Some forward declarations in bridge_driver.c are not needed
really. They only create a noise when trying to jump onto the
correct tag. Drop them.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Many things can affect the availability of cpu flags (e.g. software
upgrades, kernel versions, kernel command line, etc.) and invalidate the
cached capabilities without notice. Add CPUID information to the
capabilities cache.
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This makes it possible to call virCPUDataParse with a xmlNodePtr,
which will be required by a later patch.
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The function does not need a full xmlXPathContextPtr any longer and a
later patch will require a call to this function with only a xmlNodePtr
available.
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Factor out duplicated code from x86FeatureParse and virCPUx86DataParse.
This also consolidates error messages.
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
... by using virXMLProp*() helpers. These only require a xmlNodePtr and
do not need a xmlXPathContextPtr. Reflect that in the function signature.
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
... by using virXMLProp*() helpers. These only require a xmlNodePtr and
do not need a xmlXPathContextPtr. Reflect that in the function signature.
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
When I was cleaning up the regex after we removed most of our custom
autofree helpers I've forgot to delete one closing brace, thus the regex
was not matching anything.
Fixes: 65f702020e
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
If there is no tcp_min_ssf value set in daemon config we still
compare it against the default (56 which corresponds to DES) and
if the value is below our expected minimum (112 which corresponds
to 3DES) an error is reported and the daemon refuses to start.
This is not what we want. What we want is to check the value iff
the value was specified in the config file.
Fixes: 58a48cff84
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Support return guest interface information from guest agent
Signed-off-by: zhanglei <zhanglei@smartx.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
The new parameter group returns information about network interfaces
Signed-off-by: zhanglei <zhanglei@smartx.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
1) 'activePcrBanksStr' is not initialized:
../../../libvirt/src/qemu/qemu_tpm.c: In function ‘qemuExtTPMStart’:
/usr/include/glib-2.0/glib/glib-autocleanups.h:28:3: error: ‘activePcrBanksStr’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
28 | g_free (*pp);
| ^~~~~~~~~~~~
../../../libvirt/src/qemu/qemu_tpm.c:613:22: note: ‘activePcrBanksStr’ was declared here
613 | g_autofree char *activePcrBanksStr;
| ^~~~~~~~~~~~~~~~~
2) 'pwdfile_fd' is unused:
../../../libvirt/src/qemu/qemu_tpm.c:615:19: error: unused variable 'pwdfile_fd' [-Werror,-Wunused-variable]
VIR_AUTOCLOSE pwdfile_fd = -1;
Fixes: a5bbe1a8b6
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
It won't cause any harm as cpus is NULL when we pass a negative ncpus,
but doing so when the function expects unsigned value is not right.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The return value was not properly checked in the code for input type
evdev.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Extend the TPM backend XML with a node 'active_pcr_banks' that allows a
user to specify the PCR banks to activate before starting a VM. Valid
choices for PCR banks are sha1, sha256, sha384 and sha512. When the XML
node is provided, the set of active PCR banks is 'enforced' by running
swtpm_setup before every start of the VM. The activation requires that
swtpm_setup v0.7 or later is installed and may not have any effect
otherwise.
<tpm model='tpm-tis'>
<backend type='emulator' version='2.0'>
<active_pcr_banks>
<sha256/>
<sha384/>
</active_pcr_banks>
</backend>
</tpm>
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2016599
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
At this point, we're no longer using the availability of the
ZFS programs at build time to decide whether to enable ZFS
support, so the only purpose of these find_program() calls is
to record their absolute paths.
However, the virCommand facilities that we're ultimately using
to run them are already capable of performing this lookup at
runtime, and in fact that's exactly what we already do in the
case of, for example, vstorage.
Drop the build time lookups and always perform them at runtime.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
Commit 73a2ff3616 already improved the situation a lot. This
pushes things even further.
If the user or, more likely, the distro packager explicitly
asked for ZFS support to be enabled, then we should comply with
that request regardless of whether the necessary programs are
available at build time.
This is particularly important in the context of Debian, where
ZFS cannot be a build dependency of libvirt due to licensing
issues but it can still be an optional runtime dependency.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
Add an option to allow the admin to requet a higher minimum SSF
for connections than the built-in default.
The current default is 56 (single DES equivalent, to support
old kerberos) and will be raised to 112 in the future.
https://bugzilla.redhat.com/show_bug.cgi?id=1431589
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Store the minimum SSF value for TCP connections
in virNetSASLContext and introduce a getter for it.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Prepare for deprecating old kerberos ciphers by warning users
with a SSF lower than 112.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
It is now unused.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
The presence of this capability depends on QEMU being compiled
with spice that has the SPICE_ADDR_FLAG_UNIX_ONLY constant.
It was added by spice commit 5365caeaae released in spice v0.12.6,
which is older than the spice version on our supported architectures.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
For later QEMUs than 2.11 we do FD passing for character devices,
so lock the capabilites to this exact version.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Move the test closer to other graphics-spice tests.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reduce the churn in following patches.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>