Commit Graph

757 Commits

Author SHA1 Message Date
Laine Stump
d8bd837669 qemu: add a USB3 controller to Q35 domains by default
Previously we added a set of EHCI+UHCI controllers to Q35 machines to
mimic real hardware as closely as possible, but recent discussions
have pointed out that the nec-usb-xhci (USB3) controller is much more
virtualization-friendly (uses less CPU), so this patch switches the
default for Q35 machinetypes to add an XHCI instead (if it's
supported, which it of course *will* be).

Since none of the existing test cases left out USB controllers in the
input XML, a new Q35 test case was added which has *no* devices, so
ends up with only the defaults always put in by qemu, plus those added
by libvirt.
2016-11-14 14:22:23 -05:00
Laine Stump
0702f48ef4 qemu: auto-add pcie-root-port/dmi-to-pci-bridge controllers as needed
Previously libvirt would only add pci-bridge devices automatically
when an address was requested for a device that required a legacy PCI
slot and none was available. This patch expands that support to
dmi-to-pci-bridge (which is needed in order to add a pci-bridge on a
machine with a pcie-root), and pcie-root-port (which is needed to add
a hotpluggable PCIe device). It does *not* automatically add
pcie-switch-upstream-ports or pcie-switch-downstream-ports (and
currently there are no plans for that).

Given the existing code to auto-add pci-bridge devices, automatically
adding pcie-root-ports is fairly straightforward. The
dmi-to-pci-bridge support is a bit tricky though, for a few reasons:

1) Although the only reason to add a dmi-to-pci-bridge is so that
   there is a reasonable place to plug in a pci-bridge controller,
   most of the time it's not the presence of a pci-bridge *in the
   config* that triggers the requirement to add a dmi-to-pci-bridge.
   Rather, it is the presence of a legacy-PCI device in the config,
   which triggers auto-add of a pci-bridge, which triggers auto-add of
   a dmi-to-pci-bridge (this is handled in
   virDomainPCIAddressSetGrow() - if there's a request to add a
   pci-bridge we'll check if there is a suitable bus to plug it into;
   if not, we first add a dmi-to-pci-bridge).

2) Once there is already a single dmi-to-pci-bridge on the system,
   there won't be a need for any more, even if it's full, as long as
   there is a pci-bridge with an open slot - you can also plug
   pci-bridges into existing pci-bridges. So we have to make sure we
   don't add a dmi-to-pci-bridge unless there aren't any
   dmi-to-pci-bridges *or* any pci-bridges.

3) Although it is strongly discouraged, it is legal for a pci-bridge
   to be directly plugged into pcie-root, and we don't want to
   auto-add a dmi-to-pci-bridge if there is already a pci-bridge
   that's been forced directly into pcie-root.

Although libvirt will now automatically create a dmi-to-pci-bridge
when it's needed, the code still remains for now that forces a
dmi-to-pci-bridge on all domains with pcie-root (in
qemuDomainDefAddDefaultDevices()). That will be removed in a future
patch.

For now, the pcie-root-ports are added one to a slot, which is a bit
wasteful and means it will fail after 31 total PCIe devices (30 if
there are also some PCI devices), but helps keep the changeset down
for this patch. A future patch will have 8 pcie-root-ports sharing the
functions on a single slot.
2016-11-14 14:19:36 -05:00
Laine Stump
5266426b21 qemu: assign nec-xhci (USB3) controller to a PCIe address when appropriate
The nec-usb-xhci device (which is a USB3 controller) has always
presented itself as a PCI device when plugged into a legacy PCI slot,
and a PCIe device when plugged into a PCIe slot, but libvirt has
always auto-assigned it to a legacy PCI slot.

This patch changes that behavior to auto-assign to a PCIe slot on
systems that have pcie-root (e.g. Q35 and aarch64/virt).

Since we don't yet auto-create pcie-*-port controllers on demand, this
means a config with an nec-xhci USB controller that has no PCI address
assigned will also need to have an otherwise-unused pcie-*-port
controller specified:

   <controller type='pci' model='pcie-root-port'/>
   <controller type='usb' model='nec-xhci'/>

(this assumes there is an otherwise-unused slot on pcie-root to accept
the pcie-root-port)
2016-11-14 14:18:06 -05:00
Laine Stump
c7fc151eec qemu: assign virtio devices to PCIe slot when appropriate
libvirt previously assigned nearly all devices to a "hotpluggable"
legacy PCI slot even on machines with a PCIe root bus (and even though
most such machines don't even support hotplug on legacy PCI slots!)
Forcing all devices onto legacy PCI slots means that the domain will
need a dmi-to-pci-bridge (to convert from PCIe to legacy PCI) and a
pci-bridge (to provide hotpluggable legacy PCI slots which, again,
usually aren't hotpluggable anyway).

To help reduce the need for these legacy controllers, this patch tries
to assign virtio-1.0-capable devices to PCIe slots whenever possible,
by setting appropriate connectFlags in
virDomainCalculateDevicePCIConnectFlags(). Happily, when that function
was written (just a few commits ago) it was created with a
"virtioFlags" argument, set by both of its callers, which is the
proper connectFlags to set for any virtio-*-pci device - depending on
the arch/machinetype of the domain, and whether or not the qemu binary
supports virtio-1.0, that flag will have either been set to PCI or
PCIe. This patch merely enables the functionality by setting the flags
for the device to whatever is in virtioFlags if the device is a
virtio-*-pci device.

NB: the first virtio video device will be placed directly on bus 0
slot 1 rather than on a pcie-root-port due to the override for primary
video devices in qemuDomainValidateDevicePCISlotsQ35(). Whether or not
to change that is a topic of discussion, but this patch doesn't change
that particular behavior.

NB2: since the slot must be hotpluggable, and pcie-root (the PCIe root
complex) does *not* support hotplug, this means that suitable
controllers must also be in the config (i.e. either pcie-root-port, or
pcie-downstream-port). For now, libvirt doesn't add those
automatically, so if you put virtio devices in a config for a qemu
that has PCIe-capable virtio devices, you'll need to add extra
pcie-root-ports yourself. That requirement will be eliminated in a
future patch, but for now, it's simple to do this:

   <controller type='pci' model='pcie-root-port'/>
   <controller type='pci' model='pcie-root-port'/>
   <controller type='pci' model='pcie-root-port'/>
   ...

Partially Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1330024
2016-11-14 14:16:12 -05:00
Peter Krempa
810e9a8061 conf: Allow specifying only the slot number for hotpluggable memory
Simplify handling of the 'dimm' address element by allowing to specify
the slot number only. This will allow libvirt to allocate slot numbers
before starting qemu.
2016-11-10 17:36:55 +01:00
Prasanna Kumar Kalever
e66603539b qemu: command: Add debug option for gluster volumes
Propagate the selected or default level to qemu if it's supported.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1376009

Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2016-11-09 16:52:40 +01:00
Martin Kletzander
06524fd52c qemu: Support newer ivshmem device variants
QEMU added support for ivshmem-plain and ivshmem-doorbell.  Those are
reworked varians of legacy ivshmem that are compatible from the guest
POV, but not from host's POV and have sane specification and handling.

Details about the newer device type can be found in qemu's commit
5400c02b90bb:

  http://git.qemu.org/?p=qemu.git;a=commit;h=5400c02b90bb

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-11-02 17:36:17 +01:00
Gema Gomez
0701abcb3b qemu: Add support for using AES secret for SCSI hotplug
Support for virtio disks was added in commit id 'fceeeda', but not for
SCSI drives. Add the secret for the server when hotplugging a SCSI drive.
No need to make any adjustments for unplug since that's handled during
the qemuDomainDetachDiskDevice call to qemuDomainRemoveDiskDevice in
the qemuDomainDetachDeviceDiskLive switch.

Added a test to/for the command line processing to show the command line
options when adding a SCSI drive for the guest.
2016-10-26 08:07:15 -04:00
John Ferlan
daf5c651f0 qemu: Add a secret object to/for a char source dev
Add the secret object so the 'passwordid=' can be added if the command line
if there's a secret defined in/on the host for TCP chardev TLS objects.

Preparation for the secret involves adding the secinfo to the char source
device prior to command line processing. There are multiple possibilities
for TCP chardev source backend usage.

Add test for at least a serial chardev as an example.
2016-10-26 07:18:25 -04:00
John Ferlan
2db108c766 qemu: Add the length options to the iotune command line
Add in the block I/O throttling length/duration parameter to the command
line if supported. If not supported, fail command creation.

Add the xml2argvtest for testing.
2016-10-25 17:20:17 -04:00
Pavel Hrdina
0298531b29 domain: Add optional 'tls' attribute for TCP chardev
Add an optional "tls='yes|no'" attribute for a TCP chardev.

For QEMU, this will allow for disabling the host config setting of the
'chardev_tls' for a domain chardev channel by setting the value to "no" or
to attempt to use a host TLS environment when setting the value to "yes"
when the host config 'chardev_tls' setting is disabled, but a TLS environment
is configured via either the host config 'chardev_tls_x509_cert_dir' or
'default_tls_x509_cert_dir'

Signed-off-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-10-24 16:05:33 +02:00
John Ferlan
40b6f91900 qemu: Add 'verify-peer=yes' test for chardev TCP TLS
Missing the option to set verify-peer to yes

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-10-17 15:38:32 -04:00
Andrea Bolognani
61e101437b conf: Explain some code in more detail
The code is entirely correct, but it still managed to trip me
up when I first ran into it because I did not realize right away
that VIR_PCI_CONNECT_TYPES_ENDPOINT was not a single flag, but
rather a mask including both VIR_PCI_CONNECT_TYPE_PCI_DEVICE and
VIR_PCI_CONNECT_TYPE_PCIE_DEVICE.

In order to save the next distracted traveler in PCI Address Land
some time, document this fact with a comment. Add a test case for
the behavior as well.
2016-10-17 10:04:54 +02:00
Michal Privoznik
4a74ccdb92 qemuBuildInterfaceCommandLine: Move vhostuser handling a bit further
The idea is to have function that does some checking of the
arguments at its beginning and then have one big switch for all
the interface types it supports. Each one of them generating the
corresponding part of the command line.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-10-14 10:15:51 +08:00
Michal Privoznik
ec7f612a56 qemuBuildInterfaceCommandLine: Move hostdev handling a bit further
The idea is to have function that does some checking of the
arguments at its beginning and then have one big switch for all
the interface types it supports. Each one of them generating the
corresponding part of the command line.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-10-14 10:15:51 +08:00
Pavel Hrdina
fb8f3b1c22 qemu_command: add support to use virtio as secondary video device
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1369633

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-10-12 17:46:48 +02:00
Pavel Hrdina
4c029e8cfa qemu_command: properly detect which model to use for video device
This improves commit 706b5b6277 in a way that we check qemu capabilities
instead of what architecture we are running on to detect whether we can
use *virtio-vga* model or not.  This is not a case only for arm/aarch64.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-10-12 17:46:48 +02:00
Pavel Hrdina
33af92a91c qemu_process: always check capabilities for video devices
Before this patch we've checked qemu capabilities for video devices
only while constructing qemu command line using "-device" option.

Since we support qemu only if "-device" option is present we can use
the same capabilities to check also video devices while using "-vga"
option to construct qemu command line.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-10-12 17:46:47 +02:00
Pavel Hrdina
db4491571d qemu_capabilities: rename QEMU_CAPS_VIRTIO_GPU_VIRGL
We generally uses QEMU_CAPS_DEVICE_$NAME to probe for existence of some
device and QEMU_CAPS_$NAME_$PROP to probe for existence of some property
of that device.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-10-12 17:46:47 +02:00
Pavel Hrdina
05af6784b1 qemu_capabilities: mark QEMU_CAPS_VGA_QXL capability as deprecated
If QEMU in question supports QMP, this capability is set if
QEMU_CAPS_DEVICE_QXL was set based on existence of "-device qxl". If
libvirt needs to parse *help*, because there is no QMP support, it
checks for existence of "-vga qxl", but it also parses output of
"-device ?" and sets QEMU_CAPS_DEVICE_QXL too.

Now that libvirt supports only QEMU that has "-device" implemented it's
safe to drop this capability and stop using it.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-10-12 17:46:47 +02:00
Pavel Hrdina
34a4447bd4 qemu_capabilities: join capabilities for qxl and qxl-vga devices
This patch simplifies QEMU capabilities for QXL video device.  QEMU
exposes this device as *qxl-vga* and *qxl* and they are both the same
device with the same set of parameters, the only difference is that
*qxl-vga* includes VGA compatibility.

Based on QEMU code they are tied together so it's safe to check only for
presence of only one of them.

This patch also removes an invalid test case "video-qxl-sec-nodevice"
where there is only *qxl-vga* device and *qxl* device is not present.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-10-12 17:46:47 +02:00
Pavel Hrdina
e3bbdd9b06 tests: fix some QXL capability combinations that don't make sense
If one of QEMU_CAPS_DEVICE_QXL_VGA or QEMU_CAPS_DEVICE_QXL is set the
other one will always be set as well because both devices are tied
together in QEMU.

The change of args files is caused by the presence of capability
QEMU_CAPS_DEVICE_VIDEO_PRIMARY which means it's safe to use
"-device qxl-vga" instead of "-vga qxl", see commit (e3f2686b) and
by the fact that if QEMU_CAPS_VGA_QXL is set QEMU_CAPS_DEVICE_QXL_VGA
and QEMU_CAPS_DEVICE_QXL would be set too (since we support only qemu
with "-device" option).

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-10-12 17:46:47 +02:00
Daniel P. Berrange
5dee668632 qemu: fix command line building for iommu devices
The intel-iommu device has existed since QEMU 2.2.0, but
it was only possible to create it with -device since
QEMU 2.7.0, thanks to:

  commit 621d983a1f9051f4cfc3f402569b46b77d8449fc
  Author: Marcel Apfelbaum <marcel@redhat.com>
  Date:   Mon Jun 27 18:38:34 2016 +0300

    hw/iommu: enable iommu with -device

    Use the standard '-device intel-iommu' to create the IOMMU device.
    The legacy '-machine,iommu=on' can still be used.

The libvirt capability check & command line formatting code
is thus broken for all QEMU versions 2.2.0 -> 2.6.0 inclusive.

This fixes it to use iommu=on instead.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-10-07 16:52:35 +01:00
Jiri Denemark
c2c43912e4 qemu: Fix crash in qemucapsprobe
The qemucapsprobe helper calls virQEMUCapsNewForBinaryInternal with
caps == NULL, causing the following crash:

    Program received signal SIGSEGV, Segmentation fault.
    #0  0x00007ffff788775f in virQEMUCapsInitHostCPUModel
        (qemuCaps=qemuCaps@entry=0x649680, host=host@entry=0x10) at
        src/qemu/qemu_capabilities.c:2969
    #1  0x00007ffff7889dbf in virQEMUCapsNewForBinaryInternal
        (caps=caps@entry=0x0, binary=<optimized out>,
        libDir=libDir@entry=0x4033f6 "/tmp", cacheDir=cacheDir@entry=0x0,
        runUid=runUid@entry=4294967295, runGid=runGid@entry=4294967295,
        qmpOnly=true) at src/qemu/qemu_capabilities.c:4039
    #2  0x0000000000401702 in main (argc=2, argv=0x7fffffffd968) at
        tests/qemucapsprobe.c:73

Caused by v2.2.0-182-g68c7011.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-27 19:24:12 +02:00
Michal Privoznik
c41b989112 virDomainDefParse{File,String}: Introduce @parseOpaque argument
We want to pass the proper opaque pointer instead of NULL to
virDomainDefParse and subsequently virDomainDefParseNode too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-09-26 16:50:12 +02:00
Jiri Denemark
68c7011856 qemu: Store host-model CPU in qemu capabilities
Host capabilities provide libvirt's view of the host CPU, but for a
useful support for host-model CPUs we really need a hypervisor's view of
the CPU. And since the view can be differ with emulator, qemu
capabilities is the best place to store the host CPU model.

This patch just copies the CPU model from host capabilities, but this
will change in the future.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
d029f9a0db qemuxml2argvtest: Set correct architecture for KVM guests
Testing PPC64/AArch64 KVM domains on x86_64 host only works because we
have a lot of bugs in our code. Since this series is going to fix them,
we need to make sure the host architecture matches guest for KVM
domains.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
b89fa6d1b6 qemuxml2argvtest: Properly setup CPU models in qemuCaps
Adding x86 CPU models into a list of supported CPUs for non-x86
architectures is not a very good idea. Each architecture we test needs
to maintain its own list of supported CPU models.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
e9634933ea qemu: Separate guest CPU validation from command line creation
qemu_command.c should deal with translating our domain definition into a
QEMU command line and nothing else.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
6bb5f0b218 qemuxml2argvtest: Properly initialize qemuCaps->arch
qemuCaps->arch should match the guest architecture from domain XML.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
4df4b8dea3 qemuxml2argvtest: Update qemuCaps after parsing domain XML
Some parts of qemuCaps depend on guest architecture, machine type, and
possibly other things that we know only once the domain XML has been
parsed. Let's move all these updates into a dedicated function.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
30de7164ef qemuxml2argvtest: Reorder functions
testCompareXMLToArgv will soon need to call a few function which are
defined further in the code. Let's move them up a bit.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
2f37088183 qemuxml2argvtest: Get rid of testCompareXMLToArgvHelper
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
52c087ec52 qemuxml2argvtest: Rename "out" labels as "cleanup"
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
98c69644a5 qemuxml2argvtest: Rename extraFlags as qemuCaps
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Jiri Denemark
d037d8006f qemu: Use virDomainCapsCPUModels for cpuDefinitions
The list of supported CPU models in domain capabilities is stored in
virDomainCapsCPUModels. Let's use the same object for storing CPU models
in QEMU capabilities.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-09-22 15:40:08 +02:00
Laszlo Ersek
706b5b6277 qemu: map "virtio" video model to "virt" machtype correctly (arm/aarch64)
Most of QEMU's PCI display device models, such as:

  libvirt video/model/@type  QEMU -device
  -------------------------  ------------
  cirrus                     cirrus-vga
  vga                        VGA
  qxl                        qxl-vga
  virtio                     virtio-vga

come with a linear framebuffer (sometimes called "VGA compatibility
framebuffer"). This linear framebuffer lives in one of the PCI device's
MMIO BARs, and allows guest code (primarily: firmware drivers, and
non-accelerated OS drivers) to display graphics with direct memory access.

Due to architectural reasons on aarch64/KVM hosts, this kind of
framebuffer doesn't / can't work in

  qemu-system-(arm|aarch64) -M virt

machines. Cache coherency issues guarantee a corrupted / unusable display.
The problem has been researched by several people, including kvm-arm
maintainers, and it's been decided that the best way (practically the only
way) to have boot time graphics for such guests is to consolidate on
QEMU's "virtio-gpu-pci" device.

>From <https://bugzilla.redhat.com/show_bug.cgi?id=1195176>, libvirt
supports

  <devices>
    <video>
      <model type='virtio'/>
    </video>
  </devices>

but libvirt unconditionally maps @type='virtio' to QEMU's "virtio-vga"
device model. (See the qemuBuildDeviceVideoStr() function and the
"qemuDeviceVideo" enum impl.)

According to the above, this is not right for the "virt" machine type; the
qemu-system-(arm|aarch64) binaries don't even recognize the "virtio-vga"
device model (justifiedly). Whereas "virtio-gpu-pci", which is a pure
virtio device without a compatibility framebuffer, is available, and works
fine.

(The ArmVirtQemu ("AAVMF") platform of edk2 -- that is, the UEFI firmware
for "virt" -- supports "virtio-gpu-pci", as of upstream commit
3ef3209d3028. See
<https://tianocore.acgmultimedia.com/show_bug.cgi?id=66>.)

Override the default mapping of "virtio", from "virtio-vga" to
"virtio-gpu-pci", if qemuDomainMachineIsVirt() evaluates to true.

Cc: Andrea Bolognani <abologna@redhat.com>
Cc: Drew Jones <drjones@redhat.com>
Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
Cc: Martin Kletzander <mkletzan@redhat.com>
Suggested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1372901
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Martin Kletzander <mkletzan@redhat.com>
2016-09-16 14:13:07 +02:00
Daniel P. Berrange
e043ecc82d tests: use a fixed chardev TLS path
The test qemuxml2argv-serial-tcp-tlsx509-chardev.args
will fail if libvirt is built with a --sysconfdir
arg that is not /etc.  Fix this by setting a hardcoded
path in the test code.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-09-14 10:46:09 +01:00
Michal Privoznik
2692304c94 qemu: Implement virtio-net rx_queue_size
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-09-09 16:16:59 +02:00
Michal Privoznik
c56cdf2593 conf: Add support for virtio-net.rx_queue_size
https://bugzilla.redhat.com/show_bug.cgi?id=1366989

QEMU added another virtio-net tunable [1]. It basically allows
users to set the size of RX virtio ring. But because virtio-net
uses two separate ring buffers to pass data from/to guest they
named it explicitly rx_queue_size. We should expose it in our XML
too.

1: http://lists.nongnu.org/archive/html/qemu-devel/2016-08/msg02029.html

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-09-09 16:16:59 +02:00
John Ferlan
ce61c16450 qemu: Add support for TLS X.509 path to TCP chardev backend
When building a chardev device string for tcp, add the necessary pieces to
access provide the TLS X.509 path to qemu.  This includes generating the
'tls-creds-x509' object and then adding the 'tls-creds' parameter to the
VIR_DOMAIN_CHR_TYPE_TCP command line.

Finally add the tests for the qemu command line. This test will make use
of the "new(ish)" /etc/pki/qemu setting for a TLS certificate environment
by *not* "resetting" the chardevTLSx509certdir prior to running the test.
Also use the default "verify" option (which is "no").

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-09-09 08:09:47 -04:00
Daniel P. Berrange
90e178f8bf qemu: allow turning off QEMU guest RAM dump globally
We already have the ability to turn off dumping of guest
RAM via the domain XML. This is not particularly useful
though, as it is under control of the management application.
What is needed is a way for the sysadmin to turn off guest
RAM defaults globally, regardless of whether the mgmt app
provides its own way to set this in the domain XML.

So this adds a 'dump_guest_core' option in /etc/libvirt/qemu.conf
which defaults to false. ie guest RAM will never be included in
the QEMU core dumps by default. This default is different from
historical practice, but is considered to be more suitable as
a default because

 a) guest RAM can be huge and so inflicts a DOS on the host
    I/O subsystem when dumping core for QEMU crashes

 b) guest RAM can contain alot of sensitive data belonging
    to the VM owner. This should not generally be copied
    around inside QEMU core dumps submitted to vendors for
    debugging

 c) guest RAM contents are rarely useful in diagnosing
    QEMU crashes

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-09-06 13:08:30 +01:00
Peter Krempa
9eb9106ea5 qemu: command: Add support for sparse vcpu topologies
Add support for using the new approach to hotplug vcpus using device_add
during startup of qemu to allow sparse vcpu topologies.

There are a few limitations imposed by qemu on the supported
configuration:
- vcpu0 needs to be always present and not hotpluggable
- non-hotpluggable cpus need to be ordered at the beginning
- order of the vcpus needs to be unique for every single hotpluggable
  entity

Qemu also doesn't really allow to query the information necessary to
start a VM with the vcpus directly on the commandline. Fortunately they
can be hotplugged during startup.

The new hotplug code uses the following approach:
- non-hotpluggable vcpus are counted and put to the -smp option
- qemu is started
- qemu is queried for the necessary information
- the configuration is checked
- the hotpluggable vcpus are hotplugged
- vcpus are started

This patch adds a lot of checking code and enables the support to
specify the individual vcpu element with qemu.
2016-08-24 15:44:47 -04:00
Ján Tomko
ef66bd5df8 conf: report an error message for non-existing USB hubs
If any of the devices referenced a USB hub that does not exist,
defining the domain would either fail with:
error: An error occurred, but the cause is unknown
(if only the last hub in the path is missing)
or crash.

Return a proper error instead of crashing.

https://bugzilla.redhat.com/show_bug.cgi?id=1367130
2016-08-16 12:31:41 +02:00
Laine Stump
a220f43a65 conf: restrict expander buses to connect only to a root bus
More misunderstanding/mistaken assumptions on my part - I had thought
that a pci-expander-bus could be plugged into any legacy PCI slot, and
that pcie-expander-bus could be plugged into any PCIe slot. This isn't
correct - they can both be plugged ontly into their respective root
buses. This patch adds that restriction.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1358712
2016-08-10 10:29:34 -04:00
Laine Stump
b70e3d0123 conf: restrict where dmi-to-pci-bridge can be connected
libvirt had allowed a dmi-to-pci-bridge to be plugged in anywhere a
normal PCIe endpoint can be connected, but this is wrong - it will
only work if it's plugged into pcie-root (the PCIe root complex) or a
pcie-expander-bus (the qemu device pxb-pcie). This patch adjusts the
connection flags accordingly.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1363648
2016-08-10 10:27:37 -04:00
Jiri Denemark
58ba240df8 tests: Add a test for host-model CPU with CMT feature
The generated command line wouldn't work since QEMU doesn't know what
'cmt' is. The following patch will fix this issue.

https://bugzilla.redhat.com/show_bug.cgi?id=1355857

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-08-10 14:25:24 +02:00
Michal Privoznik
9c1524a01c qemu: Enable secure boot
In qemu, enabling this feature boils down to adding the following
onto the command line:

  -global driver=cfi.pflash01,property=secure,value=on

However, there are some constraints resulting from the
implementation. For instance, System Management Mode (SMM) is
required to be enabled, the machine type must be q35-2.4 or
later, and the guest should be x86_64. While technically it is
possible to have 32 bit guests with secure boot, some non-trivial
CPU flags tuning is required (for instance lm and nx flags must
be prohibited). Given complexity of our CPU driver, this is not
trivial. Therefore I've chosen to forbid 32 bit guests for now.
If there's ever need, we can refine the check later.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-08-04 17:22:20 +02:00
Michal Privoznik
d0e4be9d02 Introduce SMM feature
Since its release of 2.4.0 qemu is able to enable System
Management Module in the firmware, or disable it. We should
expose this capability in the XML. Unfortunately, there's no good
way to determine whether the binary we are talking to supports
it. I mean, if qemu's run with real machine type, the smm
attribute can be seen in 'qom-list /machine' output. But it's not
there when qemu's run with -M none. Therefore we're stuck with
version based check.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-08-04 17:14:20 +02:00
Andrea Bolognani
ba55861afe tests: qemuxml2argv: Fix usb-too-long-port-path-invalid
The test case uses DO_TEST_PARSE_FLAGS_ERROR(), but doesn't
pass any parse flag. Use DO_TEST_PARSE_ERROR() instead.
2016-08-04 16:20:27 +02:00
Andrea Bolognani
fc9cf8d8eb tests: qemuxml2argv: Remove useless GIC flags
DO_TEST_FAILURE() doesn't take a GIC version, but the GIC flag
was passed anyway. Get rid of all such occurrences.
2016-08-04 16:18:17 +02:00
Henning Schild
e975fd2d42 qemu: rename QEMU_CAPS_MLOCK to QEMU_CAPS_REALTIME_MLOCK
Purely cosmetic change to be consistent with the other names.

Signed-off-by: Henning Schild <henning.schild@siemens.com>
2016-07-26 16:47:49 -04:00
Ján Tomko
815d98ac0b Auto-add one hub if there are too many USB devices
When parsing a command line with USB devices that have
no address specified, QEMU automatically adds a USB hub
if the device would fill up all the available USB ports.

To help most of the users, add one hub if there are more
USB devices than available ports. For wilder configurations,
expect the user to provide us with more hubs and/or controllers.
2016-07-21 08:30:26 +02:00
Ján Tomko
69f5ce45ab Add tests for USB address assignment
Introduce tests with the ich9, xhci and the default (piix3) usb
controller to demonstrate the effect of the next patch.
2016-07-21 08:30:26 +02:00
Ján Tomko
ddd31fd7dc Reserve existing USB addresses
Check if they fit on the USB controllers the domain has,
and error out if two devices try to use the same address.
2016-07-21 08:30:26 +02:00
John Ferlan
a53349e6c6 qemu: Disallow usage of luks encryption if aes secret not possible
Resolves a CI test integration failure with a RHEL6/Centos6 environment.

In order to use a LUKS encrypted device, the design decision was to
generate an encrypted secret based on the master key. However, commit
id 'da86c6c' missed checking for that specifically.

When qemuDomainSecretSetup was implemented, a design decision was made
to "fall back" to a plain text secret setup if the specific cipher was
not available (e.g. virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC))
as well as the QEMU_CAPS_OBJECT_SECRET. For the luks encryption setup
there is no fall back to the plaintext secret, thus if that gets set
up by qemuDomainSecretSetup, then we need to fail.

Also, while the qemuxml2argvtest has set the QEMU_CAPS_OBJECT_SECRET
bit, it didn't take into account the second requirement that the
ability to generate the encrypted secret is possible. So modify the
test to not attempt to run the luks-disk if we know we don't have
the encryption algorithm.
2016-07-20 06:07:11 -04:00
John Ferlan
da86c6c226 qemu: Add luks support for domain disk
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1301021

Generate the luks command line using the AES secret key to encrypt the
luks secret. A luks secret object will be in addition to a an AES secret.

For hotplug, check if the encinfo exists and if so, add the AES secret
for the passphrase for the secret object used to decrypt the device.

Modify/augment the fakeSecret* in qemuxml2argvtest in order to handle
find a uuid or a volume usage with a specific path prefix in the XML
(corresponds to the already generated XML tests). Add error message
when the 'usageID' is not 'mycluster_myname'. Commit id '1d632c39'
altered the error message generation to rely on the errors from the
secret_driver (or it's faked replacement).

Add the .args output for adding the LUKS disk to the domain

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-07-19 09:40:10 -04:00
Ján Tomko
4f90364318 Allow omitting USB port
We were requiring a USB port path in the schema, but not enforcing it.
Omitting the USB port would lead to libvirt formatting it as (null).
Such domain cannot be started and will disappear after libvirtd restart
(since it cannot parse back the XML).

Only format the port if it has been specified and mark it as optional
in the XML schema.
2016-07-18 10:55:35 +02:00
Ján Tomko
4c382376da qemu: format intel-iommu on the command line
<devices>
  <iommu model='intel'/>
</devices>

results in:

-device intel-iommu

https://bugzilla.redhat.com/show_bug.cgi?id=1235580
2016-07-12 12:36:13 +02:00
Michal Privoznik
958d6208a3 qemuxml2argvtest: Don't leak dummy monitor
It's just test, but why leak it?

==26971== 20 bytes in 1 blocks are definitely lost in loss record 623 of 704
==26971==    at 0x4C29F80: malloc (vg_replace_malloc.c:296)
==26971==    by 0xE560447: vasprintf (vasprintf.c:76)
==26971==    by 0xAE0DEE2: virVasprintfInternal (virstring.c:480)
==26971==    by 0xAE0DFF7: virAsprintfInternal (virstring.c:501)
==26971==    by 0x4751F3: qemuProcessPrepareMonitorChr (qemu_process.c:2651)
==26971==    by 0x4334B1: testCompareXMLToArgvFiles (qemuxml2argvtest.c:297)
==26971==    by 0x4339AC: testCompareXMLToArgvHelper (qemuxml2argvtest.c:413)
==26971==    by 0x446E7A: virTestRun (testutils.c:179)
==26971==    by 0x445D33: mymain (qemuxml2argvtest.c:2029)
==26971==    by 0x44886F: virTestMain (testutils.c:969)
==26971==    by 0x445D9B: main (qemuxml2argvtest.c:2036)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-07-11 16:24:51 +02:00
Peter Krempa
e114b09157 qemu: caps: Always assume QEMU_CAPS_SMP_TOPOLOGY
Support for SMP topology was added by qemu commit dc6b1c09849484fbbc50
prior to 0.12.0, our minimum supported qemu version.

$ git describe --tags dc6b1c09849484fbbc50803307e4c7a3d81eab62
v0.11.0-rc0-449-gdc6b1c0
$ git describe --tags --contains dc6b1c09849484fbbc50803307e4c7a3d81eab
v0.12.0-rc0~1477
2016-07-07 15:08:35 +02:00
Paolo Bonzini
7a97676b96 qemu: generate -display none
This is preferrable to -nographic which (in addition to disabling
graphics output) redirects the serial port to stdio and on OpenBIOS
enables the firmware's serial console.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-07-07 11:51:39 +02:00
Laine Stump
fe8567f6ad qemu: support setting host-side IP addresses/routes
For type='ethernet' interfaces only.

(This patch had been pushed earlier in
commit 0b4645a7e0, but was reverted in
commit 84d47a3cce because it had been
accidentally pushed during the freeze for release 2.0.0)
2016-07-01 21:13:31 -04:00
John Ferlan
47e88b33be util: Add 'usage' for encryption
In order to use more common code and set up for a future type, modify the
encryption secret to allow the "usage" attribute or the "uuid" attribute
to define the secret. The "usage" in the case of a volume secret would be
the path to the volume as dictated by the backwards compatibility brought
on by virStorageGenerateQcowEncryption where it set up the usage field as
the vol->target.path and didn't allow someone to provide it. This carries
into virSecretObjListFindByUsageLocked which takes the secret usage attribute
value from from the domain disk definition and compares it against the
usage type from the secret definition. Since none of the code dealing
with qcow/qcow2 encryption secrets uses usage for lookup, it's a mostly
cosmetic change. The real usage comes in a future path where the encryption
is expanded to be a luks volume and the secret will allow definition of
the usage field.

This code will make use of the virSecretLookup{Parse|Format}Secret common code.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-07-01 15:46:24 -04:00
Jiri Denemark
0dd67acfa7 qemu: Use bootindex whenever possible
I'm not sure why our code claimed "-boot menu=on" cannot be used in
combination with per-device bootindex, but it was proved wrong about
four years ago by commit 8c952908. Let's always use bootindex when QEMU
supports it.

https://bugzilla.redhat.com/show_bug.cgi?id=1323085

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-07-01 12:20:54 +02:00
Ján Tomko
84d47a3cce Revert "qemu: support setting host-side IP addresses/routes"
This reverts commit 0b4645a7e0.

This feature was accidentally pushed in the feature freeze.
2016-06-27 12:54:55 +02:00
Laine Stump
0b4645a7e0 qemu: support setting host-side IP addresses/routes
For type='ethernet' interfaces only.
2016-06-26 19:33:10 -04:00
Ján Tomko
b3ee621e94 Add a USB hub to controller order test
The test has too many USB devices.
2016-06-23 07:45:31 +02:00
Ján Tomko
e9843279cc Add a test for long USB port paths
We support up to four levels of nested USB devices in the guest.

Add a test for a domain using all four and a negative test for a domain
using five.
2016-06-22 21:33:57 +02:00
John Ferlan
f06e45d578 tests: Adjust tests for encrypted storage
Make them work again...  The xml2xml had been working, but the xml2argv
were not working. Making the xml2argv work required a few adjustments to
the xml to update to more recent times.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-06-21 14:31:19 -04:00
Ján Tomko
ff52e9d43a Remove separator argument from virBitmapParse
Most the callers pass 0 in one form or another, including
vircapstest which used VIR_ARCH_NONE.
2016-06-20 12:09:52 +02:00
Martin Kletzander
6445ad488f qemu: Add support for zero-detection writes
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-06-14 08:25:25 +02:00
Pavel Hrdina
93a2fb230a vnc: add support for listen type none
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-06-09 14:46:45 +02:00
Pavel Hrdina
ffac505639 spice: introduce spice_auto_unix_socket config option
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-06-09 14:43:39 +02:00
Pavel Hrdina
e0c309b2dc spice: add support for listen type socket
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1335832

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-06-09 14:43:15 +02:00
Pavel Hrdina
acc83afe33 vnc: add support for listen type 'socket'
VNC graphics already supports sockets but only via 'socket' attribute.
This patch coverts that attribute into listen type 'socket'.

For backward compatibility we need to handle listen type 'socket' and 'socket'
attribute properly to support old XMLs and new XMLs.  If both are provided they
have to match, if only one of them is provided we need to be able to parse that
configuration too.

To not break migration back to old libvirt if the socket is provided by user we
need to generate migratable XML without the listen element and use only 'socket'
attribute.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-06-09 14:42:48 +02:00
Tomáš Ryšavý
d77e453a01 tests: Rename virtTestLogContentAndReset to virTestLogContentAndReset.
This function doesn't follow our convention of naming functions.
2016-06-08 11:23:12 -04:00
Tomáš Ryšavý
8a48cf6efa tests: Rename virtTest00MActive to virTest00MActive.
This function doesn't follow our convention of naming functions.
2016-06-08 11:23:12 -04:00
Tomáš Ryšavý
239caffb1d tests: Rename virtTestCompareToFile to virTestCompareToFile.
This function doesn't follow our convention of naming functions.
2016-06-08 11:23:12 -04:00
Tomáš Ryšavý
401bb813bd Rename virtTestLoadFile to virTestLoadFile.
This function doesn't follow our convention of naming functions.
2016-06-08 11:23:12 -04:00
Tomáš Ryšavý
cd7dd1508d tests: Rename virtTestRun to virTestRun.
This function doesn't follow our convention of naming functions.
2016-06-08 11:23:12 -04:00
Peter Krempa
05eab1bf9a conf: Move disk info validator to the domain conf validator
Since it will not be called from outside of conf we can unexport it too
if we move it to the appropriate place.

Test suite change is necessary since the error will be reported sooner
now.
2016-06-07 13:02:20 +02:00
Martin Kletzander
3484c05ce0 qemu: Add support to QXL's max_outputs parameter
Historically, we added heads=1 to videos, but for example for qxl, we
did not reflect that on the command line.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1283207

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-06-07 12:42:54 +02:00
Laine Stump
4d100c7a41 conf: permit auto-assignment of controller indexes
Hand-entering indexes for 20 PCI controllers is not as tedious as
manually determining and entering their PCI addresses, but it's still
annoying, and the algorithm for determining the proper index is
incredibly simple (in all cases except one) - just pick the lowest
unused index.

The one exception is USB2 controllers because multiple controllers in
the same group have the same index. For these we look to see if 1) the
most recently added USB controller is also a USB2 controller, and 2)
the group *that* controller belongs to doesn't yet have a controller
of the exact model we're just now adding - if both are true, the new
controller gets the same index, but in all other cases we just assign
the lowest unused index.

With this patch in place and combined with the automatic PCI address
assignment, we can define a PCIe switch with several ports like this:

  <controller type='pci' model='pcie-root-port'/>
  <controller type='pci' model='pcie-switch-upstream-port'/>
  <controller type='pci' model='pcie-switch-downstream-port'/>
  <controller type='pci' model='pcie-switch-downstream-port'/>
  <controller type='pci' model='pcie-switch-downstream-port'/>
  <controller type='pci' model='pcie-switch-downstream-port'/>
  <controller type='pci' model='pcie-switch-downstream-port'/>
  ...

These will each get a unique index, and PCI addresses that connect
them together appropriately with no pesky numbers required.
2016-05-25 15:00:25 -04:00
Ján Tomko
ea04d1a659 qemu: format SLIC ACPI table command line
<os>
  <acpi>
    <table type="slic">/path/to/acpi/table/file</table>
  </acpi>
</os>

will result in:

-acpitable sig=SLIC,file=/path/to/acpi/table/file

This option was introduced by QEMU commit 8a92ea2 in 2009.

https://bugzilla.redhat.com/show_bug.cgi?id=1327537
2016-05-25 17:15:21 +02:00
Pavel Hrdina
9753dd7470 qemuxml2argvtest: skip test that depends on gnutls_cipher_encrypt()
Test disk-drive-network-rbd-auth-AES depends on existence of
gnutls_cipher_encrypt() function which was introduced in gnutls 2.10.0.
On systems without this function we should skip this test.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-24 01:01:07 +02:00
Ján Tomko
71cfa668eb Deprecate QEMU_CAPS_PCIDEVICE
Before removal of QEMU_CAPS_DEVICE, its only usage was
or'd with QEMU_CAPS_DEVICE.

Now it's unused.
2016-05-23 10:40:22 +02:00
Ján Tomko
5572cd7f0e Deprecate QEMU_CAPS_DEVICE
We support qemu version 0.12.0+, which has it.
2016-05-23 10:38:45 +02:00
Ján Tomko
e9488fcd20 Deprecate QEMU_CAPS_DRIVE_READONLY
We have been assuming its support if qemu supports -device,
which all the supported versions do.
2016-05-23 10:37:09 +02:00
Ján Tomko
ec9d19952a tests: always assume QEMU_CAPS_DRIVE_READONLY 2016-05-23 10:34:16 +02:00
Ján Tomko
1e463880c9 tests: remove disk-drive-fat test
This test requests a read-only virtual FAT drive on the IDE bus.
Read-only IDE drives are unsupported, but libvirt only displays
the error if it has the QEMU_CAPS_DRIVE_READONLY capability.
Read-write FAT drives are also unsupported.
2016-05-23 09:39:40 +02:00
Laine Stump
c026f8f1c2 qemu: auto-assign addresses when <address type='pci'/> is specified
Rather than only assigning a PCI address when no address is given at
all, also do it when the config says that the address type is 'pci',
but it gives no address (virDeviceInfoPCIAddressWanted()).

There are also several places after parsing but prior to address
assignment where code previously expected that any info with address
type='pci' would have a *valid* PCI address, which isn't always the
case - now we check not only for type='pci', but also for a valid
address (virDeviceInfoPCIAddressPresent()).

The test case added in this patch was directly copied from Cole's patch titled:

    qemu: Wire up address type=pci auto_allocate
2016-05-20 13:54:26 -04:00
John Ferlan
a1344f70a1 qemu: Utilize qemu secret objects for RBD auth/secret
https://bugzilla.redhat.com/show_bug.cgi?id=1182074

If they're available and we need to pass secrets to qemu, then use the
qemu domain secret object in order to pass the secrets for RBD volumes
instead of passing the base64 encoded secret on the command line.

The goal is to make AES secrets the default and have no user interaction
required in order to allow using the AES mechanism. If the mechanism
is not available, then fall back to the current plain mechanism using
a base64 encoded secret.

New APIs:

qemu_domain.c:
  qemuDomainGetSecretAESAlias:
    Generate/return the secret object alias for an AES Secret Info type.
    This will be called from qemuDomainSecretAESSetup.

  qemuDomainSecretAESSetup: (private)
    This API handles the details of the generation of the AES secret
    and saves the pieces that need to be passed to qemu in order for
    the secret to be decrypted. The encrypted secret based upon the
    domain master key, an initialization vector (16 byte random value),
    and the stored secret. Finally, the requirement from qemu is the IV
    and encrypted secret are to be base64 encoded.

qemu_command.c:
  qemuBuildSecretInfoProps: (private)
    Generate/return a JSON properties object for the AES secret to
    be used by both the command building and eventually the hotplug
    code in order to add the secret object. Code was designed so that
    in the future perhaps hotplug could use it if it made sense.

  qemuBuildObjectSecretCommandLine (private)
    Generate and add to the command line the -object secret for the
    secret. This will be required for the subsequent RBD reference
    to the object.

  qemuBuildDiskSecinfoCommandLine (private)
    Handle adding the AES secret object.

Adjustments:

qemu_domain.c:
  The qemuDomainSecretSetup was altered to call either the AES or Plain
  Setup functions based upon whether AES secrets are possible (we have
  the encryption API) or not, we have secrets, and of course if the
  protocol source is RBD.

qemu_command.c:
  Adjust the qemuBuildRBDSecinfoURI API's in order to generate the
  specific command options for an AES secret, such as:

    -object secret,id=$alias,keyid=$masterKey,data=$base64encodedencrypted,
            format=base64
    -drive file=rbd:pool/image:id=myname:auth_supported=cephx\;none:\
           mon_host=mon1.example.org\:6321,password-secret=$alias,...

  where the 'id=' value is the secret object alias generated by
  concatenating the disk alias and "-aesKey0". The 'keyid= $masterKey'
  is the master key shared with qemu, and the -drive syntax will
  reference that alias as the 'password-secret'. For the -drive
  syntax, the 'id=myname' is kept to define the username, while the
  'key=$base64 encoded secret' is removed.

  While according to the syntax described for qemu commit '60390a21'
  or as seen in the email archive:

    https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg04083.html

  it is possible to pass a plaintext password via a file, the qemu
  commit 'ac1d8878' describes the more feature rich 'keyid=' option
  based upon the shared masterKey.

Add tests for checking/comparing output.

NB: For hotplug, since the hotplug code doesn't add command line
    arguments, passing the encoded secret directly to the monitor
    will suffice.
2016-05-20 11:09:05 -04:00
Pavel Hrdina
2faa13560c tests: cleanup vnc auto socket test
Commit 55320c23 introduced a new test for VNC to test if
vnc_auto_unix_socket is set in qemu.conf, but forget to enable it in
qemuxml2argvtest.c.

This patch also moves the code in qemuxml2xmltest.c next to other VNC
tests and refactor the test so we also check the case for parsing active
XML.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-05-20 10:05:55 +02:00
Ján Tomko
936b86528d Remove DISK_BUS_XEN support from qemuBuildDiskDriveCommandLine
We have stopped supporting Xenner some time ago.
2016-05-20 09:02:08 +02:00
Cole Robinson
20a0fa8eb2 qemu: address: Remove QEMU_CAPS_DEVICE usage
All qemu versions we support have QEMU_CAPS_DEVICE, so checking
for it is redundant. Remove the usage.

The code diff isn't clear, but all that code is just inindented
with no other change.

Test cases that hit qemuDomainAssignAddresses but don't have
infrastructure for specifying qemuCaps values see lots of
churn, since now PCI addresses are in the XML output.
2016-05-18 14:33:58 -04:00
Cole Robinson
5d7314bbcf qemu: Assign device addresses in PostParse
This wires up qemuDomainAssignAddresses into the new
virDomainDefAssignAddressesCallback, so it's always triggered
via virDomainDefPostParse. We are essentially doing this already
with open coded calls sprinkled about.

qemu argv parse output changes slightly since previously it wasn't
hitting qemuDomainAssignAddresses.
2016-05-18 14:33:58 -04:00
Andrea Bolognani
f6ececa68d tests: Try different usable GIC versions
The only case where the hardware capabilities influence the result
is when no <gic/> element was provided.

The test programs now ensure both that the correct GIC version is
picked in that case, and that hardware capabilities are not taken
into account when the user has already picked a GIC version.
2016-05-18 11:27:56 +02:00
Andrea Bolognani
63bc91eea0 tests: Prepare to have different usable GIC versions
Now that we choose the GIC version based on hardware features when
no <gic/> element has been provided, we need a way to fake the GIC
capabilities of the host.

Update the qemuxml2argv and qemuxml2xml tests to allow this.
2016-05-18 11:27:56 +02:00
Andrea Bolognani
0e8a72a5ef qemu: Drop QEMU_CAPS_VIRTIO_BLK_SG_IO
The only QEMU versions that don't have such capability are <0.11,
which we no longer support anyway
2016-05-17 00:01:45 +02:00
Andrea Bolognani
859743c27c qemu: Drop QEMU_CAPS_CPU_HOST
The only QEMU versions that don't have such capability are <0.11,
which we no longer support anyway
2016-05-17 00:01:45 +02:00
Andrea Bolognani
8531b85ba6 qemu: Drop QEMU_CAPS_PCI_ROMBAR
The only QEMU versions that don't have such capability are <0.12,
which we no longer support anyway.

Additionally, this solves the issue of some QEMU binaries being
reported as not having such capability just because they lacked
the {kvm-}pci-assign QMP object.
2016-05-17 00:01:45 +02:00
Cole Robinson
e3a6859019 qemu: command: Use -name guest= if available
-name guest= is the explicit parameter for passing a VM name. Using
it is required to allow a VM with an '=' in the name

https://bugzilla.redhat.com/show_bug.cgi?id=1276485
2016-05-16 10:30:38 -04:00
Cole Robinson
077ba95677 qemu: command: escape commas in VNC socket path
This path can be dependent on the VM libdir, which contains its name
2016-05-16 10:30:38 -04:00
Cole Robinson
0f377eb1b0 qemu: command: escape commas in VM name
This isn't sufficient on its own, since the VM name is used for things
like monitor paths, which we don't escape yet
2016-05-16 10:30:38 -04:00
Laine Stump
e5aecc2f80 conf: log error when incorrect PCI root controller is added to domain
libvirt may automatically add a pci-root or pcie-root controller to a
domain, depending on the arch/machinetype, and it hopefully always
makes the right decision about which to add (since in all cases these
controllers are an implicit part of the virtual machine).

But it's always possible that someone will create a config that
explicitly supplies the wrong type of PCI controller for the selected
machinetype. In the past that would lead to an error later when
libvirt was trying to assign addresses to other devices, for example:

  XML error: PCI bus is not compatible with the device at
  0000:00:02.0. Device requires a PCI Express slot, which is not
  provided by bus 0000:00

(that's the error message that appears if you replace the pcie-root
controller in a Q35 domain with a pci-root controller).

This patch adds a check at the same place that the implicit
controllers are added (to ensure that the same logic is used to check
which type of pci root is correct). If a pci controller with index='0'
is already present, we verify that it is of the model that we would
have otherwise added automatically; if not, an error is logged:

  The PCI controller with index='0' must be " model='pcie-root' for
  this machine type, " but model='pci-root' was found instead.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1004602
2016-05-10 17:03:24 -04:00
John Ferlan
d0b5845952 qemu: Add 'iothread' to command line for supported controller
https://bugzilla.redhat.com/show_bug.cgi?id=1286709

Now that we have all the pieces in place, we can add the 'iothread=#' to
the command line for the (two) controllers that support it (virtio-scsi-pci
and virtio-scsi-ccw). Add the tests as well...
2016-05-04 09:59:14 -04:00
Cole Robinson
600977e293 qemu: support configuring usb3 controller port count
This adds a ports= attribute to usb controller XML, like

  <controller type='usb' model='nec-xhci' ports='8'/>

This maps to:

  qemu -device nec-usb-xhci,p2=8,p3=8

Meaning, 8 ports that support both usb2 and usb3 devices. Gerd
suggested to just expose them as one knob.

https://bugzilla.redhat.com/show_bug.cgi?id=1271408
2016-05-03 08:58:30 -04:00
Boris Fiuczynski
383c6f7f4d tests: add tests for panic device model s390
Signed-off-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com>
2016-05-02 17:01:40 +02:00
Laine Stump
8b62c65d24 qemu: support new pci controller model "pcie-expander-bus"
This is backed by the qemu device pxb-pcie, which will be available in
qemu 2.6.0.

As with pci-expander-bus (which uses qemu's pxb device), the busNr
attribute and <node> subelement of <target> are used to set the bus_nr
and numa_node options.

During post-parse we validate that the domain's machinetype is
q35-based (since the device shows up for 440fx-based machinetypes, but
is unusable), as well as checking that <node> specifies a node that is
actually configured on the guest.
2016-04-14 14:00:34 -04:00
Laine Stump
400b297692 qemu: support new pci controller model "pci-expander-bus"
This is backed by the qemu device "pxb".

The pxb device always includes a pci-bridge that is at the bus number
of the pxb + 1.

busNr and <node> from the <target> subelement are used to set the
bus_nr and numa_node options for pxb.

During post-parse we validate that the domain's machinetype is
440fx-based (since the pxb device only works on 440fx-based machines),
and <node> also gets a sanity check to assure that the NUMA node
specified for the pxb (if any - it's optional) actually exists on the
guest.
2016-04-14 14:00:34 -04:00
Ján Tomko
d0cc8b10c3 tests: do not overwrite return value when filling qemuCapsCache
In qemuHotplugCreateObjects, the ret variable was filled by
the value returned by qemuTestCapsCacheInsert.

If any of the functions after this assignment failed, we would still
return success.

Also adjust testCompareXMLToArgvHelper, where this change is just
cosmetic, because the value was overwritten right away.
2016-04-14 16:37:50 +02:00
Ján Tomko
786bc2511a qemu: assign addresses before aliases
The address assigning code might add new pci bridges.
We need them to have an alias when building the command line.

In real word usage, this is not a problem because all the code
paths already call qemuDomainAssignAddresses. However moving
this call lets us remove one extra call from qemuxml2argvtest.
2016-04-13 13:07:20 +02:00
Ján Tomko
1922d2f11e qemuxml2argvtest: drop FLAG_EXPECT_ERROR
It is only used for failed address allocation
Since we already have FLAG_EXPECT_FAILURE, use that instead.

Also unify the output to print the whole log buffer instead
of just the last error message.
2016-04-13 13:04:32 +02:00
Pavel Hrdina
1d9d0c9397 domain_conf: fix graphics parsing
Commit dc98a5bc refactored the code a lot and forget about checking if
listen attribute is specified.  This ensures that listen attribute and
first listen element are compared only if both exist.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-04-11 13:50:55 +02:00
Pavel Hrdina
71ea10851d tests: remove unwanted VIR_FREE of spice and vnc default listen
After the test and qemu_process refactor now we can benefit from default
listen address for spice and vnc in tests.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-04-08 17:36:27 +02:00
Ján Tomko
f06ca25d23 qemu: support virt-2.6 machine type on arm
Some places already check for "virt-" prefix as well as plain "virt".
virQEMUCapsHasPCIMultiBus did not, resulting in multiple PCI devices
having assigned the same unnumbered "pci" alias.

Add a test for the "virt-2.6" machine type which also omits the
<model type='virtio'/> in <interface>, to check if
qemuDomainDefaultNetModel works too.

https://bugzilla.redhat.com/show_bug.cgi?id=1325085
2016-04-08 14:15:51 +02:00
John Ferlan
d8a8cae342 qemu: Introduce qemuBuildMasterKeyCommandLine
If the -object secret capability exists, then get the path to the
masterKey file and provide that to qemu. Checking for the existence
of the file before passing to qemu could be done, but causes issues
in mock test environment.

Since the qemuDomainObjPrivate is not available when building the
command line, the qemuBuildHasMasterKey API will have to suffice
as the primary arbiter for whether the capability exists in order
to find/return the path to the master key for usage.

Created the qemuDomainGetMasterKeyAlias API which will be used by
later patches to define the 'keyid' (eg, masterKey) to be used by
other secrets to provide the id to qemu for the master key.
2016-04-06 20:27:09 -04:00
Pavel Hrdina
1e9a083742 qemuxml2argvtest: cleanup test
Use qemuProcessCreatePretendCmd instead duplicating required steps from
qemuProcessStart.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-03-22 15:15:49 +01:00
Pavel Hrdina
9dca74ee6f qemuxml2argvtest: use driver.config and priv for qemuDomainSetPrivatePaths
Update testutilsqemu to overwrite libDir and channelTargetDir and set
private paths using domain's privateData.  This changes is required for
following patch.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-03-22 15:15:48 +01:00
Pavel Hrdina
1e38ef728c qemu_process: move checks to qemuProcessStartValidate
Move all code that checks host and domain.  Do not check host if we use
VIR_QEMU_PROCESS_START_PRETEND flag.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-03-22 15:15:48 +01:00
Pavel Hrdina
a431d3440f qemu: update callers of qemuProcessStartValidate to use virDomainObjPtr
This change is required by following patches.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-03-22 15:15:48 +01:00
Pavel Hrdina
c374851960 tests: cleanup qemuxml2argvtest
This removes the testFailed magic and makes the code more readable.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-03-22 15:15:48 +01:00
Christophe Fergeau
6d28ef912c qemu: Don't add -spice port=0 when no port is specified
If a <graphics type='spice'> has no port nor tlsPort set, the generated
QEMU command line will contain -spice port=0.
This is later going to be ignored by spice-server, but it's better not
to add it at all in this situation.
As an empty -spice is not allowed, we still need to append port=0 if we
did not add any other argument.
2016-03-21 10:43:40 +01:00
Marc-André Lureau
1e34a8f919 qemu: enable debug threads
When debug-threads is enabled, individual threads are given a separate
name (on Linux)

Fixes:
https://bugzilla.redhat.com/show_bug.cgi?id=1140121

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-03-10 22:54:40 +01:00
Daniel P. Berrange
3e12ec4a1e qemu: use virtlogd for character device log files
If use of virtlogd is enabled, then use it for backing the
character device log files too. This avoids the possibility
of a guest denial of service by writing too much data to
the log file.
2016-03-10 15:41:52 +00:00
Daniel P. Berrange
06cb0cf7ce qemu: add support for logging chardev output to a file
Honour the <log file='...'/> element in chardevs to output
data to a file. This requires QEMU >= 2.6

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-03-10 15:33:51 +00:00
Marc-André Lureau
937ebba00e qemu: add spice opengl support
Add Spice graphics gl attribute. qemu 2.6 should have -spice gl=on argument to
enable opengl rendering context (patches on the ML). This is necessary to
actually enable virgl rendering.

Add a qemuxml2argv test for virtio-gpu + spice with virgl.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-01 09:45:47 +01:00
Martin Kletzander
a89f05ba8d qemu: Shorten per-domain directory names
Per-domain directories were introduced in order to be able to
completely separate security labels for each domain (commit
f1f68ca334).  However when the domain
name is long (let's say a ridiculous 110 characters), we cannot
connect to the monitor socket because on length of UNIX socket address
is limited.  In order to get around this, let's shorten it in similar
fashion and in order to avoid conflicts, throw in an ID there as well.
Also save that into the status XML and load the old status XMLs
properly (to clean up after older domains).  That way we can change it
in the future.

The shortening can be seen in qemuxml2argv tests, for example in the
hugepages-pages2 case.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-03-01 07:15:29 +01:00
Ján Tomko
21b316f4d3 qemu: error out on missing machine type in configs
Commit f1a89a8 allowed parsing configs from /etc/libvirt
without validating the emulator capabilities.

Check for the presence of a machine type in the qemu driver's
post parse function instead of crashing.

https://bugzilla.redhat.com/show_bug.cgi?id=1267256
2016-02-26 10:32:31 +01:00
Ján Tomko
b564113d56 tests: add parseFlags to qemuxml2argvtest 2016-02-26 09:47:46 +01:00
Paolo Bonzini
fc922eb208 qemu: add support for LSI SAS1068 (aka MPT Fusion) SCSI controller
This does nothing more than adding the new device and capability.
The device is present since QEMU 2.6.0.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-02-22 10:10:52 +00:00
Andrea Bolognani
b6c40bd5e1 test: qemuxml2argv: Drop QEMU_CAPS_DEVICE uses
Since commit 51045df01b, the QEMU_CAPS_DEVICE capability is enabled
automatically and shouldn't be passed as an argument to DO_TEST();
however, commit 998a936c4c accidentally introduced few such uses.
2016-02-19 14:10:44 +01:00
John Ferlan
de71e0e500 qemu: Move qemuAssign*Alias* API's into their own module
Create a new module qemu_alias.c to handle the qemuAssign*Alias* APIs
and the qemuDomainDeviceAliasIndex
2016-02-16 11:07:48 -05:00
Andrea Bolognani
998a936c4c tests: Add more GIC test cases
Test all kinds of scenarios, including guests asking for GIC but
failing to specify a version, guests specifying an invalid version
and guests trying to use GIC with non-virt or even non-ARM machines.
2016-02-16 15:42:20 +01:00
Andrea Bolognani
161a341850 tests: Reorganize and simplify GIC test cases
Unify the naming to prepare for new test cases that will be added
later on.

Convert a couple of output XML files for the qemuxml2xml test to
symlinks while at it, since they were identical to the corresponding
input XML files anyways.

Moreover, since we're only interested in testing GIC support here,
simplify XML files by getting rid of the unrelevant bits.
2016-02-16 15:39:57 +01:00
Cole Robinson
5a1ccaeb00 tests: qemu: More aarch64 virtio and pci tests
Clarify the point of some of the test cases by renaming them. Add more
xml2xml tests.
2016-02-09 16:09:01 -05:00
Cole Robinson
51045df01b tests: Unconditionally enable QEMU_CAPS_DEVICE
QEMU_CAPS_DEVICE is always enabled for qemu binaries we support.
Sync qemuxml2* to match, and regenerate all test output.
2016-02-09 13:42:23 -05:00
Cole Robinson
e9394d699c tests: qemuxml2argv: remove some QEMU_CAPS_DEVICE problem cases
When we unconditionally enable QEMU_CAPS_DEVICE, these tests need
some massaging, so do it ahead of time to not mix it in with the
big test refresh.

- minimal-s390 is not a real world working config, so drop it
- disk-usb was testing for an old code path that will be removed.
  instead use it to test lack of USB disk support, and rename it
  to disk-usb-nosupport. Switch xml2xml to use disk-usb-device for
  input.
- cputune-numatune was needlessly using q35, switch it to an older
  machine type
2016-02-09 13:42:23 -05:00
Peter Krempa
6d04f0592e tests: Integrate startup checks to qemuxml2argvtest
Some of the tests that are not a part of qemuBuildCommandLine were not
executed in the test suite. We can now reuse qemuProcessStartValidate to
integrate these tests.
2016-02-08 09:24:49 +01:00
Pavel Hrdina
2686e44e05 tests: add some missing tests to qemuxml2xmltest
Those tests are in qemuargv2xmltest and it makes sense to include them
also in qemuxml2xmltest and qemuxml2argvtest.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2016-01-26 17:53:33 +01:00
Dmitry Andreev
981c01d419 qemu: add support of optional 'autodeflate' attribute
Autodeflate can be enabled/disabled for memballon device
of model 'virtio'.

xml:
<devices>
  <memballoon model='virtio' autodeflate='on'/>
</devices>

qemu:
qemu -device virtio-balloon-pci,...,deflate-on-oom=on

Autodeflate cannot be enabled/disabled for running domain.
2016-01-12 10:48:21 -05:00
Laine Stump
bd04ad42e7 qemu: auto-add a USB2 controller set for Q35 machines
Use virDomainDefAddUSBController() to add an EHCI1+UHCI1+UHCI2+UHCI3
controller set to newly defined Q35 domains that don't have any USB
controllers defined.
2016-01-11 13:21:10 -05:00
Laine Stump
163338ec28 qemu: prefer 00:1D.x and 00:1A.x for USB2 controllers on Q35
The real Q35 machine puts the first USB controller set (EHCI+(UHCIx4))
on bus 0 slot 0x1D, and the 2nd USB controller set on bus 0 slot 0x1A,
so let's attempt to make the virtual machine match that for
controllers with auto-assigned addresses when possible.

Three test cases were added to assure that the proper addresses are
assigned - one with a single set of unaddressed USB controllers, one
with 3 (to grab both preferred slots plus one more), and one with the
order of the controller definitions reordered, to assure that the
auto-assignment isn't mixed up by order.
2016-01-11 13:04:17 -05:00
Cole Robinson
fde937bda0 qemu: command: wire up usage of q35/ich9 disable s3/s4
If the q35 specific disable s3/s4 setting isn't supported, fallback to
specifying the PIIX setting, which is the previous behavior. It doesn't
have any effect, but qemu will just warn about it rather than error:

  qemu-system-x86_64: Warning: global PIIX4_PM.disable_s3=1 not used
  qemu-system-x86_64: Warning: global PIIX4_PM.disable_s4=1 not used

Since it doesn't error, I don't think we should either, since there
may be configs in the wild that already have q35 + disable_s3/4 (via
virt-manager)
2016-01-10 15:16:38 -05:00
Cole Robinson
5900356efb qemu: caps: Rename CAPS_DISABLE_S[34] to CAPS_PIIX_DISABLE_S[34]
These settings are specific to PIIX, so clarify it
2016-01-10 14:59:53 -05:00
Martin Kletzander
8156493d8d Fix USB model defaults for ppc64
The condition was checking for UHCI (and OHCI for ppc64) availability so
that it can specify the proper device instead of legacy usb.  However,
for ppc64, we don't need to check both OHCI and UHCI, but only OHCI as
that is the legacy default.  The condition is so big that it was just a
matter of time when someone will make a mistake there, so let's use more
lines so that it is visible what the condition checks for.

This fixes usage of -device instead of -usb for ppc64 that supports
pci-usb-ohci and does not support piix3-usb-uhci.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1297020

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-01-09 18:39:17 +01:00
Andrea Bolognani
117375ca49 tests: qemuxml2argv: Add tests for USB controller on q35 2016-01-08 19:46:43 +01:00
Dmitry Mishin
53a15aed39 qemu: Process new 'append' attribute for char dev with output to a file
By default, QEMU truncates serial file on open. Sometimes, it could be weird -
for example, when we are trying to investigate some event, which occured several
restarts ago. This patch adds an ability to preserve previous content.

Signed-off-by: Dmitry Mishin <dim@virtuozzo.com>
2015-12-24 14:50:33 +00:00
Peter Krempa
645881139b qemu: domain: Prevent overflows in memory alignment code
Since libvirt for dubious historical reasons stores memory size as
kibibytes, it's possible that the alignments done in the qemu code
overflow the the maximum representable size in bytes. The XML parser
code handles them in bytes in some stages. Prevent this by doing
overflow checks when alinging the size and add a test case.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1260576
2015-12-04 15:21:20 +01:00