Commit Graph

26734 Commits

Author SHA1 Message Date
Andrea Bolognani
7dca28e229 qemu_shim: Fix typos
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2020-01-27 17:57:08 +01:00
Ján Tomko
c07ef7c563 qemu: snapshot: go through cleanup on error
A recent commit added an error check for too-nested backing chains
followed by a return, even though errors above jump to cleanup.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: b168fa88b8
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-01-27 17:36:05 +01:00
Ján Tomko
26a42e7315 qemu_shim: cosmetic fixes
Remove bogus G_GNUC_UNUSED attribute and add a missing space.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: d600667278
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2020-01-27 17:36:05 +01:00
Peter Krempa
d9dfc1f7de qemu: checkpoint: Extract calculation of bitmap merging for checkpoint deletion
This will allow some testing before refactoring.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
6796194a28 qemu: checkpoint: Introduce helper to find checkpoint disk definition in parents
The algorithm is used in two places to find the parent checkpoint object
which contains given disk and then uses data from the disk. Additionally
the code is written in a very non-obvious way. Factor out the lookup of
the disk into a function which also simplifies the callers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
180b3422e9 qemu: domain: Remove unused qemuDomainDiskNodeFormatLookup
The function has no users now and there's no need for it as the common
pattern is to look up the whole disk object anyways.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
f19248a139 qemu: checkpoint: tolerate missing disks on checkpoint deletion
If a disk is unplugged and then the user tries to delete a checkpoint
the code would try to use NULL node name as it was not checked.

Fix this by fetching the whole disk definition object and verifying it
was found.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
7973f7d792 qemu: checkpoint: Use disk definition directly when creating checkpoint
Lookup the whole disk definition rather than just the node name.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
f3e0a45a00 qemu: checkpoint: rename disk->chkdisk in qemuCheckpointAddActions
Upcoming patches will also use the domain disk definition. Rename disk
to chkdisk for clarity.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
a303e8ea47 qemu: checkpoint: rename disk->chkdisk in qemuCheckpointDiscardBitmaps
Upcoming patches will also use the domain disk definition. Rename disk
to chkdisk for clarity.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
44e1b85717 qemu: checkpoint: split out checkpoint deletion bitmaps
qemuCheckpointDiscard is a massive function that can be separated into
smaller bits. Extract the part that actually modifies the disk from the
metadata handling.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
606dc66b09 qemu: checkpoint: Store whether deleted checkpoint is current in a variable
Avoid two computations by using a boolean.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 15:28:49 +01:00
Peter Krempa
60b580b949 qemu: capabilities: Add accessor to qemu caps machine types presence
Test code will need to know whether the virQEMUCaps object contains any
machine types already. Add a helper and expose it via 'qemu_capspriv.h'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-27 14:55:03 +01:00
Peter Krempa
3b8feb4793 qemu: capabilities: Replace aliased machine type by copy of the canonical machine
The previous approac of just purging the alias combined with the fact
that we filled in fake machine types in the test data meant that if a
test case used an alias machine type such as 'pc' or 'q35' it would not
properly resolve to the actual data returned by qemu.

This started to be a problem since the CPU driver now looks at the
default CPU reported with the machine type.

This patch replaces the original approach of just removing the alias by
replacing it with a copy of the machine type data which the type would
alias to. This means that we are using the real data while we don't
modify the test output after every qemu upgrade.

Additionally this change will allow us to drop adding the fake machine
types later.

The test fallout is from actually excercising the CPU driver with
actual data.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-27 14:55:03 +01:00
Peter Krempa
bb61230992 qemu: capabilities: Extract code from virQEMUCapsStripMachineAliases
Separate out the internals as they will become more complex soon.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-27 14:55:03 +01:00
Peter Krempa
0b9d1a8073 qemu: domain: Validate that machine type is supported by qemu
Every supported qemu is able to return the list of machine types it
supports so we can start validating it against that list. The advantage
is a better error message, and the change will also prevent having stale
test data.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-27 14:55:03 +01:00
Daniel P. Berrangé
82dd011dbb qemu: fix linking virt-qemu-run on some distros
Debian/Ubuntu linkers are more strict that other distros requiring glib
to be linked explicitly.

macOS needs -export-dynamic instead of -Wl,--export-dynamic

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-27 13:44:56 +00:00
Daniel P. Berrangé
9a5bafd329 bhyve: add 'root' parameter to driver initializer
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-27 13:44:56 +00:00
Peter Krempa
b168fa88b8 qemu: snapshot: Prevent too-nested domain XML when doing inactive snapshot
Similarly to 510d154a0b we need to prevent
doing too deeply nested backing chains and reject them with a sane error
message.

Add a loop to go through the snapshots prior to attempting actually
creating them to prevent some possible inconsistent scenarios.

We don't need to do it when reusing backing chains as we'll be
re-detecting the backing chain in that case anyways.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 14:02:01 +01:00
Peter Krempa
8e9e73a984 qemu: snapshot: Always rewrite backingStore data when reusing existing images
Don't adopt the backing store data when reusing images provided by the
user. This will force a backing chain re-probe as users might have
passed in something unexpected in the overlay where our view of the
backing chain would not correspond.

This is done only for inactive snapshots as there we have way less
verification.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-27 14:02:01 +01:00
Daniel P. Berrangé
d600667278 qemu: introduce a new "virt-qemu-run" program
The previous "QEMU shim" proof of concept was taking an approach of only
caring about initial spawning of the QEMU process. It was then
registered with the libvirtd daemon who took over management of it. The
intent was that later libvirtd would be refactored so that the shim
retained control over the QEMU monitor and libvirt just forwarded APIs
to each shim as needed. This forwarding of APIs would require quite alot
of significant refactoring of libvirtd to achieve.

This impl thus takes a quite different approach, explicitly deciding to
keep the VMs completely separate from those seen & managed by libvirtd.
Instead it uses the new "qemu:///embed" URI scheme to embed the entire
QEMU driver in the shim, running with a custom root directory.

Once the driver is initialization, the shim starts a VM and then waits
to shutdown automatically when QEMU shuts down, or should kill QEMU if
it is terminated itself. This ought to use the AUTO_DESTROY feature but
that is not yet available in embedded mode, so we rely on installing a
few signal handlers to gracefully kill QEMU. This isn't reliable if
we crash of course, but you can restart with the same root dir.

Note this program does not expose any way to manage the QEMU process,
since there's no RPC interface enabled. It merely starts the VM and
cleans up when the guest shuts down at the end. This program is
installed to /usr/bin/virt-qemu-run enabling direct use by end users.
Most use cases will probably want to integrate the concept directly
into their respective application codebases. This standalone binary
serves as a nice demo though, and also provides a way to measure
performance of the startup process quite simply.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-27 11:05:02 +00:00
Daniel P. Berrangé
3e9076e777 secrets: add support for running secret driver in embedded mode
This enables support for running the secret driver embedded to the
calling application process using a URI:

   secret:///embed?root=/some/path

When using the embedded mode with a root=/var/tmp/embed, the
driver will use the following paths:

       configDir: /var/tmp/embed/etc/secrets
        stateDir: /var/tmp/embed/run/secrets

These are identical whether the embedded driver is privileged
or unprivileged.

This compares with the system instance which uses

       configDir: /etc/libvirt/secrets
        stateDir: /var/lib/libvirt/secrets

When an embedded instance of the secret driver is open, any other
embedded drivers will automatically use the embedded secret driver.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-27 11:04:29 +00:00
Daniel P. Berrangé
068efae5b1 qemu: add support for running QEMU driver in embedded mode
This enables support for running QEMU embedded to the calling
application process using a URI:

   qemu:///embed?root=/some/path

Note that it is important to keep the path reasonably short to
avoid risk of hitting the limit on UNIX socket path names
which is 108 characters.

When using the embedded mode with a root=/var/tmp/embed, the
driver will use the following paths:

                logDir: /var/tmp/embed/log/qemu
           swtpmLogDir: /var/tmp/embed/log/swtpm
         configBaseDir: /var/tmp/embed/etc/qemu
              stateDir: /var/tmp/embed/run/qemu
         swtpmStateDir: /var/tmp/embed/run/swtpm
              cacheDir: /var/tmp/embed/cache/qemu
                libDir: /var/tmp/embed/lib/qemu
       swtpmStorageDir: /var/tmp/embed/lib/swtpm
 defaultTLSx509certdir: /var/tmp/embed/etc/pki/qemu

These are identical whether the embedded driver is privileged
or unprivileged.

This compares with the system instance which uses

                logDir: /var/log/libvirt/qemu
           swtpmLogDir: /var/log/swtpm/libvirt/qemu
         configBaseDir: /etc/libvirt/qemu
              stateDir: /run/libvirt/qemu
         swtpmStateDir: /run/libvirt/qemu/swtpm
              cacheDir: /var/cache/libvirt/qemu
                libDir: /var/lib/libvirt/qemu
       swtpmStorageDir: /var/lib/libvirt/swtpm
 defaultTLSx509certdir: /etc/pki/qemu

At this time all features present in the QEMU driver are available when
running in embedded mode, availability matching whether the embedded
driver is privileged or unprivileged.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-27 11:04:03 +00:00
Daniel P. Berrangé
88446e07b2 libvirt: support an "embed" URI path selector for opening drivers
The driver URI scheme:

  "$drivername:///embed?root=/some/path"

enables a new way to use the drivers by embedding them directly in the
calling process. To use this the process must have a thread running the
libvirt event loop. This URI will then cause libvirt to dynamically load
the driver module and call its global initialization function. This
syntax is applicable to any driver, but only those will have been
modified to support a custom root directory and embed URI path will
successfully open.

The application can now make normal libvirt API calls which are all
serviced in-process with no RPC layer involved.

It is required to specify an explicit root directory, and locks will be
acquired on this directory to avoid conflicting with another app that
might accidentally pick the same directory.

Use of '/' is not explicitly forbidden, but note that the file layout
used underneath the embedded driver root does not match the file
layout used by system/session mode drivers. So this cannot be used as
a backdoor to interact with, or fake, the system/session mode drivers.

Libvirt will create arbitrary files underneath this root directory. The
root directory can be kept untouched across connection open attempts if
the application needs persistence. The application is responsible for
purging everything underneath this root directory when finally no longer
required.

Even when a virt driver is used in embedded mode, it is still possible
for it to in turn use functionality that calls out to other secondary
drivers in libvirtd. For example an embedded instance of QEMU can open
the network, secret or storage drivers in the system libvirtd.

That said, the application would typically want to at least open an
embedded secret driver ("secret:///embed?root=/some/path"). Note that
multiple different embedded drivers can use the same root prefix and
co-operate just as they would inside a normal libvirtd daemon.

A key thing to note is that for this to work, the application that links
to libvirt *MUST* be built with -Wl,--export-dynamic to ensure that
symbols from libvirt.so are exported & thus available to the dynamically
loaded driver module. If libvirt.so itself was dynamically loaded then
RTLD_GLOBAL must be passed to dlopen().

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-27 11:03:49 +00:00
Daniel P. Berrangé
207709a031 libvirt: pass a directory path into drivers for embedded usage
The intent here is to allow the virt drivers to be run directly embedded
in an arbitrary process without interfering with libvirtd. To achieve
this they need to store all their configuration & state in a separate
directory tree from the main system or session libvirtd instances.

This can be useful for doing testing of the virt drivers in "make check"
without interfering with the user's own libvirtd instances.

It can also be used for applications using KVM/QEMU as a piece of
infrastructure to build an service, rather than for general purpose
OS hosting. A long standing example is libguestfs, which would prefer
if its temporary VMs did show up in the main libvirtd VM list, because
this confuses apps such as OpenStack Nova. A more recent example would
be Kata which is using KVM as a technology to build containers.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-27 11:02:16 +00:00
Daniel P. Berrangé
fd2a9dda87 util: add helper API for getting URI parameters
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-27 11:02:03 +00:00
Jonathon Jongsma
dee2218bc8 qemu: explicitly disable virgl when requested
If a domain is configured to have an egl-headless display and a virtio
video device, virgl will be enabled automatically within the guest, even
if the video device is configured with accel3d='no'.

In this case we should explicitly pass 'virgl=off' to qemu.

See https://bugzilla.redhat.com/show_bug.cgi?id=1791236 for more
information.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-25 07:51:08 +01:00
Han Han
bd51f89c30 qemu: Implement builtin rng backend
Since v4.2-rc0, QEMU introduced a builtin rng backend that uses
getrandom() syscall to generate random. Add it to libvirt with the
backend model 'builtin'.

https://bugzilla.redhat.com/show_bug.cgi?id=1785091

Signed-off-by: Han Han <hhan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-24 17:03:35 +01:00
Han Han
6a6d00e168 conf: Add rng backend model builtin
The 'builtin' rng backend model can be used as following:
  <rng model='virtio'>
    <backend model='builtin'/>
  </rng>

Signed-off-by: Han Han <hhan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-24 17:03:32 +01:00
Han Han
1bd17918b6 util: Do not assume comma after object id
For qemu object like rng-builtin, there are no properties after id
property. We should always set comma after object id. Otherwise it will
cause trailing comma on object:
    -object rng-builtin,id=ID,

Signed-off-by: Han Han <hhan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-24 17:03:29 +01:00
Han Han
9378713f56 qemu_capabilities: Introduce QEMU_CAPS_OBJECT_RNG_BUILTIN
It is used to check if qemu is capable of rng-builtin object.

This object is added since qemu-4.2.0-rc0, commit 6c4e9d48.

Signed-off-by: Han Han <hhan@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-24 17:03:21 +01:00
Michal Privoznik
c76009313f qemu_capabilities: Rework domain caps cache
Since v5.6.0-48-g270583ed98 we try to cache domain capabilities,
i.e. store filled virDomainCaps in a hash table in virQEMUCaps
for future use. However, there's a race condition in the way it's
implemented. We use virQEMUCapsGetDomainCapsCache() to obtain the
pointer to the hash table, then we search the hash table for
cached data and if none is found the domcaps is constructed and
put into the table. Problem is that this is all done without any
locking, so if there are two threads trying to do the same, one
will succeed and the other will fail inserting the data into the
table.

Also, the API looks a bit fishy - obtaining pointer to the hash
table is dangerous.

The solution is to use a mutex that guards the whole operation
with the hash table. Then, the API can be changes to return
virDomainCapsPtr directly.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1791790

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-01-24 14:48:44 +01:00
Michal Privoznik
cc361a34c5 qemu_conf: Avoid dereferencing NULL in virQEMUDriverGetHost{NUMACaps,CPU}
When fixing [1] I've ran attached reproducer and had it spawn
1024 threads and query capabilities XML in each one of them. This
lead libvirtd to hit the RLIMIT_NOFILE limit which was kind of
expected. What wasn't expected was a subsequent segfault. It
happened because virCPUProbeHost failed and returned NULL. We've
taken the NULL and passed it to virCapabilitiesHostNUMARef()
which dereferenced it. Code inspection showed the same flas in
virQEMUDriverGetHostNUMACaps(), so I'm fixing both places.

1: https://bugzilla.redhat.com/show_bug.cgi?id=1791790

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-01-24 14:48:44 +01:00
Michal Privoznik
609acf1f5d cpu.c: Check properly for virCapabilitiesGetNodeInfo() retval
The virCapabilitiesGetNodeInfo() function has the usual return
value semantics for integeres: a negative value means an error,
zero or a positive value means success. However, the function
call done in virCPUProbeHost() doesn't check for the return value
accordingly.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2020-01-24 14:48:44 +01:00
Peter Krempa
29d43bf96a qemu: monitor: Improve error message when QEMU reply is too large
Don't use ERANGE as it doesn't make much sense in the error message.
Also point out that the reply from qemu was too large which is not
obvious from the original error:

 error: No complete monitor response found in 10485760 bytes: Numerical result out of range

The new message will read:

 error: internal error: QEMU monitor reply exceeds buffer size (10485760 bytes)

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2020-01-24 13:47:45 +01:00
Peter Krempa
f4e7c792d5 qemu: block: Don't skip creation of 'luks' formatted images
libvirt treats 'luks' images as raw+encryption. The logic in
qemuBlockStorageSourceCreateFormat skipped the creation if the requested
image was raw but didn't take into account the encryption.

This manifested itself e.g. when attempting to do a virsh blockcopy with
the following XML:

    <disk type='file' device='disk'>
      <driver name='qemu' type='raw'/>
      <source file='/tmp/enccpy'>
        <encryption format='luks'>
          <secret type='passphrase' uuid='0a81f5b2-8403-7b23-c8d6-21ccc2f80d6f'/>
        </encryption>
      </source>
    </disk>

Where qemu would report the following error:

 unable to execute QEMU command 'blockdev-add': Volume is not in LUKS format

rather than actually formatting the image first.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-24 13:46:46 +01:00
Peter Krempa
ae60e05817 util: hash: Improve debugability of "Duplicate key" error message
If we get a user reporting this error message being shown it's pretty
useless in terms of actually debugging it since we don't know which hash
and which key are actually subject to the error.

This patch adds a new hash table callback which formats the
user-readable version of the hash key and reports it in the new message
which will look like:

"Duplicate hash table key 'blah'"

That way we will at least have an anchor point where to start the
search.

There are two special implementations of keys which are numeric so we
add specific printer functions for them.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-24 13:45:38 +01:00
Peter Krempa
0c3792a155 qemu: backup: Implement support for backup disk bitmap name configuration
Use the user-configured name of the bitmap when merging the appropriate
bitmaps for an incremental backup so that the user can see it as
configured. Additionally expose the default bitmap name if nothing is
configured.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-01-24 13:40:53 +01:00
Peter Krempa
bce4ac55f8 qemu: backup: Implement support for backup disk export name configuration
Pass the exportname as configured when exporting the image via NBD and
fill it with the default if it's not configured.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-24 13:40:48 +01:00
Peter Krempa
12ccd8d4db conf: backup: Allow configuration of names exported via NBD
If users wish to use different name for exported disks or bitmaps
the new fields allow to do so. Additionally they also document the
current settings.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-24 13:40:48 +01:00
Peter Krempa
69908db0f6 qemu: Fix value of 'device' argument for block-commit
When using blockdev configurations the 'device' argument of
'blockdev-commit' must correspond to the topmost node in the block node
graph. Libvirt didn't do this properly in case when 'copy_on_read'
option was enabled on the disk.

Use qemuDomainDiskGetTopNodename to fix it when calling block-commit.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-24 13:40:36 +01:00
Peter Krempa
e3137539a9 qemu: Fix value of 'device' argument for blockdev-mirror
When using blockdev configurations the 'device' argument of
'blockdev-mirror' must correspond to the topmost node in the block node
graph. Libvirt didn't do this properly in case when 'copy_on_read'
option was enabled on the disk.

Use qemuDomainDiskGetTopNodename to fix it for the blockdev-mirror calls
in qemuDomainBlockCopy and the non-shared-storage migration.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-24 13:40:36 +01:00
Peter Krempa
0b0f389335 qemu: domain: Extract code to determine topmost nodename to qemuDomainDiskGetTopNodename
There are more places which require getting the topmost nodename to be
passed to qemu. Separate it out into a new function.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-24 13:40:36 +01:00
Peter Krempa
623366d130 qemu: blockcopy: Actually unplug unused images when mirror job fails to start
If a mirror job fails to start in -blockdev mode we'd not unplug the
backing files we added first because the code on the error path checked
the wrong value. 'rc' is used as status of the code which added the
images, but the state of the 'block(dev)-mirror' call is stored in 'ret'
at that point.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2020-01-24 13:40:36 +01:00
Daniel P. Berrangé
6d786f95a3 qemu: fixing auto-detecting binary in domain capabilities
The virConnectGetDomainCapabilities API accepts either a binary path
to the emulator, or desired guest arch. If guest arch is not given,
then the host arch is assumed.

In the case where the binary is not given, the code tried to find the
emulator binary in the existing list of cached emulator capabilities.
This is not valid since we switched to lazy population of the cache in:

  commit 3dd91af01f
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Mon Dec 2 13:04:26 2019 +0000

    qemu: stop creating capabilities at driver startup

As a result of this change, if there are no persistent guests defined
using the requested guest architecture, virConnectGetDomainCapabilities
will fail to find an emulator binary.

The solution is to stop relying on the cached capabilities to find the
binary and instead use the same logic we use to pick default a binary
per arch when populating capabilities.

Tested-by: Boris Fiuczynski <fiuczy@linux.ibm.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-23 16:38:59 +00:00
Thomas Huth
e7a65484ba qemu: Refuse to use "ps2" on machines that do not have this bus
The "ps2" bus is only available on certain machines like x86. On
machines like s390x, we should refuse to add a device to this bus
instead of silently ignoring it.

Looking at the QEMU sources, PS/2 is only available if the QEMU binary
has the "i8042" device, so let's check for that and only allow "ps2"
devices if this QEMU device is available, or if we're on x86 anyway
(so we don't have to fake the QEMU_CAPS_DEVICE_I8042 capability in
all the tests that use <input ... bus='ps2'/> in their xml data).

Reported-by: Sebastian Mitterle <smitterl@redhat.com>
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1763191
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-23 12:57:03 +01:00
Julio Faracco
4494b9b9d0 lxc: Add support to lxcDomainInterfaceAddresses() function
LXC driver is not able to retrieve IP addresses from domains. This
function was not implemented yet. It can be done using DHCP lease and
ARP table. Different from QEMU, LXC does not have an agent to fetch
this info, but other sources can be used.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-23 12:38:35 +01:00
Julio Faracco
c360dbb564 qemu: Converting DHCP and ARP functions to domain conf
QEMU driver has two functions: qemuGetDHCPInterfaces() and
qemuARPGetInterfaces() that are being used inside only one single
function. They can be turned into generic functions that other drivers
can use. This commit move both from QEMU driver tree to domain conf
tree.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-23 12:29:33 +01:00
Jonathon Jongsma
d7da92a9ce nodedev: Use autofree for more local variables
Simplify function logic by using g_autofree to free local variables so
that we can remove some goto statements that are used for cleanup.

Introduce a g_autoptr cleanup function for virNodeDeviceDef.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-23 10:04:22 +01:00
Pavel Hrdina
153fd68368 src: remove WITH_GNUTLS usage
Since commit <60d9ad6f1e42618fce10baeb0f02c35e5ebd5b24> we require
GnuTLS and since commit <ac0d21c762351f58dd5d2dafa2014ed48a8b49f3>
we can actually drop the usage of WITH_GNUTLS.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-01-22 18:07:09 +01:00
Marek Marczykowski-Górecki
6c1dddaf97 libxl: initialize shutdown inhibit callback
The libxl driver already tries to call shutdown inhibit callback in the
right places, but only if it's set. That last part was missing,
resulting in premature shutdown when running libvirtd
--timeout=...

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
2020-01-21 20:57:35 -07:00
Ján Tomko
d61f95cf6a qemu: end the agent job in qemuDomainSetTimeAgent
This function grabs an agent job but ends a monitor job.
End the agent job instead.

https://bugzilla.redhat.com/show_bug.cgi?id=1792723

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reported-by: Dan Zheng <dzheng@redhat.com>
Fixes: e005c95f56
2020-01-20 07:55:48 +01:00
Pavel Hrdina
894556ca81 secret: move virSecretGetSecretString into virsecret
The function virSecretGetSecretString calls into secret driver and is
used from other hypervisors drivers and as such makes more sense in
util.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 15:52:37 +01:00
Daniel P. Berrangé
05a38d4c4a src: conditionalize / remove use of sys/ioctl.h
Remove many imports of sys/ioctl.h which are redundant,
and conditionalize remaining usage that needs to compile
on Windows platforms.

The previous change to remove the "nonblocking" gnulib
module indirectly caused the loss of the "ioctl" gnulib
module that we did not explicitly list in bootstrap.conf
despite relying on.

Rather than re-introduce the "ioctl" module this patch
makes it redundant.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 13:16:58 +00:00
Daniel P. Berrangé
1c18375cda bhyve: fix typos checking CPU dies
This fixes a build bug introduced by

  commit fbf27730a3
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Mon Dec 16 11:16:51 2019 +0000

    conf: add support for specifying CPU "dies" parameter

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 12:32:09 +00:00
Peter Krempa
5f2fa393f7 util: storagefile: Properly set transport type when parsing NBD strings
When parsing legacy NBD backing file strings such as
'nbd:unix:/tmp/sock:exportname=/' we'd fail to set the transport to
VIR_STORAGE_NET_HOST_TRANS_UNIX. This started to be a problem once we
actually started to generate config of the backing store on the command
line with -blockdev as the JSON code would try to format it as TCP and
fail with:

 internal error: argument key 'host' must not have null value

Set the type properly and add a test.

This bug was found by the libguestfs test suite in:

https://bugzilla.redhat.com/show_bug.cgi?id=1791614

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reported-by: Ming Xie <mxie@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
2020-01-17 12:34:10 +01:00
Daniel P. Berrangé
3caa28dc50 src: replace gmtime_r/localtime_r/strftime with GDateTime
gmtime_r/localtime_r are mostly used in combination with
strftime to format timestamps in libvirt. This can all
be replaced with GDateTime resulting in simpler code
that is also more portable.

There is some boundary condition problem in parsing POSIX
timezone offsets in GLib which tickles our test suite.
The test suite is hacked to avoid the problem. The upsteam
GLib bug report is

  https://gitlab.gnome.org/GNOME/glib/issues/1999

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 10:02:01 +00:00
Daniel P. Berrangé
7c828af858 src: conditionally exclude cfmakeraw/termios.h on WIN32
The GNULIB termios module ensures termios.h exists (but
is none the less empty) when building for Windows. We
already exclude usage of the functions that would exist
in a real termios.h, so having an empty termios.h is
not especially useful.

It is simpler to just put all use of termios.h related
functions behind a "#ifndef WIN32" conditional.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 10:02:01 +00:00
Daniel P. Berrangé
fa434739a0 src: replace verify(expr) with G_STATIC_ASSERT(expr)
G_STATIC_ASSERT() is a drop-in functional equivalent of
the GNULIB verify() macro.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 10:02:01 +00:00
Daniel P. Berrangé
7b9645a7d1 util: replace atomic ops impls with g_atomic_int*
Libvirt's original atomic ops impls were largely copied
from GLib's code at the time. The only API difference
was that libvirt's virAtomicIntInc() would return a
value, but g_atomic_int_inc was void. We thus use
g_atomic_int_add(v, 1) instead, though this means
virAtomicIntInc() now returns the original value,
instead of the new value.

This rewrites libvirt's impl in terms of g_atomic_int*
as a short term conversion. The key motivation was to
quickly eliminate use of GNULIB's verify_expr() macro
which is not a direct match for G_STATIC_ASSERT_EXPR.
Long term all the callers should be updated to use
g_atomic_int* directly.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 10:02:00 +00:00
Daniel P. Berrangé
4f128bbbfb util: pull gnulib physmem impl into local code
We don't need all the platforms gnulib deals with, so
this is a cut down version of GNULIB's physmem.c
code. This also allows us to integrate libvirt's
error reporting functions closer to the error cause.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 10:01:57 +00:00
Daniel P. Berrangé
210e19702e src: convert code to use new socket portability wrappers
Convert to use socket wrappers. Aside from the header file
include change, this requires changing close -> closesocket
since our portability isn't trying to replace the close
function.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 10:01:57 +00:00
Daniel P. Berrangé
b5c95d042b util: introduce compat wrappers for Winsock2
Windows sockets take a SOCKET HANDLE object instead of a
file descriptor. Wrap them in the same way that gnulib
does so that they use C runtime file descriptors.

While we could in theory use GSocket, it is hard to get
the exact same semantics libvirt has for its current
socket usage. Wrapping the Winsock2 APIs is thus the
easiest approach in the short term.

In changing the socke wrappers we need to re-implement
the nonblocking function too, since the GNULIB impl
expects to be used with the GNULIB sockets wrappers.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 10:01:16 +00:00
Daniel P. Berrangé
f650e86703 util: add detection of openpty function
All UNIX platforms we care about have openpty() in the libutil
library. Use of pty.h must also be made conditional, excluding
Win32.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 09:59:08 +00:00
Daniel P. Berrangé
f018fbac78 src: remove use of the INT_MULTIPLY_OVERFLOW macro
The GLib g_size_checked_mul() function is not quite the
same signature, and gives compiler warnings due to not
correctly casting from gsize to guint64/32. Implementing
a replacement for INT_MULTIPLY_OVERFLOW is easy enough
to do ourselves.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 09:59:05 +00:00
Daniel P. Berrangé
117353f9e5 src: replace use of INT_BUFSIZE_BOUND macros
Introduce a vastly simpler VIR_INT64_STR_BUFLEN constant
which is large enough for all cases where we currently
use INT_BUFSIZE_BOUND. This eliminates most use of the
gnulib intprops.h header.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 09:58:43 +00:00
Daniel P. Berrangé
a1cd25b919 esx: remove compatibility for old libcurl
RHEL7 has libcurl 7.29.0, which is the oldest of any
supported build platform. Thus we no longer need the
back compat for libcurl < 7.28.0.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-16 15:53:18 +00:00
Jonathon Jongsma
b28bf62b3f Use glib alloc API for virDomainFSInfo
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-16 16:35:47 +01:00
Jonathon Jongsma
9a7d618c79 qemu: use glib allocation apis for qemuAgentFSInfo
Switch from old VIR_ allocation APIs to glib equivalents.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-16 16:35:47 +01:00
Jonathon Jongsma
9e1a8298cd qemu: use glib alloc in qemuAgentGetFSInfoFillDisks()
Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-16 16:35:47 +01:00
Jonathon Jongsma
3c436c22a4 qemu: remove qemuDomainObjBegin/EndJobWithAgent()
This function potentially grabs both a monitor job and an agent job at
the same time. This is problematic because it means that a malicious (or
just buggy) guest agent can cause a denial of service on the host. The
presence of this function makes it easy to do the wrong thing and hold
both jobs at the same time. All existing uses have already been removed
by previous commits.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-16 16:35:47 +01:00
Jonathon Jongsma
599ae372d8 qemu: don't access vmdef within qemu_agent.c
In order to avoid holding an agent job and a normal job at the same
time, we want to avoid accessing the domain's definition while holding
the agent job. To achieve this, qemuAgentGetFSInfo() only returns the
raw information from the agent query to the caller. The caller can then
release the agent job and then proceed to look up the disk alias from
the vm definition. This necessitates moving a few helper functions to
qemu_driver.c and exposing the agent data structure (qemuAgentFSInfo) in
the header.

In addition, because the agent function no longer returns the looked-up
disk alias, we can't test the alias within qemuagenttest.  Instead we
simply test that we parse and return the raw agent data correctly.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-16 16:35:47 +01:00
Jonathon Jongsma
306b4cb070 qemu: Don't store disk alias in qemuAgentDiskInfo
The qemuAgentDiskInfo structure is filled with information received from
the agent command response, except for the 'alias' field, which is
retrieved from the vm definition. Limit this structure only to data that
was received from the agent message.

This is another intermediate step in moving the responsibility for
searching the vmdef from qemu_agent.c to qemu_driver.c so that we can
avoid holding an agent job and a normal job at the same time.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-16 16:35:46 +01:00
Jonathon Jongsma
bdb8a800b4 qemu: store complete agent filesystem information
In an effort to avoid holding both an agent and normal job at the same
time, we shouldn't access the vm definition from within qemu_agent.c
(i.e. while the agent job is being held). In preparation, we need to
store the full filesystem disk information in qemuAgentDiskInfo.  In a
following commit, we can pass this information back to the caller and
the caller can search the vm definition to match the filsystem disk to
an alias.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-16 16:35:46 +01:00
Jonathon Jongsma
e888c0f667 qemu: rename qemuAgentGetFSInfoInternalDisk()
The function name doesn't give a good idea of what the function does.
Rename to qemuAgentGetFSInfoFillDisks() to make it more obvious than it
is filling in the disk information in the fsinfo struct.

Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-16 16:35:46 +01:00
Daniel P. Berrangé
7b79ee2f78 hostcpu: add support for reporting die_id in NUMA topology
Update the host CPU code to report the die_id in the NUMA topology
capabilities. On systems with multiple dies, this fixes the bug
where CPU cores can't be distinguished:

 <cpus num='12'>
   <cpu id='0' socket_id='0' core_id='0' siblings='0'/>
   <cpu id='1' socket_id='0' core_id='1' siblings='1'/>
   <cpu id='2' socket_id='0' core_id='0' siblings='2'/>
   <cpu id='3' socket_id='0' core_id='1' siblings='3'/>
 </cpus>

Notice how core_id is repeated within the scope of the same socket_id.

It now reports

 <cpus num='12'>
   <cpu id='0' socket_id='0' die_id='0' core_id='0' siblings='0'/>
   <cpu id='1' socket_id='0' die_id='0' core_id='1' siblings='1'/>
   <cpu id='2' socket_id='0' die_id='1' core_id='0' siblings='2'/>
   <cpu id='3' socket_id='0' die_id='1' core_id='1' siblings='3'/>
 </cpus>

So core_id is now unique within a (socket_id, die_id) pair.

Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-16 15:11:55 +00:00
Daniel P. Berrangé
4cf8dd0c57 qemu: add support for specifying CPU "dies" topology parameter
QEMU since 4.1.0 supports the "dies" parameter for -smp

Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-16 15:11:55 +00:00
Daniel P. Berrangé
2ce9474c2a conf: remove unused virCapabilitiesSetHostCPU method
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-16 15:11:51 +00:00
Daniel P. Berrangé
fbf27730a3 conf: add support for specifying CPU "dies" parameter
Recently CPU hardware vendors have started to support a new structure
inside the CPU package topology known as a "die". Thus the hierarchy
is now:

  sockets > dies > cores > threads

This adds support for "dies" in the XML parser, with the value
defaulting to 1 if not specified for backwards compatibility.

For example a system with 64 logical CPUs might report

   <topology sockets="4" dies="2" cores="4" threads="2"/>

Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-16 15:11:42 +00:00
Jiri Denemark
bd04d63ad9 qemu: Don't emit SUSPENDED_POSTCOPY event on destination
When pause-before-switchover QEMU capability is enabled, we get STOP
event before MIGRATION event with postcopy-active state. To properly
handle post-copy migration and emit correct events commit
v4.10.0-rc1-4-geca9d21e6c added a hack to
qemuProcessHandleMigrationStatus which translates the paused state
reason to VIR_DOMAIN_PAUSED_POSTCOPY and emits
VIR_DOMAIN_EVENT_SUSPENDED_POSTCOPY event when migration state changes
to post-copy.

However, the code was effective on both sides of migration resulting in
a confusing VIR_DOMAIN_EVENT_SUSPENDED_POSTCOPY event on the destination
host, where entering post-copy mode is already properly advertised by
VIR_DOMAIN_EVENT_RESUMED_POSTCOPY event.

https://bugzilla.redhat.com/show_bug.cgi?id=1791458

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-01-16 15:12:19 +01:00
Michal Privoznik
0970da7180 virchrdev: Drop needless 'cleanup' label in virChrdevLockFileCreate()
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-16 14:13:47 +01:00
Michal Privoznik
439eb82e23 virchrdev: Use more g_autofree and VIR_AUTOCLOSE
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-16 14:13:47 +01:00
Michal Privoznik
15b821122e virchrdev: Don't leak mutex if virChrdevAlloc() fails
This is only a theoretical leak, but in virChrdevAlloc() we
initialize a mutex and if creating a hash table fails,
then virChrdevFree() is called which because of incorrect check
doesn't deinit the mutex.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-16 14:13:47 +01:00
Michal Privoznik
aab3779994 virchrdev: Don't leak @dev member of virChrdevHashEntry struct
When opening a console to a domain, we put a tuple of {path,
virStreamPtr} into a hash table that's private to the domain.
This is to ensure only one client at most has the console stream
open. Later, when the console is closed, the tuple is removed
from the hash table and freed. Except, @path won't be freed.

==234102== 60 bytes in 5 blocks are definitely lost in loss record 436 of 651
==234102==    at 0x4836753: malloc (vg_replace_malloc.c:307)
==234102==    by 0x5549110: g_malloc (in /usr/lib64/libglib-2.0.so.0.6000.6)
==234102==    by 0x5562D1E: g_strdup (in /usr/lib64/libglib-2.0.so.0.6000.6)
==234102==    by 0x4A5A917: virChrdevOpen (virchrdev.c:412)
==234102==    by 0x17B64645: qemuDomainOpenConsole (qemu_driver.c:17309)
==234102==    by 0x4BC8031: virDomainOpenConsole (libvirt-domain.c:9662)
==234102==    by 0x13F854: remoteDispatchDomainOpenConsole (remote_daemon_dispatch_stubs.h:9211)
==234102==    by 0x13F72F: remoteDispatchDomainOpenConsoleHelper (remote_daemon_dispatch_stubs.h:9178)
==234102==    by 0x4AB0685: virNetServerProgramDispatchCall (virnetserverprogram.c:430)
==234102==    by 0x4AB01F0: virNetServerProgramDispatch (virnetserverprogram.c:302)
==234102==    by 0x4AB700B: virNetServerProcessMsg (virnetserver.c:136)
==234102==    by 0x4AB70CB: virNetServerHandleJob (virnetserver.c:153)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-16 14:13:47 +01:00
Michal Privoznik
4c581527d4 qemu: Stop domain on failed restore
When resuming a domain from a save file, we read the domain XML
from the file, add it onto our internal list of domains, start
the qemu process, let it load the incoming migration stream and
resume its vCPUs afterwards. If anything goes wrong, the domain
object is removed from the list of domains and error is returned
to the caller. However, the qemu process might be left behind -
if resuming vCPUs fails (e.g. because qemu is unable to acquire
write lock on a disk) then due to a bug the qemu process is not
killed but the domain object is removed from the list.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1718707

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-01-16 09:17:07 +01:00
Michal Privoznik
3203ad6cfd qemu: Use g_autoptr() for qemuDomainSaveCookie
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-01-16 09:17:07 +01:00
Michal Privoznik
82e127e343 qemuDomainSaveImageStartVM: Use g_autoptr() for virCommand
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-01-16 09:17:07 +01:00
Michal Privoznik
1c16f261d0 qemuDomainSaveImageStartVM: Use VIR_AUTOCLOSE for @intermediatefd
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2020-01-16 09:17:07 +01:00
Julio Faracco
1becd935c5 lxc: Implement virDomainGetHostnameFlags
Since there is no guest agent in LXC world (yet), we can
implement _LEASE flag only.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-16 09:02:35 +01:00
Julio Faracco
a4a5827c9f qemu: Implement virDomainGetHostnameFlags
We have to keep the default - querying the agent if no flag is
set.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-16 09:02:35 +01:00
Julio Faracco
3cf12299f6 Introduce source flags to virDomainGetHostname()
There is a lots of possibilities to retrieve hostname information
from domain. Libvirt could use lease information from dnsmasq to
get current hostname too. QEMU supports QEMU-agent but it can use
lease source.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-16 09:02:35 +01:00
Ján Tomko
45464db8ba conf: do not generate machine names ending with a dash
As of systemd commit:

commit d65652f1f21a4b0c59711320f34266c635393c89
Author:     Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
CommitDate: 2018-12-10 09:56:56 +0100

    Partially unify hostname_is_valid() and dns_name_is_valid()

Dashes are no longer allowed at the end of machine names.

Trim the trailing dashes from the generated name before passing
it to machined.

https://bugzilla.redhat.com/show_bug.cgi?id=1790409

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-15 17:10:20 +01:00
Ján Tomko
fdd48f5b73 util: add virBufferTrimChars
A new helper for trimming combinations of specified characters from
the tail of the buffer.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-15 17:10:20 +01:00
Pavel Hrdina
7d60846962 vircgroupv2devices: free BPF map when replacing with new one
This leaks the FD of BPF map which means it will not be freed.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2020-01-13 15:17:54 +01:00
Thomas Huth
bfd5f69d60 qemu_capabilities: Do not report USB as subsystem type if it is not available
libvirt currently always reports that USB is available as a bus subsystem
type when running "virsh domcapabilities". However, this is not always
true, for example the qemu-system-s390x binary normally never has support
for USB. Thus we should only report that USB is available if there is
also a USB host controller available where we can attach USB devices.

Reported-by: Sebastian Mitterle <smitterl@redhat.com>
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1759849
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-13 13:53:23 +01:00
Thomas Huth
177fbcdfaa domain_conf: Do not use USB by default for <input> devices on s390x
When trying to specify an input device on s390x without bus like this:

 <input type='keyboard'/>

... then libvirt currently complains:

 error: unsupported configuration: USB is disabled for this domain,
 but USB devices are present in the domain XML

This is somewhat confusing since the user did not specify an USB
device here. Since USB is not available on s390x, we should default
to the "virtio" bus here instead.

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1790189
Signed-off-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-13 13:39:37 +01:00
Peter Krempa
3f2d167d9c conf: Always format storage source auth and encryption under <source> for backing files
Historically there are two places where we format authentication and
encryption for a disk. The logich which formats it for backing files was
flawed though and didn't format it at all. This worked if the image
became a backing file through the means of a snapshot but not directly.

Force formatting of the source and encryption for any non-disk case to
fix the issue.

This caused problems in many places as we use the formatter to copy the
definition. Effectively any copy lost the secret definition.

https://bugzilla.redhat.com/show_bug.cgi?id=1789310
https://bugzilla.redhat.com/show_bug.cgi?id=1788898

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2020-01-13 12:53:58 +01:00
Michal Privoznik
4a09c143f6 virerror: Make it easier to add new error number
In v5.0.0-rc1~94 we switched from one huge switch() to an array
for translating error numbers into error messages. However, the
array is declared to have VIR_ERR_NUMBER_LAST items which makes
it impossible to spot this place by compile checking when adding
new error number.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-10 13:53:32 +01:00
Peter Krempa
30867fb098 util: storage: Link to knowledge base when reporting missing image backing format
Mention the knowledge base article which has tips how to fix the backing
chain to work with current libvirt.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-10 12:49:03 +01:00
Michael Weiser
5373f63b30 qemu: Warn of restore with managed save being risky
Internal snapshots of a non-running domain do not carry any memory state
and restoring such a snapshot will not replace existing saved memory
state. This allows a scenario, where a user first suspends a domain into
managedsave, restores a non-running snapshot and then resumes the domain
from managedsave. After that, the guest system will run with its
previous memory state atop a different disk state. The most obvious
possible fallout from this is extensive file system corruption. Swap
content and RAID bitmaps might also be off.

This has been discussed[1] and fixed[2] from the end-user perspective for
virt-manager.

This patch marks the restore operation as risky at the libvirt level,
requiring the user to remove the saved memory state first or force the
operation.

[1] https://www.redhat.com/archives/virt-tools-list/2019-November/msg00011.html
[2] https://www.redhat.com/archives/virt-tools-list/2019-December/msg00049.html

Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-10 10:36:33 +01:00
Jiri Denemark
e0127260fb qemu: Don't use NULL path from qemuDomainGetHostdevPath
Commit v5.10.0-290-g3a4787a301 refactored qemuDomainGetHostdevPath to
return a single path rather than an array of paths. When the function is
called on a missing device, it will now return NULL in @path rather than
a NULL array with zero items and the callers need to be adapted
properly.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-10 09:12:57 +01:00
Daniel P. Berrangé
e90a643c90 tests: avoid probing host CPU from bhyve test
bhyveargv2xmlmock calls virBhyveCapsBuild which in turn
calls virCPUProbeHost, probing the real host CPU. This
causes a test failure if the host CPU happens to contain
the 'arch-capabilities' feature as it triggers a call
to virHostCPUGetMSR() which fails on FreeBSD.

Fortunately we already have convenient code for mocking
the host CPU probing.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-09 18:05:17 +00:00
Michal Privoznik
832656fa8e bhyve_parse_command: Undefine CONSUME_ARG macro when no longer needed
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-08 12:55:10 +01:00
Michal Privoznik
cbb3bbc66a bhyve_parse_command.c: Don't jump onto non-existent label in CONSUME_ARG()
In v5.10.0-508-gfbf3f3d86a, the 'error' label was removed from
bhyveParseBhyveCommandLine(), however the CONSUME_ARG() macro
still uses it. Fix the macro to return an error instead.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-08 12:54:33 +01:00
Ján Tomko
264ec9da43 qemu: fix implicit fallthrough warning
src/qemu/qemu_domain_address.c:680:13: error: this statement may fall through [-Werror=implicit-fallthrough=]
             switch ((virDomainFSModel) dev->data.fs->model) {

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Fixes: f363af7e35
2020-01-08 10:41:11 +01:00
Michal Privoznik
08cb201dcc vz: Don't try to jump on a non-existent label in prlsdkRemoveBootDevices()
Commit v5.10.0-522-g9000b2f298 was too aggressive and removed the
'error' label from prlsdkRemoveBootDevices() even though it's
used. Luckily, it's used only from one place and we have an
alternative for it that doesn't require the label.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-01-08 10:14:55 +01:00
Michal Privoznik
8fcee47807 qemu_firmware: Accept int in qemuFirmwareOSInterfaceTypeFromOsDefFirmware()
The point of this function is to translate virDomainOsDefFirmware
enum to qemuFirmwareOSInterface enum. However, with my commit
v5.10.0-507-g8e1804f9f6 we are passing a variable type of
virDomainLoader enum. Make the function accept both enums and
make the enum members correspond to each other.

This fixes clang build.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-01-08 10:14:55 +01:00
Ján Tomko
f6d7d8612d qemu: command: take fsdriver type into account
Split the formatting by fsdriver type to allow adding a new type.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-08 09:51:01 +01:00
Ján Tomko
f363af7e35 qemu: address: take fsdriver type into account
Split the switch by fsdriver type to allow adding a new one.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-08 09:51:01 +01:00
Ján Tomko
83f046458e qemu: pass private data to qemuBuildFilesystemCommandLine
This will be used by a future patch.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-08 09:51:01 +01:00
Ján Tomko
801e6da29c qemu: add private data to virDomainFSDef
Wire up the allocation and disposal of private data.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-08 09:51:01 +01:00
Ján Tomko
5120577ed7 conf: add private data to virDomainFSDef
Add an object to hold the private data and call the
allocation function if it's present in xmlopt.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-08 09:51:01 +01:00
Ján Tomko
a2430cc544 conf: add xmlopt to virDomainFSDefNew
This will be needed in the future for allocating private data.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-08 09:51:00 +01:00
Ján Tomko
adadc342c3 qemu: rename gluster_debug_entry
Remove the 'gluster' part and decouple the return from
the gluster_debug_level parsing to allow adding more options
to this section.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-08 09:51:00 +01:00
Ján Tomko
d7c5679bc1 build: error out when check-augeas fails
Fixes: 2ffbdabb85

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-08 09:51:00 +01:00
Peter Krempa
c314222a01 qemu: backup: Move capability check after inactive check
Inactive VM doesn't have qemuCaps set thus we'd never properly report
that VM backups are supported only for running VMs.

Move the capability check after the active check.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-08 07:10:46 +01:00
Michal Privoznik
35d603d5ae remote_daemon: Initialize host boot time global variable
This is not strictly needed, but it makes sure we initialize the
@bootTime global variable. Thing is, in order to validate XATTRs
and prune those set in some previous runs of the host, a
timestamp is recorded in XATTRs. The host boot time was unique
enough so it was chosen as the timestamp value. And to avoid
querying and parsing /proc/uptime every time, the query function
does that only once and stores the boot time in a global
variable. However, the only time the query function is called is
in a child process that does lock files and changes seclabels. So
effectively, we are doing exactly what we wanted to prevent from
happening.

The fix is simple, call the virHostBootTimeInit() function which
sets the global variable.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2020-01-07 17:02:43 +01:00
Michal Privoznik
9d69bc19b9 virhostuptime: Introduce virHostBootTimeInit()
The idea is to offer callers an init function that they can call
independently to ensure that the global variables get
initialized.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2020-01-07 17:00:10 +01:00
Michal Privoznik
40a65ab4a9 virt-aa-helper: Drop unused variable in verify_xpath_context()
After one of previous commits (v5.10.0-524-gce56408e5f) there is
a variable left unused in verify_xpath_context() which breaks the
build.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2020-01-07 16:55:50 +01:00
Daniel Henrique Barboza
9b1007d004 logging: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
a3645a4747 util: remove unneeded labels
Remove unneeded, easy to remove goto labels (cleanup|error|done|...).

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
ce56408e5f security: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
5731181fbd vbox: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
9000b2f298 vz/vz_sdk.c: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
21ad56e932 qemu: remove unneeded labels
Remove unneeded, easy to remove goto labels (cleanup|error|done|...).

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
049ddf57da openvz: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
29a760a97a secret/secret_driver.c: remove unneeded label
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
c57d01479d node_device: remove unneeded labels
gather_scsi_host_cap() in node_device_hal.c can be greatly
simplified, given that the 'out' label is always getting
hit regardless of 'retval', which can also be eliminated.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
dbc39858bd lxc: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
f7da2c19a9 cpu/cpu_ppc64.c: remove unneeded label
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
5a90f05533 locking/lock_driver_lockd.c: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
4e135e5ea5 hyperv/hyperv_wmi.c: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
1fa9f75cd5 remote/remote_daemon_config.c: remove unneeded label
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
54370ad9d9 nwfilter: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
05a18bbb07 storage: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
8ba6dd13c7 test/test_driver.c: remove unneeded labels
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
a7c024e26d conf: remove unneeded labels
Remove unneeded, easy to remove goto labels (cleanup|error|done|...).

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Daniel Henrique Barboza
fbf3f3d86a bhyve: remove unneeded labels
Labels that are simply a jump to a 'return' call are
unneeded and can be replaced by the return value instead.

Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-01-07 16:40:41 +01:00
Michal Privoznik
8e1804f9f6 qemu_firmware: Try to autofill for old style UEFI specification
While we discourage people to use the old style of specifying
UEFI for their domains (the old style is putting path to the FW
image under /domain/os/loader/ whilst the new one is using
/domain/os/@firmware), some applications might have not adapted
yet. They still rely on libvirt autofilling NVRAM path and
figuring out NVRAM template when using the old way (notably
virt-install does this). We must preserve backcompat for this
previously supported config approach. However, since we really
want distro maintainers to leave --with-loader-nvram configure
option and rely on JSON descriptors, we need to implement
autofilling of NVRAM template for the old way too.

Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1782778
RHEL: https://bugzilla.redhat.com/show_bug.cgi?id=1776949

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 16:26:47 +01:00
Michal Privoznik
7c5264d2be src: Introduce and use virDomainDefHasOldStyleUEFI() and virDomainDefHasOldStyleROUEFI()
These functions are meant to replace verbose check for the old
style of specifying UEFI with a simple function call.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 16:26:47 +01:00
Michal Privoznik
57f9067ca3 qemu_firmware: Introduce @want variable to qemuFirmwareMatchDomain()
This simplifies condition when matching FW interface by having a
single line condition instead of multiline one. Also, it prepares
the code for future expansion.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 16:26:47 +01:00
Michal Privoznik
50d7465f3d qemu_firmware: Pass virDomainDef into qemuFirmwareFillDomain()
This function needs domain definition really, we don't need to
pass the whole domain object. This saves couple of dereferences
and characters esp. in more checks to come.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 16:26:47 +01:00
Daniel P. Berrangé
f08d5dada4 util: introduce compile time API version checking
GLib header files annotate every API with a version number.

It is possible to define some constants before including
glib.h which will result in useful compile time warnings.

Setting GLIB_VERSION_MIN_REQUIRED will result in a warning
if libvirt uses an API that was deprecated in the declared
version, or before. Such API usage should be rewritten to
use the documented new replacement API.

Setting GLIB_VERSION_MAX_ALLOWED will result in a warning
if libvirt uses an API that was not introduced until a
version of GLib that's newer than our minimum declared
version. This avoids accidentally using functionality
that is not available on some supported platforms.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 14:42:26 +00:00
Daniel P. Berrangé
fcea025d0e src: remove use of g_date_time_new_from_iso8601 function
The g_date_time_new_from_iso8601() function was introduced as
a replacement for strptime in

  commit 810613a60e
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Mon Dec 23 15:37:26 2019 +0000

    src: replace strptime()/timegm()/mktime() with GDateTime APIs set

Unfortunately g_date_time_new_from_iso8601 isn't available until
glib 2.56, and backporting it requires alot of code copying and
poking at private glib structs.

This reverts domain_conf.c back to its original parsing logic prior
to 810613a60e, but using g_date_time_new()
instead of gmtime(). The other files are then adapted to follow a
similar approach.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 14:42:26 +00:00
Daniel P. Berrangé
d6f7d1a4d6 util: add compat impl of g_canonicalize_filename
g_canonicalize_filename was not introduced until glib 2.58
so we need a temporary backport of its impl.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 14:42:26 +00:00
Daniel P. Berrangé
9c28d6cc3a util: fix indent depth for glib compat impls
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 14:42:26 +00:00
Daniel P. Berrangé
b14ad26738 util: keep glib compat methods in alphabetical order
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 14:42:26 +00:00
Daniel P. Berrangé
14c136443c util: always replace g_fsync usage with our wrapper
g_fsync was introduced in 2.63 which is newer than our minimum
glib version. A future commit will introduce compile time
checking of API versions to prevent accidental usage of APIs
from glib newer than our min declared.

To avoid triggering this warning, however, we need to ensure
that we always use our wrapper function via glibcompat.c,
which will disable the API version warnings.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 14:42:26 +00:00
Sebastian Mitterle
97c7f3ead4 security: improve security driver error message
Currently, when security driver is not available users are informed that
it wasn't found which can be confusing.
1. Update error message
2. Add comment to domain doc

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by Sebastian Mitterle <smitterl@redhat.com>
2020-01-07 14:44:32 +00:00
Dominick Grift
c0236d1c84 selinux: Use fd_path instead of /dev/tap* to get context
/dev/tap* is an invalid path but it works with lax policy.
Make it work with more accurate policy as well

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dominick Grift <dac.override@gmail.com>
2020-01-07 14:44:32 +00:00
Peter Krempa
a4877192a1 qemu: backup: roll-back checkpoint metadata if the checkpoint wasn't taken
We insert the checkpoint metadata into the list of checkpoints prior to
actually creating the on-disk bits. If the 'transaction' or any other
steps done between inserting the checkpoint and creating the on-disk
data fail we'd end up with an unusable checkpoint that would vanish
after libvirtd restart.

Prevent this by rolling back the metadata if we didn't actually take and
record the checkpoint.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 15:20:14 +01:00
Peter Krempa
54dd75ec8d qemu: checkpoint: Extract and export rollback of checkpoint metadata storing
If we are certain that the checkpoint creation failed we remove the
metadata from the list. To allow reusing this in the backup code add a
new helper and export it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-07 15:19:58 +01:00
Jiri Denemark
b570139909 cpu_map/x86: Add support for BFLOAT16 data type
Introduced in QEMU by commit v4.1.0-266-g80db491da4.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-01-07 09:07:40 +01:00
Michal Privoznik
529100d9f7 vircgroupv2devices: Avoid double close on map FD
When allowing/denying a device in devices CGroupV2 we have to
write a BPF program for it. The program we put there is merely
static and all it does it looks up a device in a hash table (also
known as map in BPF terminology). A map is referenced via an FD
which can be acquired via virBPFCreateMap() and like any other FD
it should be closed when no longer needed. However, we close it
twice: the first time in virCgroupV2DevicesAttachProg() which
closes it unconditionally, and the second time in either
virCgroupV2DevicesCreateProg() or
virCgroupV2DevicesPrepareProg(). Remove the second close.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2020-01-06 17:30:17 +01:00
Michal Privoznik
ff878fe77c vircgroupv2devices: Unexport virCgroupV2DevicesAttachProg()
This function is not called outside of the source file where it's
defined. There's no need to export it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2020-01-06 17:30:17 +01:00
Wang Huaqiang
65a63d8864 Introduce command 'virsh domstats --memory' for reporting memory BW
Introduce an option '--memory' for showing memory related
information. The memory bandwidth infomatio is listed as:

Domain: 'libvirt-vm'
 memory.bandwidth.monitor.count=4
 memory.bandwidth.monitor.0.name=vcpus_0-4
 memory.bandwidth.monitor.0.vcpus=0-4
 memory.bandwidth.monitor.0.node.count=2
 memory.bandwidth.monitor.0.node.0.id=0
 memory.bandwidth.monitor.0.node.0.bytes.total=10208067584
 memory.bandwidth.monitor.0.node.0.bytes.local=4807114752
 memory.bandwidth.monitor.0.node.1.id=1
 memory.bandwidth.monitor.0.node.1.bytes.total=8693735424
 memory.bandwidth.monitor.0.node.1.bytes.local=5850161152
 memory.bandwidth.monitor.1.name=vcpus_7
 memory.bandwidth.monitor.1.vcpus=7
 memory.bandwidth.monitor.1.node.count=2
 memory.bandwidth.monitor.1.node.0.id=0
 memory.bandwidth.monitor.1.node.0.bytes.total=853811200
 memory.bandwidth.monitor.1.node.0.bytes.local=290701312
 memory.bandwidth.monitor.1.node.1.id=1
 memory.bandwidth.monitor.1.node.1.bytes.total=406044672
 memory.bandwidth.monitor.1.node.1.bytes.local=229425152

Signed-off-by: Wang Huaqiang <huaqiang.wang@intel.com>
2020-01-06 14:04:10 +00:00
Wang Huaqiang
5d876f25bd util, resctrl: using 64bit interface instead of 32bit for counters
The underlying resctrl monitoring is actually using 64 bit counters,
not the 32bit one. Correct this by using 64bit data type for reading
hardware value.

To keep the interface consistent, the result of CPU last level cache
that occupied by vcpu processors of specific restrl monitor group is
still reported with a truncated 32bit data type. because, in silicon
world, CPU cache size will never exceed 4GB.

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Wang Huaqiang <huaqiang.wang@intel.com>
2020-01-06 13:30:03 +00:00
Peter Krempa
76592c596a util: time: Fix comment for virTimeFieldsNow
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2020-01-06 10:33:35 +01:00
Peter Krempa
5632ed8bad qemu: process: Terminate backup job on VM destroy
Commit d75f865fb9 caused a job-deadlock if
a VM is running the backup job and being destroyed as it removed the
cleanup of the async job type and there was nothing to clean up the
backup job.

Add an explicit cleanup of the backup job when destroying a VM.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-06 10:15:36 +01:00
Peter Krempa
bc8b159cb1 qemu: backup: Properly propagate async job type when cancelling the job
When cancelling the blockjobs as part of failed backup job startup
recover we didn't pass in the correct async job type. Luckily the block
job handler and cancellation code paths use no block job at all
currently so those were correct.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-06 10:15:36 +01:00
Peter Krempa
3a98fe9db3 qemu: blockjob: Remove infrastructure for remembering to delete image
Now that we delete the images elsewhere it's not required. Additionally
it's safe to do as we never released an upstream version which required
this being in place.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-06 10:15:36 +01:00
Peter Krempa
40485059ab qemu: backup: Move deletion of backup images to job termination
While qemu is running both locations are identical in semantics, but the
move will allow us to fix the scenario when the VM is destroyed or
crashes where we'd leak the images.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-06 10:15:35 +01:00
Peter Krempa
d6b994bafd qemu: backup: Configure backup store image with backing file
In contrast to snapshots the backup job does not complain when the
backup job's store file has backing pre-configured. It's actually
required so that the NBD server exposes all the data properly.

Remove our fake termination and use the existing disk source as backing.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-06 10:15:35 +01:00
Peter Krempa
728b993c8a qemu: Reset the node-name allocator in qemuDomainObjPrivateDataClear
qemuDomainObjPrivateDataClear clears state which become invalid after VM
stopped running and the node name allocator belongs there.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-06 10:15:35 +01:00
Peter Krempa
bae81b8e76 qemu: block: Use proper asyncJob when waiting for completion of blockdev-create
The waiting loop used QEMU_ASYNC_JOB_NONE rather than 'asyncJob' passed
from the caller.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-06 10:15:35 +01:00
Daniel P. Berrangé
810613a60e src: replace strptime()/timegm()/mktime() with GDateTime APIs set
All places where we use strptime/timegm()/mktime() are handling
conversion of dates in a format compatible with ISO 8601, so we
can use the GDateTime APIs to simplify code.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
f6a750e678 src: replace WSAStartup with g_networking_init()
g_networking_init() does the same as our custom code.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
26d9748ff1 util: replace gethostname() with g_get_hostname()
Note the glib function returns a const string because it
caches the hostname using a one time thread initializer
function.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
b4d601ba87 util: use realpath/g_canonicalize_filename
The canonicalize_file_name(path) is equivalent to calling
realpath(path, NULL). Passing NULL for the second arg of
realpath is not standardized behaviour, however, Linux,
FreeBSD > 6.4 and macOS > 10.5 all support this critical
extension.

This leaves Windows which doesn't provide realpath at all.
The g_canonicalize_filename() function doesn't expand
symlinks, so is not strictly equivalent to realpath()
but is close enough for our Windows portability needs
right now.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
0b4598b183 src: replace getcwd() with g_get_current_dir()
commandhelper.c is not converted since this is a standalone
program only run on UNIX, so can rely on getcwd().

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
8812163124 src: remove unused imports of dirname.h
A few places were importing dirname.h without actually using it.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
bf7d2a26a3 src: replace mdir_name() with g_path_get_dirname()
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
472cc3941b util: replace IS_ABSOLUTE_FILE_NAME with g_path_is_absolute
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
12d17dcc26 src: replace last_component() with g_path_get_basename()
The last_component() method is a GNULIB custom function
that returns a pointer to the base name in the path.
This is similar to g_path_get_basename() but without the
malloc. The extra malloc is no trouble for libvirt's
needs so we can use g_path_get_basename().

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
f5e9bdb87f src: replace clock_gettime()/gettimeofday() with g_get_real_time()
g_get_real_time() returns the time since epoch in microseconds.
It uses gettimeofday() internally while libvirt used clock_gettime
because it is declared async signal safe. In practice gettimeofday
is also async signal safe *provided* the timezone parameter is
NULL. This is indeed the case in g_get_real_time().

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
f7df985684 src: switch from fnmatch to g_pattern_match_simple
The g_pattern_match function_simple is an acceptably close
approximation of fnmatch for libvirt's needs.

In contrast to fnmatch(), the '/' character can be matched
by the wildcards, there are no '[...]' character ranges and
'*' and '?' can not be escaped to include them literally in
a pattern.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
d0312c584f src: use g_lstat() instead of lstat()
The GLib g_lstat() function provides a portable impl for
Win32.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:13 +00:00
Daniel P. Berrangé
ea7b20a263 util: introduce virFileDataSync
A wrapper that calls g_fsync on Win32/macOS and fdatasync
elsewhere. g_fsync is a stronger flush than we need but it
satisfies the caller's requirements & matches the approach
gnulib takes.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:12 +00:00
Daniel P. Berrangé
dac174ee07 src: use g_fsync for portability
The g_fsync() API provides the same Windows portability
as GNULIB does for fsync().

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:12 +00:00
Daniel P. Berrangé
41d9bba57e util: add compat wrapper for g_fsync
g_fsync isn't available until 2.63 so we need a compat
wrapper temporarily.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:12 +00:00
Daniel P. Berrangé
2c33532423 src: switch to use g_setenv/g_unsetenv
Eliminate direct use of normal setenv/unsetenv calls in
favour of GLib's wrapper. This eliminates two gnulib
modules

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:12 +00:00
Daniel P. Berrangé
4eed65abec src: always pull in glib/gstdio.h header
The gstdio.h header defines some low level wrappers for
things like fsync, stat, lstat, etc.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:12 +00:00
Daniel P. Berrangé
0e09706844 util: add note about event file descriptors on Windows
When using GNULIB with Winsock, libvirt will never see the normal HANDLE
objects, instead GNULIB guarantees that libvirt gets a C runtime file
descriptor. The GNULIB poll impl also expects to get C runtime file
descriptors rather than HANDLE objects. Document this behaviour so that
it is clear to applications providing event loop implementations if they
need Windows portability.

Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-03 15:42:12 +00:00
Nikolay Shirokovskiy
6c6d93bc62 qemu: hide details of fake reboot
If we use fake reboot then domain goes thru running->shutdown->running
state changes with shutdown state only for short period of time.  At
least this is implementation details leaking into API. And also there is
one real case when this is not convinient. I'm doing a backup with the
help of temporary block snapshot (with the help of qemu's API which is
used in the newly created libvirt's backup API). If guest is shutdowned
I want to continue to backup so I don't kill the process and domain is
in shutdown state. Later when backup is finished I want to destroy qemu
process. So I check if it is in shutdowned state and destroy it if it
is. Now if instead of shutdown domain got fake reboot then I can destroy
process in the middle of fake reboot process.

After shutdown event we also get stop event and now as domain state is
running it will be transitioned to paused state and back to running
later. Though this is not critical for the described case I guess it is
better not to leak these details to user too. So let's leave domain in
running state on stop event if fake reboot is in process.

Reconnection code handles this patch without modification. It detects
that qemu is not running due to shutdown and then calls qemuProcessShutdownOrReboot
which reboots as fake reboot flag is set.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-12-24 09:22:40 +03:00
Yi Li
546e1c112d Storage: Use errno parameter in virReportSystemError
Use errno parameter in virReportSystemError.
Remove hold function return values if don't need.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Yi Li <yili@winhong.com>
2019-12-23 14:29:46 -05:00
Yi Li
a9eaaccd22 storage: Fix volStorageBackendRBDRefreshVolInfo function return errors
Fix the return value status comparison checking for call to
volStorageBackendRBDRefreshVolInfo introduced by commit id f46d137e.

we only should fail when the return is < 0. -ENOENT, -ETIMEDOUT will
ignore according commit id f46d137e.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Yi Li <yili@winhong.com>
2019-12-23 14:29:46 -05:00
Yi Li
c898bda969 Storage: Use rc hold intermediate function return values.
most libvirt code uses 'int rc' to hold intermediate
function return values. consistent with the rest of libvirt.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Yi Li <yili@winhong.com>
2019-12-23 14:29:46 -05:00
Daniel P. Berrangé
42b3e5b9e4 qemu: store the emulator name in the capabilities XML
We don't need this for any functional purpose, but when debugging hosts
it is useful to know what binary a given capabilities XML document is
associated with.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-12-23 16:39:38 +00:00
Daniel P. Berrangé
0fcc78d51b qemu: add qemu caps constructor which takes binary name
Simplify repeated code patterns by providing a new constructor taking
the QEMU binary name.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-12-23 16:39:36 +00:00
Daniel P. Berrangé
25db737471 qemu: add explicit flag to skip qemu caps invalidation
Currently if the binary path is NULL in the qemu capabilities object,
cache invalidation is skipped. A future patch will ensure that the
binary path is always non-NULL, so a way to explicitly skip invalidation
is required.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-12-23 16:39:20 +00:00
Yi Li
dfff16a7c2 storage: Fix daemon crash on lookup storagepool by targetpath
Causing a crash when storagePoolLookupByTargetPath beacuse of
Some types of storage pool have no target elements.
Use STREQ_NULLABLE instead of STREQ
Avoids segfaults when using NULL arguments.

Core was generated by `/usr/sbin/libvirtd'.
Program terminated with signal 11, Segmentation fault.
(gdb) bt
0  0x0000ffff9e951388 in strcmp () from /lib64/libc.so.6
1  0x0000ffff92103e9c in storagePoolLookupByTargetPathCallback (
    obj=0xffff7009aab0, opaque=0xffff801058b0) at storage/storage_driver.c:1649
2  0x0000ffff9f2c52a4 in virStoragePoolObjListSearchCb (
    payload=0xffff801058b0, name=<optimized out>, opaque=<optimized out>)
    at conf/virstorageobj.c:476
3  0x0000ffff9f1f2f7c in virHashSearch (ctable=0xffff800f4f60,
    iter=iter@entry=0xffff9f2c5278 <virStoragePoolObjListSearchCb>,
    data=data@entry=0xffff95af7488, name=name@entry=0x0) at util/virhash.c:696
4  0x0000ffff9f2c64f0 in virStoragePoolObjListSearch (pools=0xffff800f2ce0,
    searcher=searcher@entry=0xffff92103e68 <storagePoolLookupByTargetPathCallback>,
     opaque=<optimized out>) at conf/virstorageobj.c:505
5  0x0000ffff92101f54 in storagePoolLookupByTargetPath (conn=0xffff5c0009f0,
path=0xffff7009a850 "/vms/images") at storage/storage_driver.c:1672

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Yi Li <yili@winhong.com>
2019-12-22 17:20:54 -05:00
Daniel Henrique Barboza
7a7d36055c qemu_process.c: remove 'cleanup' label from qemuProcessCreatePretendCmd()
The 'cleanup' flag is doing no cleaup in this function. We can
remove it and return NULL on error or qemuBuildCommandLine().

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2019-12-20 18:31:51 -05:00
Daniel Henrique Barboza
d8eb3ab9e1 qemu_process.c: remove cleanup labels after g_auto*() changes
The g_auto*() changes made by the previous patches made a lot
of 'cleanup' labels obsolete. Let's remove them.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2019-12-20 18:31:51 -05:00
Daniel Henrique Barboza
d234efc59a qemu_process.c: use g_autoptr()
Change all feasible pointers to use g_autoptr().

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2019-12-20 18:31:51 -05:00
Daniel Henrique Barboza
906d653297 qemu_domain.h: add G_DEFINE_AUTOPTR_CLEANUP_FUNC for qemuDomainLogContext
This will allow us to g_autoptr qemuDomainLogContext pointers
in the following patch.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2019-12-20 18:31:51 -05:00
Daniel Henrique Barboza
982ea95142 qemu_process.c: use g_autofree
Change all feasible strings and scalar pointers to use g_autofree.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
2019-12-20 18:31:51 -05:00
Fabiano Fidêncio
290c1ea733 vbox: Get rid of "no_memory" labels
As pointed out by Ján Tomko, "no_memory seems suspicious in the times of
abort()".

As libvirt decided to take the path to not report OOM and simply abort
when it happens, let's get rid of the no_memory labels and simplify the
code around them.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-12-20 17:02:40 -05:00
Fabiano Fidêncio
cee3a900a0 util: Get rid of "no_memory" labels
As pointed out by Ján Tomko, "no_memory seems suspicious in the times of
abort()".

As libvirt decided to take the path to not report OOM and simply abort
when it happens, let's get rid of the no_memory labels and simplify the
code around them.

Mind that virfirewall.c was not touched and still contains no_memory
labels. The reason those are left behind, at least for now, is because
the conversion seems to be slightly more complicated than the rest, as
some other places are relying on firewall->err being set to ENOMEM.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-12-20 17:02:40 -05:00
Fabiano Fidêncio
c671e03ffa rpc: Get rid of "no_memory" labels
As pointed out by Ján Tomko, "no_memory seems suspicious in the times of
abort()".

As libvirt decided to take the path to not report OOM and simply abort
when it happens, let's get rid of the no_memory labels and simplify the
code around them.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-12-20 17:02:40 -05:00
Fabiano Fidêncio
e08cc72ec8 openvz: Get rid of "no_memory" labels
As pointed out by Ján Tomko, "no_memory seems suspicious in the times of
abort()".

As libvirt decided to take the path to not report OOM and simply abort
when it happens, let's get rid of the no_memory labels and simplify the
code around them.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-12-20 17:02:40 -05:00