Although <interface type='ethernet'> has always been able to use an
existing tap device, this is just a coincidence due to the fact that
the same ioctl is used to create a new tap device or get a handle to
an existing device.
Even then, once we have the handle to the device, we still insist on
doing extra setup to it (setting the MAC address and IFF_UP). That
*might* be okay if libvirtd is running as a privileged process, but if
libvirtd is running as an unprivileged user, those attempted
modifications to the tap device will fail (yes, even if the tap is set
to be owned by the user running libvirtd). We could avoid this if we
knew that the device already existed, but as stated above, an existing
device and new device are both accessed in the same manner, and
anyway, we need to preserve existing behavior for those who are
already using pre-existing devices with privileged libvirtd (and
allowing/expecting libvirt to configure the pre-existing device).
In order to cleanly support the idea of using a pre-existing and
pre-configured tap device, this patch introduces a new optional
attribute "managed" for the interface <target> element. This
attribute is only valid for <interface type='ethernet'> (since all
other interface types have mandatory config that doesn't apply in the
case where we expect the tap device to be setup before we
get it). The syntax would look something like this:
<interface type='ethernet'>
<target dev='mytap0' managed='no'/>
...
</interface>
This patch just adds managed to the grammar and parser for <target>,
but has no functionality behind it.
(NB: when managed='no' (the default when not specified is 'yes'), the
target dev is always a name explicitly provided, so we don't
auto-remove it from the config just because it starts with "vnet"
(VIR_NET_GENERATED_TAP_PREFIX); this makes it possible to use the
same pattern of names that libvirt itself uses when it automatically
creates the tap devices.)
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This will simplify addition of another attribute to the <target> element
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This just moves around a few things in qemuInterfaceConnect() with no
functional difference (except that a few failures that would have
previously resulted in a "success" audit log will now properly produce
a "fail" audit). The change is so that adding support for unmanaged
tap/macvtap devices will be more easily reviewable.
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
In virNetDevMacVLanOpen(), The "retries" arg has been removed and the
value hardcoded as 10, since previously the function was only called
from one place, so it was always 10.
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This function returns T if the given name is a macvtap device. This is
determined by 1) getting the ifindex of the device with that name (if
there is one), and 2) checking for existence of /dev/tapXX, where "XX"
is the ifindex learned in (1).
It's also possible to learn this by getting a netlink dump of the
interface and parsing through it to look for some attributes, but that
is complicated to figure out, takes longer to execute, and I'm lazy.
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This patch adds hostdev test cases in qemuhotplugtest.c.
Note: the small tweak inside virpcimock.c was needed because
the new tests added a code path in which virHostHasIOMMU()
(virutil.c) started being called, and the mocked '/sys/kernel/'
prefix that is mocked in virpcimock.c wasn't being considered
in the opendir() mock. An alternative to avoid these situations
in virpcimock.c is implemented in the next patch.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
When starting a domain, we use the presence of a vfio-pci or
mdev hostdev to determine if the memlock maximum needs to be
increased. But if we hotplug either of these devices, only the
vfio-pci path gets that love. This means that attaching a, say,
vfio-ccw device will appear to succeed but the device may be
unusable as the guest may see I/O errors on long CCW chains.
The host, meanwhile, would be flooded with these messages:
vfio_pin_page_external: Task qemu-system-s39 (11584) RLIMIT_MEMLOCK (65536) exceeded
Let's adjust the maximum memlock value in the mdev hotplug path,
so that the domain has the same value as if it were started with
one or more mdev devices in its configuration.
Signed-off-by: Eric Farman <farman@linux.ibm.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
If attaching a PCI hostdev fails, there are several things that
need to be un-done as part of the cleanup. One thing that is
not done is re-calculating/re-setting the maximum amount of locked
memory for the domain, since we may have changed that.
Let's fix that, just to ensure everything is back the way it was.
Signed-off-by: Eric Farman <farman@linux.ibm.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Let's pull this hunk out into a function, so it can be reused
in another codepath that needs to do the same thing.
Signed-off-by: Eric Farman <farman@linux.ibm.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
In f08e6883cb4 I've made @pcidevs in
virHostdevReAttachPCIDevices() to be automatically unrefed using
VIR_AUTOUNREF() but I forgot to remove the line that explicitly
unrefs the object at the end of the function.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
After the previous commits, qemuAddSharedDevice() and
qemuRemoveSharedDevice() are now the same code with a different
flag to call the internal functions.
This patch aggregates the common code into a new function called
qemuAddRemoveSharedDeviceInternal() to further reduce
code repetition. Both qemuAddSharedDevice() and
qemuRemoveSharedDevice() are kept since they are public
functions used elsewhere.
No functional change was made.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Following the same idea of avoid code repetition from the
previous patch, this commit introduces a new function that
aggregates the functions of qemuAddSharedDisk() and
qemuRemoveSharedDisk() into a single place, using a flag to
switch between add/remove operations.
Both qemuAddSharedDisk() and qemuRemoveSharedDisk() are
public, so keep them around to avoid changing other files
due to an internal qemu_conf.c refactory.
No functional change was made.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
qemuAddSharedHostdev() has a code similar to
qemuRemoveSharedHostdev(), with exception of one line that
defines the operation (add or remove).
This patch introduces a new function that aggregates the common
code, using a flag to switch between the operations, avoiding
code repetition.
No functional change was made.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Since commit fd9ef3b31e, virDomainFindByUUIDRef() no longer exists and
all virDomainObjListFindBy*() functions now increment the reference
count.
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
As a result of changes in
commit d5f0c1b6dd51f0fbab2f8a25733c55d8be6b937b
Author: Daniel P. Berrangé <berrange@redhat.com>
Date: Thu Jul 18 12:30:22 2019 +0100
remote: stop trying to print help as giant blocks of text
The socket path built would be libvirt//var/run/libvirt-sock
instead of /var/run/libvirt/libvirt-sock. Fortunately this only
affects users who have set the 'unix_sock_dir' config parameter
in /etc/libvirt/libvirtd.conf, which is pretty rare/unusual.
Signed-off-by: eater <=@eater.me>
Exception made for the psuedonym above since patch is considered
trivial & thus non-copyrightable material.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
In some places where virDomainObjListForEach() is called the
passed callback calls virDomainObjListRemoveLocked(). Well, this
is unsafe, because the former only grabs a read lock but the
latter modifies the list.
I've identified the following unsafe calls:
- qemuProcessReconnectAll()
- libxlReconnectDomains()
The rest seem to be safe.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
virDomainObjCheckActive() returns -1 if domain is not active, not 0.
Fixes cb50436c6f "libxl: implement virDomainPM* functions"
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
This is an issue for LXC loop devices when you are trying to get loop
devices info using `ioctl`. Modern apps uses `/sys/dev/block` to grab
information about devices, but if you use the method mention you won't
be able to retrive the associated file with that loop device. See
example below from cryptsetup sources:
static char *_ioctl_backing_file(const char *loop)
{
struct loop_info64 lo64 = {0};
int loop_fd;
loop_fd = open(loop, O_RDONLY);
if (loop_fd < 0)
return NULL;
if (ioctl(loop_fd, LOOP_GET_STATUS64, &lo64) < 0) {
close(loop_fd);
return NULL;
}
lo64.lo_file_name[LO_NAME_SIZE-2] = '*';
lo64.lo_file_name[LO_NAME_SIZE-1] = 0;
close(loop_fd);
return strdup((char*)lo64.lo_file_name);
}
It will return an empty string because lo_file_name was not set.
Function `virFileLoopDeviceOpenSearch()` is using `ioctl` to query data,
but it is not checking `lo_file_name` field.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
When the network interface is of "user" type, and QEMU has the "-net
socket,fd=" datagram support, call qemuInterfacePrepareSlirp() to
probe and associate a slirp-helper with the interface.
The usage of automated slirp-helper can be prevented with
disableSlirp (in particular when resuming a
VM that didn't start with slirp-helper before).
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
If a slirp-helper is associated with a network interface (after
probing & preparing succesfully), pass the socket fd to QEMU and use
"-net socket,fd=".
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
If a slirp-helper is associated with a network interface,
prepare/start/stop the process via qemu-extdevice.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
For VM started and migrated/saved without slirp-helpers, let's prevent
the automatic setup (as it would fail to migrate otherwise).
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Save & restore the slirp helper PID associated with a network
interface & the probed features.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The unit provides the functions associated with a slirp-helper:
- probing / checking capabilities
- opening the socketpair
- starting / stoping the helper
- registering for dbus-vmstate migration
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
A slirp helper is a process that provides user-mode networking through
a unix domain socket. It is expected to follow the following
specification:
https://gitlab.freedesktop.org/slirp/libslirp-rs/blob/master/src/bin/README.rst
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Add dbusVMStates to keep a list of dbus-vmstate objects needed for
migration. They are populated on the command line during start or
qemuDBusVMStateAdd/Remove() will hotplug them as needed.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Add a generic way to run a command through the security management.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
pid filenames (from swtpm and other helpers from this series) are
based on VM shortname, which is derived from VM id. If the id is reset
to early, the state filenames will not be found.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This object is being proposed to qemu upstream "Add dbus-vmstate
object". It handles data migration of external processes.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Datagram socket is available since qemu 4.0, commit
fdec16e3c2a614e2861f3086b05d444b5d8c3406 ("net/socket: learn to talk
with a unix dgram socket").
Required for slirp-helper communication.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Once QEMU is started, the qemuDomainLogContext is owned by it, and can
no longer be used from libvirt. Instead, use
qemuDomainLogAppendMessage() which will redirect the log.
This is not strictly necessary for swtpm, but the following patches
are going to reuse qemuExtDeviceLogCommand().
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
dbus_message_new() does not construct correct replies by itself, it is
recommended to use dbus_message_new_method_return() instead.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Implicitly the query depth is limited by the length of the QAPI schema
query, but 'alternate' and 'array' QAPI meta-types don't consume a part
of the query string thus a loop on such types would get our traversal
code stuck in an infinite loop. Prevent this from happening by limiting
the nesting depth to 1000.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
After parsing a video device with a model type of
VIR_DOMAIN_VIDEO_TYPE_NONE, all device info is cleared (see
virDomainDefPostParseVideo()) in order to avoid formatting any
auto-generated values for the XML. Subsequently, however, an alias is
generated for the video device (e.g. 'video0'), which results in an
alias property being formatted in the XML output anyway. This creates
confusion if the user has explicitly provided an alias for the video
device since the alias will change.
To avoid this, don't clear the user-defined alias for video devices of
type "none".
https://bugzilla.redhat.com/show_bug.cgi?id=1720612
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
When we set cpu.max period we need to parse the cpu.max file first as
it contains both quota and period values separated by space. When only
a single number is written to that file it will set quota. However,
in order to change period we need to write both values.
The code was prepared for that but mistakenly used new line to end the
string with the first value.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1749227
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
When blockdev is used we always should use the blockdev mode for
non-shared storage migration.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Remove libvirt's support check for the target of an external snapshot to
the blockdev code or qemu. This will potentially require a more complex
cleanup but removes a level of hardcoded feature checks.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Use the code for creating or attaching new storage source in the
snapshot code and switch to 'blockdev-snapshot' for creating the
snapshot itself.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
With blockdev we'll be able to support protocols which are not supported
by the storage backends in libvirt. This means that we have to be able
to skip the creation and relative storage path reading if it's not
supported. This will make it impossible to use relative backing for
network protocols but that would be almost insane anyways.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
