMUCapsCPUDefsToModels
The @vendor variable inside virQEMUCapsCPUDefsToModels() is
allocated, but never freed. But there is actually no need for it
to be allocated, because it merely passes a retval of
virCPUGetVendorForModel() (which returns a const string) to
virDomainCapsCPUModelsAdd() (which ten accepts the argument as
const string). Therefore, drop the g_strdup() call and fix the
type of the variable.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2022-10-10 15:47:54 +02:00
Michal Privoznik
14573868ea meson: Bump minimal required meson version
Bump the minimal required version to 0.56.0. Looking into our CI
this is the oldest version we install.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 15:06:09 +02:00
Michal Privoznik
968479adcf Replace dep.get_pkgconfig_variable() with dep.get_variable(pkgconfig:)
The get_pkgconfig_variable() method is deprecated in 0.56.0 and
we're recommended to use get_variable(pkgconfig : ...) instead.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 15:06:09 +02:00
Michal Privoznik
27df3522e6 meson: Replace external_program.path() with external_program.full_path()
The path() method is deprecated in 0.55.0 and we're recommended
to use full_path() instead. Interestingly, we were already doing
do in couple of places, but not all of them.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 15:06:09 +02:00
Michal Privoznik
3395c35f2f meson: Replace meson.source_root() with meson.project_source_root()
The source_root() method is deprecated in 0.56.0 and we're
recommended to use project_source_root() instead.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 15:06:09 +02:00
Michal Privoznik
5ecdcf8541 meson: Replace meson.build_root() with meson.project_build_root()
The build_root() method is deprecated in 0.56.0 and we're
recommended to use project_build_root() instead.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 15:06:09 +02:00
Jiri Denemark
190486519a NEWS: Document CPU reporting improvements
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
ce8d025be8 virsh: Add completer for hypervisor-cpu-baseline --model
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
268a2708c4 virsh: Add --model option for hypervisor-cpu-baseline
This option can be used as a shortcut for creating a single XML with
just a CPU model name and no features:

    $ virsh hypervisor-cpu-baseline --model Skylake-Server
    <cpu mode='custom' match='exact'>
      <model fallback='forbid'>Skylake-Server</model>
      <feature policy='disable' name='avx512f'/>
      <feature policy='disable' name='avx512dq'/>
      <feature policy='disable' name='clwb'/>
      <feature policy='disable' name='avx512cd'/>
      <feature policy='disable' name='avx512bw'/>
      <feature policy='disable' name='avx512vl'/>
      <feature policy='disable' name='pku'/>
    </cpu>

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
b0ff3af412 qemu_capabilities: Translate CPU blockers
Since commit "cpu_x86: Disable blockers from unusable CPU models"
(v3.8.0-99-g9c9620af1d) we explicitly disable CPU features reported by
QEMU as usability blockers for a particular CPU model when creating
baseline or host-model CPU definition. When QEMU changed canonical names
for some features (mostly those with '_' in their names), we forgot to
translate the blocker lists to names used by libvirt and the renamed
features would no longer be explicitly disabled in the created CPU model
even if they were reported as blockers by QEMU.

For example, on a host where EPYC CPU model has the following blockers

    <blocker name='sha-ni'/>
    <blocker name='mmxext'/>
    <blocker name='fxsr-opt'/>
    <blocker name='cr8legacy'/>
    <blocker name='sse4a'/>
    <blocker name='misalignsse'/>
    <blocker name='osvw'/>

we would fail to disable 'fxsr-opt':

    <cpu mode='custom' match='exact'>
      <model fallback='forbid'>EPYC</model>
      <feature policy='disable' name='sha-ni'/>
      <feature policy='disable' name='mmxext'/>
      <feature policy='disable' name='cr8legacy'/>
      <feature policy='disable' name='sse4a'/>
      <feature policy='disable' name='misalignsse'/>
      <feature policy='disable' name='osvw'/>
      <feature policy='disable' name='monitor'/>
    </cpu>

The 'monitor' feature is disabled even though it is not reported as a
blocker by QEMU because libvirt's definition of EPYC includes the
feature while it is missing in EPYC definition in QEMU.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
b9db1ec17d Document specifics of virConnectBaselineHypervisorCPU
The API can be used to get usability blockers for an unusable CPU model,
which is not obvious. Let's explicitly document this behavior as it is
now mentioned in the documentation of domain capabilities XML.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
d4975a98b6 docs: Enhance documentation of CPU models in domain caps
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
ed51d2b606 cpu_arm: Don't implement virCPUGetVendorForModel
This patch is effectively a no-op, but I wanted to initialize
.getVendorForModel explicitly as implementing this function does not
even make sense on ARM. The CPU models in our CPU map are only used for
describing host CPU in capabilities XML and cannot be used for guest CPU
definition in domain XML anyway. The CPU models listed as supported in
domain capabilities XML are just passed through from QEMU.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
e8efe42409 cpu_ppc64: Implement virCPUGetVendorForModel
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
311e21ad32 cpu_x86: Implement virCPUGetVendorForModel
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
bbd2d9cb40 Introduce virCPUGetVendorForModel and use it in QEMU driver
So far QEMU driver does not get CPU model vendor from QEMU directly and
it has to ask the CPU driver for the info stored in CPU map.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:43 +02:00
Jiri Denemark
2784a83907 domain_capabilities: Add vendor attribute for CPU models
Even though several CPU models from various vendors are reported as
usable on a given host, user may still want to use only those that match
the host vendor. Currently the only place where users can check the
vendor of each CPU model is our CPU map, which is considered internal
and users should not really be using it directly. So to allow for such
filtering we now advertise the vendor of each CPU model in domain
capabilities.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:42 +02:00
Jiri Denemark
6f927dce93 qemu: Do not pass qemuCaps to virQEMUCapsCPUFeature{To,From}QEMU
The only part of qemuCaps both functions are interested in is the CPU
architecture. Changing them to expect just virArch makes the functions
more reusable.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:42 +02:00
Jiri Denemark
0cc8e87520 cpu_ppc64: Avoid repeated loading of CPU map
The ppc64 CPU code still has to load and parse the CPU map everytime it
needs to look at it, which can make some operations pretty slow. Other
archs already switched to loading the CPU map once and keeping the
parsed structure in memory. Let's switch ppc64 as well.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:42 +02:00
Jiri Denemark
f0554d88fb conf: virDomainCapsCPUModelsAdd never fails
Since the function always returns 0, we can just return void and make
callers simpler.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-10 14:31:42 +02:00
Michal Privoznik
8ef8d9e21b virNetServerProgramDispatchCall: Avoid calling xdr_free(_, NULL)
In recent commit of v8.8.0-41-g41eb0f446c I've suggested during
review to put both xdr_free() calls under error label, assuming
that xdr_free() accepts NULL and thus is a NOP when the control
jumps onto the label even before either of @arg or @ret was
allocated. Well, turns out, xdr_free() does no accept NULL and
thus we have to guard its call. But since @dispatcher is already
set by the time either of the variables is allocated, we can
replace the condition from 'if (dispatcher)' to 'if (arg)' and
'if (ret)'.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-10-07 17:15:49 +02:00
Daniel P. Berrangé
031878c236 src: warn if client hits the max requests limit
Since they are simply normal RPC messages, the keep alive packets are
subject to the "max_client_requests" limit just like any API calls.

Thus, if a client hits the 'max_client_requests' limit and all the
pending API calls take a long time to complete, it may result in
keep-alives firing and dropping the client connection.

This has been seen by a number of users with the default value of
max_client_requests=5, by issuing 5 concurrent live migration
operations.

By printing a warning message when this happens, admins will be alerted
to the fact that their active clients are exceeding the default client
requests limit.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-10-07 14:47:25 +01:00
Daniel P. Berrangé
83c6d80abc tools: add virt-qemu-qmp-proxy for proxying QMP via libvirt QEMU guests
Libvirt provides QMP passthrough APIs for the QEMU driver and these are
exposed in virsh. It is not especially pleasant, however, using the raw
QMP JSON syntax. QEMU has a tool 'qmp-shell' which can speak QMP and
exposes a human friendly interactive shell. It is not possible to use
this with libvirt managed guest, however, since only one client can
attach to the QMP socket at any point in time. While it would be
possible to configure a second QMP socket for a VM, it may not be
an known requirement at the time the guest is provisioned.

The virt-qmp-proxy tool aims to solve this problem. It opens a UNIX
socket and listens for incoming client connections, speaking QMP on
the connected socket. It will forward any QMP commands received onto
the running libvirt QEMU guest, and forward any replies back to the
QMP client. It will also forward back events.

  $ virsh start demo
  $ virt-qmp-proxy demo demo.qmp &
  $ qmp-shell demo.qmp
  Welcome to the QMP low-level shell!
  Connected to QEMU 6.2.0

  (QEMU) query-kvm
  {
      "return": {
          "enabled": true,
          "present": true
      }
  }

Note this tool of course has the same risks as the raw libvirt
QMP passthrough. It is safe to run query commands to fetch information
but commands which change the QEMU state risk disrupting libvirt's
management of QEMU, potentially resulting in data loss/corruption in
the worst case. Any use of this tool will cause the guest to be marked
as tainted as an warning that it could be in an unexpected state.

Since this tool introduces a python dependency it is not desirable
to include it in any of the existing RPMs in libvirt. This tool is
also QEMU specific, so isn't appropriate to bundle with the generic
tools. Thus a new RPM is introduced 'libvirt-clients-qemu', to
contain additional QEMU specific tools, with extra external deps.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-10-07 14:32:36 +01:00
Daniel P. Berrangé
491d918502 ci: refresh with latest lcitool manifest
This refresh switches the CI for contributors to be triggered by merge
requests. Pushing to a branch in a fork will no longer run CI pipelines,
in order to avoid consuming CI minutes. To regain the original behaviour
contributors can opt-in to a pipeline on push

   git push <remote> -o ci.variable=RUN_PIPELINE=1

This variable can also be set globally on the repository, through the
web UI options Settings -> CI/CD -> Variables, though this is not
recommended. Upstream repo pushes to branches will run CI.

The use of containers has changed in this update, with only the upstream
repo creating containers, in order to avoid consuming contributors'
limited storage quotas. A fork with existing container images may delete
them. Containers will be rebuilt upstream when pushing commits with CI
changes to the default branch. Any other scenario with CI changes will
simply install build pre-requisite packages in a throaway environment,
using the ci/buildenv/ scripts. These scripts may also be used on a
contributor's local machines.

With pipelines triggered by merge requests, it is also now possible to
workaround the inability of contributors to run pipelines if they have
run out of CI quota. A project member can trigger a pipeline from the
merge request, which will run in context of upstream, however, note
this should only be done after reviewing the code for any malicious
CI changes.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-10-06 05:15:54 -04:00
Peter Krempa
a31d427123 util: xml: Remove virXMLParseStringCtxtRoot
Remove the seldom used helper in favor of full virXMLParse.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-06 10:54:25 +02:00
Peter Krempa
e95f681305 test_driver: Make callers of testOpenParse ensure the root element name
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-06 10:54:25 +02:00
Peter Krempa
82b959ad02 security: aa-helper: Use virXMLParse instead of virXMLParseString
Use the helper with more features to validate the root XML element name
instead of open-coding it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-06 10:54:25 +02:00
Peter Krempa
f093022155 conf: savecookie: Remove virSaveCookieParseNode
The function provided just checking of the root XML node name which can
be easily moved into the caller wich doesn't do that already and
checking of the pointers which is trivial. Remove the helper.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-06 10:54:25 +02:00
Peter Krempa
afa2970b7f util: xml: Remove virXMLParseCtxt
Convert the two outstanding uses to virXMLParseFileCtxt as they always
pass a filename and remove the helper macro.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-10-06 10:54:25 +02:00