Move the filtering code into virHostCPUGetCPUIDFilterVolatile.
This also removes a safe but very questionable reuse of 'i' iterator in
the both the top level and nested loop. It's safe for now as the to
level loop will not iterate any more in the current state.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The commit adding the code fetching host CPU flags via the
KVM_GET_SUPPORTED_CPUID didn't describe at all why such an alghorithm is
needed.
Add a comment from the documentation outlining how the userspace
function is expected to allocate memory here.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The function returns 'virCPUData' but doesn't do two important steps
which other code takes:
1) leaves with all-zero data is stripped from the XML output
2) the data is expected to be sorted in the array
Now the 'virHostCPUGetCPUID' helper returns both all 0 leaves and
doesn't order them as we expect.
If this is then used in conjunction with 'virCPUx86DataIsIdentical'
together with data which made a roundtrip to XML and back the result
will be always false even if the data itself is identical.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Without this it's impossible to debug scenarios when this function
returns a mismatch but the formatted data looks identical.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
In a recent commit I've attempted to rewrite the XML generator to use
virXMLFormatElement instead of manual steps. Unfortunately the commit
had multiple problems resulting in a garbled XML:
1) in certain cases the wrong buffer was used resulting in misplaced
snippets
2) the child element buffer was improperly set up so sub-elements were
not indented
This resulted in following XML being generated:
$ virsh blockcopy cd vda /tmp/test.copy --raw --print-xml
type='file''/tmp/test.copy'/>
<driver type='raw'/>
<disk>
<source file=</disk>
To fix this we'll generate the '<source>' element in one go and use the
proper buffer for it and other places.
Fixes: 1cd95f858ab83f2baab0e35070d00766bb06ce3a
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2078274
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Useful for knowing how to construct the XML and debugging.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Extend the 'disk-cdrom-network' to cover this instance. This also
validates that the parameters of -blockdev conform to the QAPI schema.
Also add the xml2xml variant of this test case.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The code already handles this so we just need to allow it in the schema.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Separate it so that further addition can target 'ftp' only.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The iSCSI hostdev code doesn't require the check for the empty drive
and the check for the protocol because those are already guaranteed at
that point.
In qemuDomainSecretStorageSourcePrepare we don't need to check the
network disk type either as it's now guaranteed by the definition
validator.
Thus both callers can simply check whether src->auth is present and the
helper can be removed.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Since we are already checking that the encryption format can be only
_LUKS and _LUKS2 this wrapper function doesn't make much sense any more.
The only one caller can do this internally.
The move of virStorageSourceIsEmpty is correct as there are no secrets
to setup if the disk is empty anyways.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The validation should be the only point to decide whether authentication
is supported for a disk backing protocol. The rest of the code can then
simply always enable it.
This also fixes a crash when authentication is requested e.g. for a HTTP
backed disk as the blockdev props formatter expects that it was already
set up.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Only certain disk protocols support authentication. Add validation for
this field.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Remove the impossible error message about the 'qcow2' encryption format
not being supported. We validated before that it can't happen.
Additionally the code can be simplified by removing error handling from
impossible code paths as the last resort is virJSONValueCreate not
allowing NULL argument with the 's:' modifier.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reject encryption requests for unsupported image format types.
Add negative test for the rejected cases as well as modify
'disk-network-rbd-encryption' case to validate that with librbd
encryption the format doesn't matter.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Move the two ad-hoc checks below into the block which already tests
whether encryption is requested.
If we first disallow the old-style qcow2 encryption we can remove a
whole block of validation later on.
Also the capability check for qcow2+luks can be simplified by moving it
into the same block.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Most of the anchors that were forward ported to formatdomain.rst when it
was converted are not actually referenced by our documentation. Since
it's now quite some time after the conversion was done we can remove
them.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Modify the gitlab templates linking to it and remove the raw HTML.
Note that also the default template needs to be changed directly in
gitlab.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Modify the name of the 'IRC discussion' paragraph to just 'IRC' so that
the links keep working and remove the raw HTML anchors.
Adjustment is needed for documents which were using the '#email' anchor
which has now become '#mailing-lists'.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The 'codeofconduct' anchor is unused as of 523f2de82e0f523bd552947 .
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Avoid the table and add a brief description of the transport protocol.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Add a new heading 'Local hypervisor URIs' and move the sections about
'qemu', 'xen' and 'test' under it.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Mention the legacy 'xen' string usage under the Xen hypervisor uri
section.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
We now have an paragraph about default URI choice if the passed pointer
is NULL. Add the two related bits from the 'NULL and empty string URIs'
from the legacy section to the current one and remove the old stuff.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Adjust links in the process.
Note that the conversion to the table is temporary and upcoming patch
will modify it for better readability.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The paragraph talks about lack of fine grained access control which was
already added a long time ago.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
When the setup of TLS certs was originally split out of
'docs/remote.html' ( df99aa311a33e87d4 ) links refering to it were not
fixed.
Adjust them to point to the correct document.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The anchor name was not fixed when the 'formatstorage' document was
converted to rst.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
There should be no empty lines between a docstring comment and
the symbol it documents.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
There should be no empty lines between the Since tag in a
docstring comment and the end marker.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
The API xml description file generator doesn't properly handle cases
when there's either a single comment or mixed use of pre- and post-
comments explaining the values.
Modify the comments to avoid the problem and also append version
information for the exposed values.
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Similarly to previous commits but with the targeting libvirt-common
in a batch.
Either create or append to existing docstring, the version (git tag)
that a given typedef, enum value, macro or function was introduced
in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given function was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given function was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given typedef was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given typedef was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given macro was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Either create or append to existing docstring, the version (git tag)
that a given enum value was introduced in the format:
Since: v1.2.3
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
virConnectAuthPtrDefault is the only variable that we export and
with the documentation being at the C file, it makes harder to find
it.
With this patch, the documentation of this variable can be found by
those who look at the header file for guidance plus, it will also be
included in the XML API, as the followup patch will fix apibuild.py
to store what is documented in the header file for this variable.
Note that the apibuild, does not do the same with .c files. It'd
require adding it for (parsing) recursion, similar to what is done
for functions. Considering the pros/cons, seems more reasonable to
move the docstring to the header file instead.
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
scripts/apibuild.py does not handle well enum's with comments
between values. The outcome depends on whether the enum value has
its own docstring or not and if there is spaces between the enum
values or not.
Either way, virConnectListAllNodeDeviceFlags documentation is
explicit that this enum is about filtering node devices. We can move
the information that it is either by "capability" or "active" state
to the block of comment above.
Using git diff --word-diff to show the fixed ouput xml (redacted).
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_ACTIVE' ... [-info='Inactive-]{+info='Active+} devices'/>
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_AP_CARD' ... [-info='vDPA-]{+info='s390 AP Card+} device'/>
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_AP_MATRIX' ... [-Queue'/>-]{+Matrix'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_AP_QUEUE' ... [-Card device'/>-]{+Queue'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_CCW_DEV' ... [-info='Mediated-]{+info='CCW+} device'/>
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_CSS_DEV' ... [-info='CCW-]{+info='CSS+} device'/>
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_DRM' ... [-info='Capable of scsi_generic'/>-]{+info='DRM device'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_FC_HOST' ... [-info='Storage device'/>-]{+info='FC Host Bus Adapter'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_MDEV' ... [-info='Capable of mediated devices'/>-]{+info='Mediated device'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_MDEV_TYPES' ... [-info='DRM device'/>-]{+info='Capable of mediated devices'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_NET' ... [-info='USB interface'/>-]{+info='Network device'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_PCI_DEV' ... [-info='System capability'/>-]{+info='PCI device'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_SCSI' ... [-Target'/>-]{+device'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_SCSI_GENERIC' ... [-vport'/>-]{+scsi_generic'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_SCSI_HOST' ... [-info='Network device'/>-]{+info='SCSI Host Bus Adapter'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_SCSI_TARGET' ... [-Host Bus Adapter'/>-]{+Target'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_STORAGE' ... [-info='SCSI-]{+info='Storage+} device'/>
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_SYSTEM' ... [-info='filter the devices by cap type'/>-]{+info='System capability'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_USB_DEV' ... [-info='PCI-]{+info='USB+} device'/>
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_USB_INTERFACE' ... [-device'/>-]{+interface'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_VDPA' ... [-info='CSS-]{+info='vDPA+} device'/>
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_VPD' ... [-info='s390 AP Matrix'/>-]{+info='Device with VPD'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_CAP_VPORTS' ... [-info='FC Host Bus Adapter'/>-]{+info='Capable of vport'/>+}
<enum name='VIR_CONNECT_LIST_NODE_DEVICES_INACTIVE' ... [-info='Device with VPD filter the devices by active state'/>-]{+info='Inactive devices'/>+}
Signed-off-by: Victor Toso <victortoso@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This is a quite an old (created at 2016) patch fixing an issue for at
that time contemporary Fedora 23. virsh reboot returns success (yet
after hanging for a while), VM is rebooted sucessfully too but then
shutdown from inside guest causes reboot and not shutdown.
VM has agent installed. So virsh reboot first tries to reboot VM thru
the agent. The agent calls 'shutdown -r' command. Typically it returns
instantly but on this distro for some reason it takes time. I did not
investigate the cause but the command waits in dbus client code,
probably waits for reply. The libvirt waits 60s for agent command to
execute and then errors out. Next reboot API falls back to ACPI shutdown
which returns successfully thus the reboot command return success too.
Yet shutdown command in guest eventually successfull and guest is truly
rebooted. So libvirt does not receive SHUTDOWN event and fake reboot
flag which is armed on fallback path stays armed. Thus next shutdown
from guest leads to reboot.
The issue has 100% repro on Fedora 23. On modern distros I can't
reproduce it at all. Shutdown command is asynchronous and returns
immediately even if I start some service that ignores TERM signal and
thus shutdown procedure waits for 90s (if I not mistaken) before sending
KILL.
Yet I guess it is nice to have this patch to be more robust.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Nikolay Shirokovskiy <nikolay.shirokovskiy@openvz.org>
When <qemu:override> is the only usage of the qemu namespace the entire
section is mistakenly removed. Add check for use count.
Signed-off-by: Justin Gatzen <justin.gatzen@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The point of qemu_processpriv.h file is to allow a small subset
of functions to be called from test suite but not elsewhere. This
is implemented by requiring everybody that includes the file to
define a macro. If not done so, an error is printed at compile
time. However, this error message contains a typo because it
mentions qemu_process_priv.h while the file is called
qemu_processpriv.h.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
While parts of QEMU's CGroup code were moved under hypervisor
agnostic location (src/hypervisor/) a typo sneaked in. The
inspiration for virDomainCgroupConnectCgroup() comes from
qemuConnectCgroup(). The former is called upon reconnecting to a
running domain (after daemon restart). While the latter returned
early if the daemon was running unprivileged, the former returns
early if the daemon runs privileged. This is obviously wrong,
because root can set up CGroups.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2075765
Fixes: 788e2b58cb1896f1c25ebbdbde4bafddc5ed4dc9
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Fixes: db16792aa90cab5c9886fc2990ec13fbb20a3fb5
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>