Commit Graph

32171 Commits

Author SHA1 Message Date
Ján Tomko
a5e8eec7d5 util: openvswitch: do not reuse cmd in InterfaceClearTxQos
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-18 17:48:32 +01:00
Ján Tomko
3ab7df7421 util: openvswitch: do not reuse cmd in InterfaceSetTxQos
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-18 17:48:32 +01:00
Ján Tomko
5d55546e0f util: openvswitch: split out virNetDevOpenvswitchInterfaceSetRxQos
The virNetDevOpenvswitchInterfaceSetQos function is uneven
because setting the Rx Qos is open-coded, while clearing it
is sepearated in another function.

Separate the setting too.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-18 17:48:32 +01:00
Ján Tomko
be82600128 util: openvswitch: split out virNetDevOpenvswitchInterfaceSetTxQos
The virNetDevOpenvswitchInterfaceSetQos function is uneven
because setting the Tx Qos is open-coded, while clearing it
is sepearated in another function.

Separate the setting too.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-18 17:48:32 +01:00
Ján Tomko
186aa292a0 util: openvswitch: unexport InterfaceClear{Rx,Tx}Qos
This also removes the indentation error.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-18 17:48:32 +01:00
Ján Tomko
a6ffb1712b util: openvswitch: move InterfaceClear{Rx,Tx}Qos
These functions are called by virNetDevOpenvswitchInterfaceSetQos
as well as virNetDevOpenvswitchInterfaceClearQos.

Move them above both fuctions.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-18 17:48:32 +01:00
Andrea Bolognani
dbf9b8a6ed util: Stop storing dnsmasq version
We don't do anything with it after checking that it satisfies our
requirements and don't provide a way for users of the module to
access it, so carrying it around is pointless.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-18 16:50:31 +01:00
Michal Privoznik
11627e021d virdnsmasq: Join dnsmasqCapsNewEmpty() and dnsmasqCapsNewFromBinary()
After previous cleanups, there's just one caller of
dnsmasqCapsNewEmpty() and it is dnsmasqCapsNewFromBinary().
And the former is pretty short. Therefore, it is not necessary
for the code to live in two separate functions. Dissolve the
former in the latter.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 16:18:57 +01:00
Michal Privoznik
d730392293 virdnsmasq: Drop dnsmasqCapsNewFromBuffer()
The function is no longer used. Remove it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 16:18:57 +01:00
Michal Privoznik
4b68c982e2 virdnsmasq: Require non NULL @caps in dnsmasqCapsGetBinaryPath()
First observation: There is no way that caps->binaryPath can be
NULL. Second observation: There is no caller that passes NULL.
Let's drop the ternary operator and access @caps directly.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Michal Privoznik
5c98d1cee0 virdnsmasq: Lookup DNSMASQ in PATH
While it's true that our virCommand subsystem is happy with
non-absolute paths, the dnsmasq capability code is not. It stores
the path to dnsmasq within and makes it accessible via
dnsmasqCapsGetBinaryPath(). While strictly speaking no caller
necessarily needs canonicalized path, let's find dnsmasq once and
cache the result.

Therefore, when constructing the capabilities structure look up
the binary path. If DNSMASQ already contains an absolute path
then virFindFileInPath() will simply return a copy.

With this code in place, the virFileIsExecutable() check can be
removed from dnsmasqCapsRefreshInternal() because
virFindFileInPath() already made sure the binary is executable.

But introducing virFindFileInPath() means we have to mock it in
test suite because dnsmasqCaps are created in
networkxml2conftest.

Moreover, we don't need to check for dnsmasq in configure.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Michal Privoznik
96308ebae9 virdnsmasq: Don't run 'dnsmasq --help'
We don't query any capabilities of dnsmasq. We are only
interested in dnsmasq's version (obtained via 'dnsmasq
--version'). Therefore, there's no point in running 'dnsmasq
--help'. Its output is not processed even.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Michal Privoznik
ce6bb27649 virdnsmasq: Drop !caps check from dnsmasqCapsRefreshInternal()
There is no way that the dnsmasqCapsRefreshInternal() function
can be called with @caps == NULL. Therefore, drop the if() that
checks for that.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Michal Privoznik
f947b2343a virdnsmasq: Drop noRefresh member from from struct _dnsmasqCaps
The noRefresh member of _dnsmasqCaps struct is set only after it
was checked for and is never checked again. This is needless and
the member can be removed. There is no way that
dnsmasqCapsRefreshInternal() can be called after
dnsmasqCapsSetFromBuffer().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Michal Privoznik
0a7224a147 virdnsmasq: Drop mtime member from struct _dnsmasqCaps
The _dnsmasqCaps struct has @mtime member which holds the mtime
of the dnsmasq binary. The idea was that capabilities don't need
to be queried if mtime hasn't changed since the last time.
However, the code that would try to query capabilities again was
removed and now we are left with code that stores mtime but has
no use for it.

Remove the member and code that uses it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Michal Privoznik
bc9fea6237 virdnsmasq: Drop @force argument of dnsmasqCapsRefreshInternal()
This argument is not used really as the only caller passes true
and dnsmasqCapsRefreshInternal() only checks for false value.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Michal Privoznik
6944c78d38 lib: Prefer g_autoptr(dnsmasqCaps) instead of explicit unref
The dnsmasqCaps type has its own cleanup function defined and
ready to use via g_autoptr(). Use automatic cleanup instead of
an explicit one.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Michal Privoznik
a7ffa2a647 virdnsmasq: Drop @binaryPath argument from dnsmasqCapsNewEmpty()
Both callers of dnsmasqCapsNewEmpty() pass DNSMASQ as an argument
which is then fed to a ternary operator which looks like this
(after substitution).

  DNSMASQ ? DNSMASQ : DNSMASQ

While I like tautologies, the code can be simplified by dropping
the argument.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-18 15:19:47 +01:00
Peter Krempa
ce20fe5c2a qemuDomainPinIOThread: Update live definition after process pinning
Otherwise we'll keep using the new pinning value even if it can't be
applied to the thread.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2040555
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2022-01-18 14:16:48 +01:00
Peter Krempa
dcfa6c650d qemuDomainPinIOThread: Copy the cpu bitmap instead of re-parsing it
The bitmap recorded in the live/persistent definition was re-parsed two
more times. We can copy it which is cheaper and less verbose.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2022-01-18 14:16:48 +01:00
Jiri Denemark
a23ce0b956 qemu: Log which API is trying to acquire a job
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-18 13:58:38 +01:00
Olaf Hering
8eb4461645 remove sysconfig files
sysconfig files are owned by the admin of the host. They have the
liberty to put anything they want into these files. This makes it
difficult to provide different built-in defaults.

Remove the sysconfig file and place the current desired default into
the service file.

Local customizations can now go either into /etc/sysconfig/name
or /etc/systemd/system/name.service.d/my-knobs.conf

Attempt to handle upgrades in libvirt.spec.
Dirty files which are marked as %config will be renamed to file.rpmsave.
To restore them automatically, move stale .rpmsave files away, and
catch any new rpmsave files in %posttrans.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-17 18:20:59 +01:00
Michal Privoznik
7b9cebac22 libxl: Remove needless labels
After previous cleanups some labels are needless: they contain
nothing but a return statement. Drop such labels and return
directly.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
d90cb8ff10 xen_xl.c: Use g_autoptr() for virCPUDef
In xenParseXLVnuma() the @cpu variable is freed explicitly.
However, when switched to g_autoptr(virCPUDef) the explicit call
can be removed.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
ef7f01b6d0 xen_xl.c: Use g_autofree more
There are few places inside src/libxl/xen_xl.c that can benefit
from g_autofree. Let them use automatic memory freeing.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
2645c66a6c libxl: Allocate @libxldisk in xenParseXLDisk() on stack
In xenParseXLDisk() the @libxldisk variable (which is type of
libxl_device_disk) is allocated on heap. But this is not
necessary as nothing in the function needs that approach.

Allocate the variable on the stack and drop corresponding
VIR_FREE() call.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
5a1bdcfbf0 libxl: Don't use a static buffer in xenParseXLVnuma()
The xenParseXLVnuma() function is responsible for parsing 'vnuma'
part of XL config and setting corresponding values in
virDomainDef. While doing so it uses a static buffer which is set
to data we are interested in and then parsing the buffer further
(e.g. string to integer conversion, bitmap parsing, and so on).
Well, the data we are interested in are already in a string
(@data) which can be used directly rendering this intermediary
buffer needless.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
17c324bd25 virconf: Make virConfSetValue() clear consumed pointer
The way that virConfSetValue() works (and the way it is even
documented) is that the @value pointer is always consumed.
However, since the first order pointer is passed it leaves
callers in a pickle situation - they always have to set pointer
to NULL after calling virConfSetValue() to avoid touching it.

Let's switch @value to a double pointer and clear it inside the
function.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
94ce37c8e2 src: Declare and use g_autoptr(virConfValue)
This commit declares g_autoptr() function for virConfValue type.
At the same time, it switches variable declarations to use it.
Also, in a few places we might have freed a variable twice, for
instance in xenFormatXLDomainNamespaceData(). This is because
virConfSetValue() consumes passed pointer (@value) even in case
of failure and thus any code that uses virConfSetValue() must
refrain from touching @value and it must not call
virConfFreeValue().

This semantic is not obvious and will be addressed in one of
future commits.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
8b12f6af0b xen_xl: Check for virConfSetValue() retval
There's one case where the return value of virConfSetValue() is
not checked for and it's in xenFormatXLInputDevs() function.
Let's fix that.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
dfda149e15 virconf: Report an error in when virConfSetValue() fails
Callers of virConfSetValue() don't report any error, they just
pass the error blindly. Therefore, report an error when
virConfSetValue() is about to fail.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:45 +01:00
Michal Privoznik
ad051d2a74 storage_file: Declare virStorageSourceParseRBDColonString only in one header
The virStorageSourceParseRBDColonString() function is declared in
src/storage_file/storage_source.h and
src/storage_file/storage_source_backingstore.h but implemented
only in the .c that corresponds to the latter header file.
Therefore, drop declaration from storage_source.h as the function
is not implemented in its corresponding .c file.

Leftover from: 2d29a3a9d8
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:53:44 +01:00
Peter Krempa
1a691fe1c8 qemu: capabilities: Re-enable JSON syntax for -device
Now that qemu fixed device unplug when JSON syntax is used with -device
we can re-enable the feature.

Since the old capability string representation is condemned by
suggesting filtering it as a workaround we must introduce a new string.
To achieve this the original capability position is renamed to
X_QEMU_CAPS_DEVICE_JSON_BROKEN_HOTPLUG and a new position with the
original name QEMU_CAPS_DEVICE_JSON is introduced to prevent us having
to change the rest of the code.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-17 09:26:17 +01:00
Daniel P. Berrangé
c723a98618 qemu: split handling of distinct firmware enum conversions
The qemuFirmwareOSInterfaceTypeFromOsDefFirmware method
was added to convert from virDomainOsDefFirmware to the
qemuFirmwareOSInterface enum.

It was later also used to convert from virDomainLoader
to qemuFirmwareOSInterface in:

  commit 8e1804f9f6
  Author: Michal Prívozník <mprivozn@redhat.com>
  Date:   Tue Dec 17 17:45:50 2019 +0100

    qemu_firmware: Try to autofill for old style UEFI specification

This caused compile errors with clang due to passing a
mis-matched enum type. These were later silenced by
stripping the enum types:

  commit 8fcee47807
  Author: Michal Prívozník <mprivozn@redhat.com>
  Date:   Wed Jan 8 09:42:47 2020 +0100

    qemu_firmware: Accept int in qemuFirmwareOSInterfaceTypeFromOsDefFirmware()

This is still rather confusing to humans reading the
code. It is clearer to just define a separate helper
method for the virDomainLoader type conversion.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-14 18:56:39 +00:00
Peter Krempa
717f1cc4d1 virDomainSnapshotRedefinePrep: Don't do partial redefine
'virDomainSnapshotRedefinePrep' does everything needed for a redefine
when the snapshot exists but not when we are defining metadata for a new
snapshot. This gives us weird semantics.

Extract the code for replacing the definition of an existing snapshot
into a new helper 'virDomainSnapshotReplaceDef' and refactor all
callers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:58 +01:00
Peter Krempa
d281c1323f virDomainSnapshotAssignDef: Clear second argument when it is consumed
Rather than callers second-guessing when the snapshot definition is
assigned turn it into a double pointer and clear it on success.

Fix callers to work with the new semantics.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:58 +01:00
Peter Krempa
91df85e057 qemuDomainSnapshotLoad: Refactor handling of snapshot definition object
Move the variable holding the snapshot definition into the loop and use
automatic clearing for it. Adjust the code for parity.

Note that the clearing of 'snapdef' on success of
'virDomainSnapshotAssignDef' will be refactored in upcoming patches.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:58 +01:00
Peter Krempa
2d0f7d779d qemuSnapshotCreate: Standardize handling of the reference on @snapdef
As with qemuSnapshotRedefine, make an extra reference in a temporary
autocleaned variable and use that instead of refing the definition after
it's stolen.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:58 +01:00
Peter Krempa
c0fd70c1e1 qemuSnapshotCreate: Use 'snapdef' instead of 'def'
'def' is commonly used for domain definition.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:58 +01:00
Peter Krempa
4584a451e6 testDomainSnapshotCreateXML: Extract snapshot redefinition code
The test driver code was copied from qemu but wasn't refactored
recently. Split out the redefinition code similarly to what qemu driver
did.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:58 +01:00
Peter Krempa
bec2a922bd virDomainSnapshotRedefineValidate: Don't modify the snapshot definition
It is not expected that a function with 'Validate' in the name actually
modifies the validated object, even worse when it even modifies another
object and the ultimatively worst bit is that it doesn't undo the mess
if the validation fails midway.

Move the stealing of the domain definition from the definition of a
snapshot being redefined into the caller along with the call to
virDomainSnapshotAlignDisks.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:58 +01:00
Peter Krempa
504b108cb9 virDomainSnapshotRedefinePrep: Use 'snapdef' for snapshot definition object
We use this variable name to distinguish it from the domain definition.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:58 +01:00
Peter Krempa
d1d4983dfc virDomainSnapshotRedefineValidate: Unexport
The function isn't used outside of src/conf/snapshot_conf.c as of
57d252c74

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:11:33 +01:00
Peter Krempa
ef3f3884a2 virDomainSnapshotAlignDisks: Allow alternate domain definition when redefining
Due to historical reasons we allow users to redefine an existing
snapshot without providing the domain definition which would correspond
to it. In such case we'd use the domain definition from the snapshot
that is being redefined.

To prevent callers from doing complex moving of the domain definition
object back and forth between the snapshot definitions we can add an
argument to virDomainSnapshotAlignDisks which will allow us to pass in
the alternate definition if the one from the snapshot is missing.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:05:30 +01:00
Peter Krempa
0b97d87a6d virDomainSnapshotAlignDisks: Move 'require_match' selection logic inside
'require_match' set to true is only needed for internal snapshots taken
by hypervisors (qemu) which don't have a way to control which disks take
part in the snapshot (savevm).

To de-clutter callers we can change the argument to mean 'this code path
requires uniform snapshot for internal snapshots'.

Change the argument and fix the callers. For now all callers pass 'true'
but any new hypervisor or even usage in qemu is not going to share the
limitation.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:05:30 +01:00
Peter Krempa
311b300d85 virDomainSnapshotAlignDisks: Convert @default_snapshot to virDomainSnapshotLocation
Use the appropriate type for the variable and fix all callers.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:05:29 +01:00
Peter Krempa
94686f1919 virDomainSnapshotAlignDisks: Improve function comment
Add description of arguments, reword the description for clarity, and
fix improper argument names mentioned in the existing description.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:05:29 +01:00
Peter Krempa
82e0a1878e virDomainSnapshotRedefineValidate: Fix validation of VIR_DOMAIN_SNAPSHOT_CREATE_DISK_ONLY flag
External snapshot with memory is created without using the
VIR_DOMAIN_SNAPSHOT_CREATE_DISK_ONLY flag, but rather with properly
configuring the XML. When redefining the code should be checking the
same thing as by definition an external snapshot with memory is not a
disk-only snapshot.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:05:29 +01:00
Peter Krempa
ebfe9b1a15 virDomainMomentAssignDef: Simplify error handling
Remove error handling from the call to 'virDomainMomentObjNew' as it
can't return NULL and replace 'virHashAddEntry' by 'g_hash_table_insert'
as we've already checked that snapshot with such name doesn't exist in
the hash table. This removes handling for two impossible errors.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-14 18:05:29 +01:00
Divya Garg
abf9eac87c qemu: add index for isa-serial device using target.port
VM XML accepts target.port but this does not get passed while
building the QEMU command line for this VM.

Signed-off-by: Divya Garg <divya.garg@nutanix.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:41:57 +01:00
Divya Garg
11ddab1daf Add the port allocation logic for isa-serial devices.
This commit takes care of following cases:
-> Check availability of requested ports.
  ->The total number of requested ports should not be more than
    VIR_MAX_ISA_SERIAL_PORTS.
  ->The ports requested should be less than VIR_MAX_ISA_SERIAL_PORTS.
  ->VIR_MAX_ISA_SERIAL_PORTS should correspond to MAX_ISA_SERIAL_PORTS
    specified in QEMU code commit def337ffda34d331404bd7f1a42726b71500df22.
-> Prevent duplicate device assignments to the same port.
-> In case no ports are provided in the XML, this patch scans the list of unused
   isa-serial indices to automatically assign available ports for this VM.

Signed-off-by: Divya Garg <divya.garg@nutanix.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:41:57 +01:00
Tim Wiederhake
d8f6e198bf virInterfaceDefParse: Simplify and cleanup
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:50 +01:00
Tim Wiederhake
56b4186efc virInterfaceDefParseXML: Simplify and cleanup
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:50 +01:00
Tim Wiederhake
7443101eb0 virInterfaceDefParseIfAdressing: Simplify and cleanup
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:50 +01:00
Tim Wiederhake
a2d7bb4062 virInterfaceDefParseProtoIPv6: Simplify and cleanup
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:50 +01:00
Tim Wiederhake
f4b970dc2a virInterfaceDefParseProtoIPv4: Simplify and cleanup
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:49 +01:00
Tim Wiederhake
86cfd4d4e8 virInterfaceDefParseDhcp: Simplify and cleanup
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:49 +01:00
Tim Wiederhake
5f9c35ffd6 virInterfaceDefParseIP: Simplify and cleanup
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:49 +01:00
Tim Wiederhake
91624098e0 virInterfaceDefParseXML: Inline trivial virInterfaceDefParseName
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:49 +01:00
Tim Wiederhake
3d54880af1 conf: interface: Remove ret and goto
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:49 +01:00
Tim Wiederhake
9dde307c44 conf: interface: Use g_auto
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:49 +01:00
Tim Wiederhake
77eb77ef4a conf: interface: Preparation for g_auto
These changes make the g_auto-ification in the next commit clearer.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:49 +01:00
Tim Wiederhake
c5860d177b virInterfaceDefDevFormat: Add missing error handling
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-14 15:38:49 +01:00
Martin Kletzander
537b51daeb Print errors on daemon startup if logging setup fails
Fixes: a873924e36

https://bugzilla.redhat.com/show_bug.cgi?id=2039652

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-13 15:43:13 +01:00
Peter Krempa
59e0d130fe qemuSnapshotRedefine: Fix use of snapshot definition after free
Commit f4aae9726d factored out the snapshot redefinition code into a
separate function, but didn't account for the fact that the code is
consuming the reference to the snapshot definition and by moving the
code away the caller (qemuSnapshotCreateXML) now frees the definition
which didn't happen before as we cleared the pointer.

Fix it by increasing the reference locally. Later patches will refactor
the code so that it's more obvious what's happening.

Fixes: f4aae9726d
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2039651
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-13 09:22:49 +01:00
Peter Krempa
56f4ec311f qemuSnapshotRedefine: Rename 'def' to 'snapdef'
'def' is commonly used to refer to domain definition. Most of the
snapshot code uses 'snapdef' for the snapshot definition.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-13 09:22:49 +01:00
Peter Krempa
164aba8c4a qemuSnapshotCreate: Don't insert snapshot into list with VIR_DOMAIN_SNAPSHOT_CREATE_NO_METADATA
Our approach to snapshots without metadata was to insert them to the
snapshot list and then later remove them from the list when the flag is
present.

This quirky logic was broken in a recent refactor of the snapshot code
causing that the snapshot stayed inserted in the snapshot list.

Recent refactor of the snapshot code didn't faithfully relocate this
logic to the new function.

Rather than attempting to restore the quirky logic of adding and then
removing the object, don't add the snapshot into the list at all when
the user doesn't want metadata.

We achieve this by creating a temporary 'virDomainMomentObj' wrapper
which is not inserted into the list and using that instead of calling
virDomainSnapshotAssignDef.

Fixes: 9bad0fb809
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2039131
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-12 16:02:13 +01:00
Peter Krempa
6ba3334222 conf: moment: Export helpers to create the virDomainMoment wrapper
Export 'virDomainMomentObjNew' and 'virDomainMomentObjFree' and define
the latter as autoptr cleanup function for 'virDomainMomentObj'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-12 16:00:18 +01:00
Peter Krempa
6e9fa631ef virdomainmomentobjlist.h: Convert to modern header style
Format the function prototypes the same way as in the .c file.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-12 16:00:18 +01:00
Ani Sinha
938382b60a report error when virProcessGetStatInfo() is unable to parse data
Currently virProcessGetStatInfo() always returns success and only logs error
when it is unable to parse the data. Make this function actually report the
error and return a negative value in this error scenario.

Fix the callers so that they do not override the error generated.
Also fix non-linux implementation of this function so as to report error.

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-12 14:18:38 +01:00
Tim Wiederhake
7cd0e26c81 Fix some typos
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-12 11:43:30 +01:00
Peter Krempa
bd3d00babc qemu: Revert to using non-JSON commandline for -device
When -device is configured via JSON a bug [1] is triggered in qemu were
the DEVICE_DELETED event for the removal of the device frontend is no
longer delivered to libvirt. Without the DEVICE_DELETED event we don't
remove the corresponding entries in the VM XML.

Until qemu will be fixed we must stop using the JSON syntax for -device.

This patch removes the detection of the capability. The capability is
used only during startup of a fresh VM so we don't need to consider any
compaitibility steps for existing VMs.

For users who wish to use 'libvirt-7.9' and 'libvirt-7.10' with
'qemu-6.2' there are two possible workarounds:

 - filter out the 'device.json' qemu capability '/etc/libvirt/qemu.conf':

   capability_filters = [ "device.json" ]

 - filter out the 'device.json' qemu capability via qemu namespace XML:

   <domain type='kvm' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'>
     [...]
     <qemu:capabilities>
       <qemu:del capability='device.json'/>
     </qemu:capabilities>
   </domain>

We must never again use the same capability name as we are now
instructing users to filter it as a workaround so once qemu is fixed
we'll need to pick a new capability value for it.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=2036669

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2035237
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-10 09:35:00 +01:00
Ani Sinha
974a777f1e do not report generic OPERATION_FAILED error when calling virConnectOpenAuth()
virConnectOpenAuth() calls virConnectOpenInternal(). This later function
generates fine grained errors arising from various failure conditions that are
more accurate than a "catch all" broader VIR_ERR_OPERATION_FAILED error that
the callers of this function generates. Remove the broader error so that more
specific errors can be caught and processed.

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-07 16:58:25 +01:00
Michal Privoznik
9039b333f6 src: Don't check for retval of some glib functions
There are a few glib functions that abort on OOM and thus there's
no point in checking their retval against NULL. Nevertheless, we
do have those checks in a few places. Remove them.

Generated using the following spatch:

  @@
  expression x;
  identifier n;
  expression r;
  @@
  (
    x = g_strdup_printf(...);
  | x = g_strdup_vprintf(...);
  | x = g_strdup(...);
  | x = g_strndup(...);
  | x = g_new0(...);
  | x = g_realloc(...);
  )
    ... when != x
  - if(!x)
  (
  -   return r;
  |
  -   goto n;
  )

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 12:13:51 +01:00
Michal Privoznik
d7c64453aa virprocess: Provide non-Linux stubs for virProcessGet{Stat,Sched}Info
Both virProcessGetStatInfo() and virProcessGetSchedInfo() are
Linux centric. Provide stubs for non-Linux platforms.

Fixes: d73852c499
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 12:13:12 +01:00
Martin Kletzander
bfe7cd3d8a util: Improve log output parsing errors
Suggested-by: Erik Skultety <eskultet@redhat.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2022-01-07 10:23:23 +01:00
Peter Krempa
2168b584a8 qemuDomainNeedsFDC: Simplify and improve checking if a machine needs FDC
Commit c7f3a1f787 turned qemuDomainMachineNeedsFDC() effectively into
qemuDomainIsQ35. Use it instead as it also matches the non-canonicalized
'q35'.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:13 +01:00
Peter Krempa
dc5fd559eb qemuProcessPrepareQEMUCaps: Don't clear QEMU_CAPS_CHARDEV_FD_PASS_COMMANDLINE
All the fd-passing setup of chardevs which this hack meant to disable
was moved to the host-preparation phase which is skipped for formatting
of non-real commandlines.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 09:25:13 +01:00
Ani Sinha
a85f0095f2 change return type of virURIParamAppend() to void type
virURIParamAppend() unconditionally returns 0. Simplify and make the return type
as void type.

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2022-01-07 08:07:04 +01:00
Vineeth Pillai
dfb5574df6 ch_monitor: Get nicindexes in prep for cgroup mgmt
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Vineeth Pillai
df6d4ff4d2 ch_driver: domainGetVcpuPinInfo and nodeGetCPUMap
Add domainGetVcpuPinInfo and nodeGetCPUMap callbacks to ch driver

Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Praveen K Paladugu
cfe0e657e1 ch_driver, ch_domain: vcpu info getter callbacks
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Vineeth Pillai
bfa2da4ca9 ch_domain: add methods to manage private vcpu data
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Vineeth Pillai
326a4ed2cb ch_domain: add virCHDomainGetMonitor helper method
Signed-off-by: Vineeth Pillai <viremana@linux.microsoft.com>
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Praveen K Paladugu
d73852c499 util: Helper functions to get process info
Move qemuGetProcessInfo and qemuGetSchedInfo methods to util and share them
with ch driver.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-06 16:03:55 +01:00
Rohit Kumar
dc33c82817 Add VM info to improve error log message for qemu monitor
This change adds the domain name in the error and debug logs during
monitor IO processing so that we may infer which VM experienced
errors such as IO or socket hangup. This may help in debugging
monitor IO errors.

Signed-off-by: Rohit Kumar <rohit.kumar3@nutanix.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-01-06 14:13:14 +01:00
Ani Sinha
f7b59a92db qemu: agent: remove all code around disabled DEBUG_IO/DEBUG_RAW_IO definitions
DEBUG_IO and DEBUG_RAW_IO are disabled and hence the code #defined under them
are useless. Remove them.

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-01-06 14:13:14 +01:00
Peter Krempa
e0291ea028 qemu: monitor: Remove disabled debug infrastructure
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
2022-01-06 14:13:14 +01:00
Michal Privoznik
7d9a7fdcd4 Account for fact that virDomainDeviceDefCopy() does an inactive copy
In a few places (e.g. device attach/detach/update) we are given a
device XML, parse it but then need a copy of parsed data so that
the original can be passed to function handling the request over
inactive XML and the copy is then passed to function handling the
operation over live XML. Note, both functions consume passed
device on success, hence the need for copy.

The problem is in combination of how the copy is obtained and
where is passed. The copy is done by calling
virDomainDeviceDefCopy() which does only inactive copy, i.e. no
live information is copied over (e.g. no aliases).

Then, this copy (inactive XML effectively) is passed to function
handling live part of the operation (e.g.
qemuDomainUpdateDeviceLive()) and the definition containing all
the juicy, live bits is passed to function handling inactive part
of the operation (e.g. qemuDomainUpdateDeviceConfig()).

This is rather incorrect, and XML copies should be passed to
their respective functions.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2036895
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2022-01-06 12:30:04 +01:00
Ján Tomko
2a9264b8b2 util: fix prototype of virDaemonSetupLogging
The commit that added error checking to this function
forgot to adjust the WIN32 stub.

Fixes: a873924e36
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2022-01-05 16:32:28 +01:00
Martin Kletzander
cfb67c8cf4 Do not print error in remote_daemon.c:main
There is no need to do that since both fallible functions do that already.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:41 +01:00
Martin Kletzander
9b652d5841 Dispatch error in virInitialize
Callers that already do this anyway can be cleaned up thanks to this and the one
that does not (daemon startup) gains the benefit of the error being printed to
standard error output changing:

LIBVIRT_LOG_OUTPUTS=1:invalid libvirtd
/home/nert/dev/libvirt/upstream/build/src/libvirtd: initialisation failed

into:

LIBVIRT_LOG_OUTPUTS=1:invalid libvirtd
libvirt:  error : invalid argument: Invalid destination 'invalid' for output '1:invalid'
/home/nert/dev/libvirt/upstream/build/src/libvirtd: initialisation failed

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:40 +01:00
Martin Kletzander
9f6749dea0 util: Check for errors in virLogSetFromEnv
And make callers check the return value as well.  This helps error out early for
invalid environment variables.

That is desirable because it could lead to deadlocks.  This can happen when
resetting logging after fork() reports translated errors because gettext
functions are not reentrant.  Well, it is not limited to resetting logging after
fork(), it can be any translation at that phase, but parsing environment
variables is easy to make fail on purpose to show the result, it can also happen
just due to a typo.

Before this commit it is possible to deadlock the daemon on startup
with something like:

LIBVIRT_LOG_FILTERS='1:*' LIBVIRT_LOG_OUTPUTS=1:stdout libvirtd

where filters are used to enable more logging and hence make the race less rare
and outputs are set to invalid

Combined with the previous patches this changes
the following from:

...
<deadlock>

to:

...
libvirtd: initialisation failed

The error message is improved in future commits and is also possible thanks to
this patch.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:40 +01:00
Martin Kletzander
a873924e36 Exit on errors from virDaemonSetupLogging
This prevents starting any daemons with improper logging settings.  This is
desirable on its own, but will be even more beneficial when more functions start
reporting errors and failing on them, coming up in following patches

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:39 +01:00
Martin Kletzander
b863085493 util: Initialize virLogMutex statically
The only difference is that we are not going to be guaranteed that the mutex is
normal (as opposed to recursive, although there is no system known to me that
would default to recursive mutexes), but that was done only to find occasional
errors (during runtime, back in 2010, commit 336fd879c0).  Functions using
this mutex are mostly stable and unchanging, and it makes the virLogOnceInit()
function only return 0 (or possibly abort in glib calls).  On top of that we can
assume that the virLogMutex is always initialized which enables us to be more
consistent in some early error reporting.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:39 +01:00
Martin Kletzander
ed5a93e4ed util: Report error in virLogSetDefaultOutputToFile
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:38 +01:00
Martin Kletzander
47fb83f8b7 util: Do not hide errors in virLogSetDefaultOutput
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:38 +01:00
Martin Kletzander
3e54152d9f util: Report error in virLogParseDefaultPriority
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2022-01-05 14:08:37 +01:00
Jim Fehlig
00f324bc3c qemu: Implement the virDomainSetLaunchSecurityState API
Set a launch secret in guest memory using the sev-inject-launch-secret
QMP API. Only supported with qemu >= 6.0.0 and SEV-enabled guests in a
paused state.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Jim Fehlig
a26d99c2b1 qemu_capabilities: Introduce QEMU_CAPS_SEV_INJECT_LAUNCH_SECRET
The 'sev-inject-launch-secret' qmp command is only available with
qemu >= 6.0.0. Introduce a capability for sev-inject-launch-secret.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Jim Fehlig
dd6321a2fb remote: Add RPC support for the virDomainSetLaunchSecurityState API
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Jim Fehlig
d46142a2f9 libvirt: Introduce virDomainSetLaunchSecurityState public API
This API allows setting a launch secret within a guests's memory. The
launch secret is created by the guest owner after retrieving and
verifying the launch measurement with virDomainGetLaunchSecurityInfo.

The API uses virTypedParameter for input, allowing it to be expanded
to support other confidential computing technologies. In the case of
SEV, a basic guest launch workflow is described in the SEV API spec
in section "1.3.1 Launch"

https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 10:56:00 -07:00
Michal Privoznik
e429c062cb virnetdevopenvswitch: Fix 'burst' value passed to ovs-vsctl
As described in the previous commit, the units for 'burst' are
kibibytes and not kilobytes, i.e. multiples of 1024 not 1000.
Therefore, when constructing ovs-vsctl command the burst value
must be multiplied by 1024 and not just 1000. And because ovs
expects this size in bits the value has to be multiplied again by
8.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1510237#c26
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-01-04 16:40:10 +01:00
Michal Privoznik
f3b422d9cc docs: Clarify 'burst' units for QoS
The burst attribute for bandwidth specifies how much bytes can be
transmitted in a single burst. Therefore, the unit is in
multiples of 1024 (thus kibibytes) not SI-like 1000. It has
always been like that.

The 'tc' output is still confusing though, for instance:

  # tc class add dev $DEV parent 1: classid 1:1 htb rate 1000kbps burst 2097152
  # tc class show dev vnet2
  class htb 1:1 root rate 8Mbit ceil 8Mbit burst 2Mb cburst 1600b

Please note that 2097152 = 2*1024*1024. Even the man page is
confusing. From tc(8):

  kb or k        Kilobytes
  mb or m        Megabytes

But I guess this is because 'tc' predates IEC standardisation of
binary multiples and thus can't change without breaking scripts
parsing its output.

And while at it, adjust _virNetDevBandwidthRate struct member
description, to make it obvious which members use SI/IEC units.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-01-04 16:40:10 +01:00
Michal Privoznik
d2a9c24b84 domain_conf: Use virXMLFormatElement*() more in virDomainDefFormatFeatures()
There are few places in virDomainDefFormatFeatures() which can
use virXMLFormatElement() or virXMLFormatElementEmpty() instead
of writing directly into the output buffer.

After this, there are still a lot of places left, but that is
much bigger task.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2022-01-04 16:40:10 +01:00
Andrea Bolognani
59d21d2c2e storage: Use the FICLONE ioctl unconditionally on Linux
According to ioctl_ficlonerange(2)

  These ioctl operations [FICLONE and FICLONERANGE] first
  appeared in Linux 4.5. They were previously known as
  BTRFS_IOC_CLONE and BTRFS_IOC_CLONE_RANGE, and were private
  to Btrfs.

We no longer target any distro that comes with a kernel older
than 4.5, so we can stop looking for the btrfs and xfs
specific versions of the constant and just use the generic
version directly.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2022-01-04 15:45:45 +01:00
Michal Privoznik
5cd76ef97f rpc: Require dtrace sources to be generated first
The virt_socket_lib is built from virnetsocket.c (among others).
But this file includes virprobe.h which includes libvirt_probes.h
which is a generated file. But this dependency is not recorded in
meson which may lead to a failed build.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2022-01-04 13:54:35 +01:00
Michal Privoznik
fbe70d9525 conf: Make virDomainTPMDefFormat() return void
The virDomainTPMDefFormat() function can't fail really. There's
no point in it returning an integer then. Make it return void and
fix both places which check for its retval.

And while at it, turn @def into a const pointer to make it
obvious the function does not modify passed struct.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-01-04 10:23:17 +01:00
Michal Privoznik
5e2a368c61 conf: Rework <tpm/> formatting
The <tpm/> element formatting is handled in
virDomainTPMDefFormat() which uses the "old style" - appending
strings directly into the output buffer. With this, it's easy to
get conditions that tell when an element has ended wrong. In this
particular case, if both <encryption/> and <active_pcr_banks/>
are to be formatted the current code puts a stray '>' into the
output buffer, resulting in invalid XML.

Rewrite the function to use virXMLFormatElement() which is more
clever.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2016599#c15
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-01-04 09:59:10 +01:00
Michal Privoznik
1ce27fa776 conf: Extend TPM ABI stability check for <active_pcr_banks/>
Changing <active_pcr_banks/> means changing the guest ABI and as
such must be prevented on both restoring from a file or
migration.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2035888
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2022-01-04 09:42:01 +01:00
Peter Krempa
a2c758398e util: json: Introduce virJSONValueObjectReplaceValue
The new helper replaces the 'value' part of the key-value tuple in an
object. The advantage of this new helper is that it preserves the
ordering of the key in the object when compared to a combination of
stealing the old key and adding a new value. This will be needed for a
new test/helper for validating and modifying qemu capabilities data.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-03 13:14:43 +01:00
Andrea Bolognani
5a781738d1 meson: Don't require the parted command at build time
We need libparted to be available at build time otherwise we
can't link against it; we don't, however, need the parted
command to be present until runtime and, just as is the case
for other commands, we already perform a lookup through the
virCommand API so making sure it's available at build time
is unnecessary.

This doesn't make any difference for platform such as Fedora
and CentOS, where both the library and the command are in the
same package, but others like Debian, Ubuntu and openSUSE
have separate packages for the two components and this change
means that we can install one less package at build time.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2022-01-03 11:39:49 +01:00
Michal Privoznik
4b77b19406 virnettlscontext: Don't pass static key length to gnutls_dh_params_generate2()
As encryption norms get more strict it's easy to fall on the
insecure side. For instance, so far we are generating 2048 bits
long prime for Diffie-Hellman keys. Some systems consider this
not long enough. While we may just keep increasing the value
passed to the corresponding gnutls_* function, that is not well
maintainable. Instead, we may do what's recommended in the
gnutls_* manpage. From gnutls_dh_params_generate2(3):

  It is recommended not to set the number of bits directly, but
  use gnutls_sec_param_to_pk_bits() instead.

Looking into the gnutls_sec_param_to_pk_bits() then [1], 2048
bits corresponds to parameter MEDIUM.

1: https://www.gnutls.org/manual/gnutls.html#tab_003akey_002dsizes

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-03 10:23:29 +01:00
Michal Privoznik
fb474c33cc virnettlscontext: Drop gnutls_dh_set_prime_bits()
According to the gnutls_dh_set_prime_bits() manpage:

  The function has no effect in server side.

Therefore, don't call it when creating server side context.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-01-03 10:23:29 +01:00
Tim Wiederhake
39f3025232 qemu: Fix typo in comment
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-22 14:20:19 +01:00
Peter Krempa
67f2fa6b75 util: virjson.h: Reformat headers to conform with new style
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
2021-12-22 13:48:35 +01:00
Peter Krempa
591bb51d37 util: json: Remove virJSONValueIsNull/virJSONValueObjectIsNull
If needed 'virJSONValueIsNull' can be easily replaced by
'virJSONValueGetType(obj) == VIR_JSON_TYPE_NULL'.

'virJSONValueObjectIsNull' has confusing name because it checks that a
virJSONValue of OBJECT type has a key which is NULL, not that the object
itself is NULL. This can be replaced according to the needs e.g. by
virJSONValueObjectHasKey or the above check.

Both are unused.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
2021-12-22 13:48:35 +01:00
Peter Krempa
36d6c3bb67 util: json: Open-code only call of virJSONValueNewStringLen
Replace the function by a call to virJSONValueNewString, when we copy
the string using g_strndup. Remove the unused helper.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
2021-12-22 13:48:35 +01:00
Peter Krempa
a8b4a41731 util: json: Don't copy string in virJSONValueNewString
With 'g_strdup' not needing error handling we can ask callers to pass a
copy of the string which will be adopted by the JSON value.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
2021-12-22 13:48:35 +01:00
Peter Krempa
f668e17bea Replace open coded virJSONValueArrayAppendString
In two instances we've created a string virJSONValue just to append it
to the array. Replace it by use of the virJSONValueArrayAppendString
helper.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
2021-12-22 13:48:35 +01:00
Peter Krempa
b58f88a919 qemuBlockStorageSourceGetRBDProps: Simplify generation of auth modes
The auth mode array is static, parse it from a JSON string.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Tim Wiederhake <twiederh@redhat.com>
2021-12-22 13:48:35 +01:00
Peter Krempa
4273b74b82 qemuBlockStorageSourceCreateDetectSize: Propagate 'extended_l2' feature to new overlays
In cases where the qcow2 image is using subclusters/extended_l2 entries
we should propagate them to the new images which are based on such
images.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-21 13:23:09 +01:00
Peter Krempa
3275be238c qemu: monitor: Extract whether qcow2 image uses extended L2 allocation data
In order to be able to propagate image configuration to newly formatted
images we need to be able to query it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-21 13:23:09 +01:00
Peter Krempa
df0e867447 qemuBlockStorageSourceCreateGetFormatPropsQcow2: Add support for 'extended-l2' feature
Allow creating the qcow2 with the new subcluster format if required.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-21 13:23:09 +01:00
Peter Krempa
58f5597a77 storage_file_probe: Add support for probing qcow2's incompatible features
Add machinery for probing the incompatible feature flags field and
specifically extract whether the extended l2 feature (1 << 4) is
present.

For now we don't care abot the other features.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-21 13:23:09 +01:00
Peter Krempa
fe330b58c4 qcow2GetFeatures: Extract population of features bitmap
Prepare for extraction of features from the 'incompatible features'
group.

This is done by moving the extraction loop into a new function called
qcow2GetFeaturesProcessGroup. The new function also allows to ingore
features we don't care about by passing VIR_STORAGE_FILE_FEATURE_LAST as
the target flag.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-21 13:23:09 +01:00
Peter Krempa
66566e84b8 storage: Introduce 'extended_l2' feature for storage volume
QCOW2 images now support 'extended_l2' which splits the default clusters
into 32 subcluster allocation units. This allows the allocation units to
be smaller without increasing the size of L2 table too much and thus also
the cache requirements for holding the full L2 table in memory.

Unfortunately it's incompatible with qemu versions older than 5.2 thus
can't be used as default.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-21 13:23:09 +01:00
Peter Krempa
8cd1fdb79a qemuGetSEVInfoToParams: Reformat to standard coding style
The function was formatted weirdly which prompted additions to conform
to the unusual style.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-17 15:14:25 +01:00
Michal Privoznik
c1355849e4 qemu_command: do use host-nodes for system memory
After previous commit, it's no longer possible to change nodeset
for strict numatune. Therefore, we can start generating
host-nodes onto command line again.

This partially reverts d73265af6e.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2021-12-17 13:21:55 +01:00
Michal Privoznik
06f405c627 qemu: Explicitly forbid live changing nodeset for strict numatune
Let's imagine a guest that's configured with strict numatune:

  <numatune>
    <memory mode='strict' nodeset='0'/>
  </numatune>

For guests with NUMA:
Depending on machine type used (see commit v6.4.0-rc1~75) we
generate either:

  1) -object '{"qom-type":"memory-backend-ram","id":"ram-node0",\
               "size":20971520,"host-nodes":[0],"policy":"preferred"}' \
     -numa node,nodeid=0,cpus=0,memdev=ram-node0

or

  2) -numa node,nodeid=0,cpus=0,mem=20480

Later, when QEMU boots up and cpuset CGroup controller is
available we further restrict QEMU there too. But there's a
behaviour difference hidden: while in case 1) QEMU is restricted
from beginning, in case 2) it is not and thus it may happen that
it will allocate memory from different NUMA node and even though
CGroup will try to migrate it, it may fail to do so (e.g. because
memory is locked). Therefore, one can argue that case 2) is
broken. NB, case 2) is exactly what mode 'restrictive' is for.
However, in case 1) we are unable to update QEMU with new
host-nodes, simply because it's lacking a command to do so.

For guests without NUMA:
It's very close to case 2) from above. We have commit
v7.10.0-rc1~163 that prevents us from outputting host-nodes when
generating memory-backend-* for system memory, but that simply
allows QEMU to allocate memory anywhere and then relies on
CGroups to move it to desired location.

Due to all of this, there is no reliable way to change nodeset
for mode 'strict'. Let's forbid it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2021-12-17 13:21:48 +01:00
Michal Privoznik
a19b93d4e0 qemu: Allow VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE in qemuDomainSetNumaParamsLive()
The whole idea of VIR_DOMAIN_NUMATUNE_MEM_RESTRICTIVE is that the
memory location is restricted only via CGroups and thus can be
changed on the fly (which is exactly what
qemuDomainSetNumaParamsLive() does. Allow this mode there then.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2021-12-17 13:18:54 +01:00
Daniel P. Berrangé
e4e873e9b6 qemu: format sev-guest.kernel-hashes property
Set the kernel-hashes property on the sev-guest object if the config
asked for it explicitly. While QEMU machine types currently default to
having this setting off, it is not guaranteed to remain this way.

We can't assume that the QEMU capabilities were generated on an AMD host
with SEV, so we must force set the QEMU_CAPS_SEV_GUEST. This also means
that the 'sev' info in the qemuCaps struct might be NULL, but this is
harmless from POV of testing the CLI generator.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-16 18:10:33 +00:00
Daniel P. Berrangé
1826716c1f qemu: probe for sev-guest.kernel-hashes property
This sev-guest object property indicates whether QEMU should
expose the kernel, ramdisk, cmdline hashes to the firmware
for measurement.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-16 18:06:53 +00:00
Daniel P. Berrangé
cd4e917760 conf: add support for setting SEV kernel hashes
Normally the SEV measurement only covers the firmware
loader contents. When doing a direct kernel boot, however,
with new enough OVMF it is possible to ask for the
measurement to cover the kernel, ramdisk and command line.

It can't be done automatically as that would break existing
guests using direct kernel boot with old firmware, so there
is a new XML setting allowing this behaviour to be toggled.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-16 18:02:58 +00:00
Daniel P. Berrangé
27c1d06b5b qemu: validate VNC password length
The VNC password authentication scheme is quite horrendous in that it
takes the user password and directly uses it as a DES case. DES is a
byte 8 keyed cipher, so the VNC password can never be more than 8
characters long. Anything over that length will be silently dropped.

We should validate this length restriction when accepting user XML
configs and report an error. For the global VNC password we don't
really want to break daemon startup by reporting an error, but
logging a warning is worthwhile.

https://bugzilla.redhat.com/show_bug.cgi?id=1506689

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-16 18:02:18 +00:00
Ján Tomko
8ab1a0fdc9 qemu: qemu_command: clean up includes
Over time, the code using them got split into other files.
(Mostly qemu_interface.c and qemu_process.c)

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Ani Sinha <ani@anisinha.ca>
2021-12-16 16:53:42 +01:00
Peter Krempa
019b74103b virDomainDiskInsert: Don't access NULL disk target
'virDomainDiskInsert' orders the inserted disks by target. If the target
is not provided though it would try to parse it anyways. This lead to a
crash when parsing a definition where there are multiple disks and of
two disks sharing the bus at least one also misses the target.

Since we want to actually use the parser for stuff which doesn't
necessarily need the disk target, we make virDomainDiskInsert tolerant
of missing target instead. The definition will be rejected by the
validator regardless of the order the disks were inserted in.

Fixes: 61fd7174
Closes: https://gitlab.com/libvirt/libvirt/-/issues/257
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-16 15:58:06 +01:00
Ani Sinha
0d5b08e56d qemu: fix missing cleanup on error in qemuSaveImageStartVM
Commit 52521de8332c2323bd ("qemu: Use qemuDomainSaveStatus") replaced a call
to virDomainObjSave() with qemuDomainSaveStatus() as a part of cleanup. Since
qemuDomainSaveStatus() does not indicate any failure through its return code,
the error handling cleanup code got eliminated in the process. Thus upon
failure, we will no longer killing the started qemu process. This commit fixes
this by reverting the change that was introduced with the above commit.

Fixes: 52521de8332c2323bd ("qemu: Use qemuDomainSaveStatus")

Signed-off-by: Ani Sinha <ani@anisinha.ca>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-12-16 10:32:10 +01:00
Ján Tomko
856e6f0b34 network: remove unused 'driver' parameter
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
2f9ad6537b util: dnsmasq: remove caps completely
Now that we only check whether the dnsmasq version is new enough,
there is no need for the caps field.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
cd74b24fdf util: remove dnsmasqCapsGetVersion
It has no callers anymore.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
7193ef2bed conf: remove radvdPid from virNetworkObj
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
665702135e network: driver: remove unused radvdStateDir variable
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
b4efa0cfc5 network: remove any code dealing with radvd
Since dnsmasq supports --ra-param for a long time, this code is now
unused.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
4ddd442687 util: dnsmasq: delete assumed capability flags
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
c8e45725f9 network: assume DNSMASQ_CAPS_RA_PARAM
Introduced by dnsmasq commit:
commit c4cd95df68b573b63d234ecdb675228657d65353
Author:     Simon Kelley <simon@thekelleys.org.uk>
CommitDate: 2013-10-10 20:58:11 +0100

    Add --ra-param and remove --force-fast-ra

git describe: v2.67rc3-3-gc4cd95d contains: v2.67rc4~12

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
0927510d7f network: assume DNSMASQ_CAPS_BIND_DYNAMIC
Introduced by dnsmasq commit:
commit 54dd393f3938fc0c19088fbd319b95e37d81a2b0
CommitDate: 2012-06-20 11:23:38 +0100

    Add --bind-dynamic

git describe: v2.63test1 contains: v2.63test1^0

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
ac0028f541 util: remove DNSMASQ_RA_SUPPORT
Now that the macro is unused, delete it.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
166fdbad6c network: assume DNSMASQ_RA_SUPPORT
Delete the code that is only run without the capability.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
e3baacd344 network: assume DNSMASQ_DHCPv6_SUPPORT
Remove the (now unreachable) error message and the macro.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
80d1a5ff2e util: dnsmasq: mandate at least version 2.67
All the capabilities should be supported in 2.67.
Make this the minimum version, since even the oldest
distros we support have moved on:

Debian 8: 2.72
CentOS 7: 2.76
Ubuntu 18.04: 2.79

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Ján Tomko
b9a4c5f8c8 util: dnsmasqCapsSetFromBuffer: use error label
Rename 'fail' to 'error' to match the prevalent usage.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com>
2021-12-15 15:28:17 +01:00
Michal Privoznik
de617ce96b admin: Build only when RPC is available
The admin module is very closely tied to RPC. If we are
building without RPC support there's not much use for the
admin module, in fact it fails to build.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-15 12:12:44 +01:00
Michal Privoznik
b7ccae7f1f logging: Build log manager only when RPC is available
The logging manager is very closely tied to RPC. If we are
building without RPC support there's not much use for the
manager, in fact it fails to build.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-15 12:12:44 +01:00
Michal Privoznik
377f67d5b3 rpc: Build only when XDR is available
Our RPC layer is as tied to XDR as possible. Therefore, if we
haven't detected and XDR library there's not much sense in trying
to build RPC layer.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-15 12:12:44 +01:00
Michal Privoznik
1bbcc79e0e rpc: Separate out socket code into another static lib
There's nothing RPC specific about virnettlscontext.c or
virnetsocket.c. We use TLS for other things than just RPC
encryption (e.g. for generating random numbers) and sockets can
be used even without RPC.

Move these two sources into a static library (virt_socket) so
that other areas can use it even when RPC is disabled.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-15 12:12:43 +01:00
Michal Privoznik
81025a6a18 libvirt-stream: Don't require RPC module
When implementing sparse streams, one of improvements I did was
to increase client buffer size for sending/receiving stream data
(commit v1.3.5-rc1~502). Previously, we were using 64KiB buffer
while packets on RPC are 256KiB (usable data is slightly less
because of the header). This meant that it took multiple calls of
virStreamRecv()/virStreamSend() to serve a single packet of data.
In my fix, I've included the virnetprotocol.h file which provides
VIR_NET_MESSAGE_LEGACY_PAYLOAD_MAX macro which is the exact size
of data in a single packet. However, including the file from
libvirt-stream.c which implements public APIs is not right. If
RPC module is not built then the file doesn't exists.

Redefine the macro and drop the include. The size can never
change anyways.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-15 12:12:43 +01:00
Tim Wiederhake
fdec0cbf43 Fix some typos
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-15 11:52:54 +01:00
Jiri Denemark
7ab39cf04b qemu: Drop driver parameter from qemuDomainSetFakeReboot
And its callers. The parameter is no longer used since virDomainObjSave
was replaced with qemuDomainSaveStatus wrapper.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-15 10:44:50 +01:00
Jiri Denemark
38fb9106ed qemu: Use qemuDomainSaveStatus
It is a nice wrapper around virDomainObjSave which logs a warning, but
otherwise ignores the error. Let's use it where appropriate.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-15 10:44:50 +01:00
Jiri Denemark
877d1c2478 qemu: Add support for return-path migration capability
When return-path is enabled, QEMU on the source host won't report
completed migration until the destination QEMU sends a confirmation it
successfully loaded all data. Libvirt would detect such situation in the
Finish phase and report the error read from QEMU's stderr back to the
source, but using return-path could give use a bit better error
reporting with an earlier restart of vCPUs on the source.

The capability is only enabled when the connection between QEMU
processes on the source and destination hosts is bidirectional. In other
words, only when VIR_MIGRATE_TUNNELLED is not set, because our tunnel
only allows one-way communication from the source to the destination.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-15 10:44:50 +01:00
Jiri Denemark
4f9f3c5d13 qemu: Support enabling migration caps unless a flag is used
So far we were enabling specific migration capabilities when a
corresponding API flag is set. We need to generalize our code to be able
to enable some migration capabilities unless a particular API flag is
used.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-15 10:44:50 +01:00
Daniel P. Berrangé
7826148a72 qemu: report max number of SEV guests
Different CPU generations have different limits on the number
of SEV/SEV-ES guests that can be run. Since both limits come
from the same overall set, there is typically also BIOS config
to set the tradeoff betweeen SEV and SEV-ES guest limits.

This is important information to expose for a mgmt application
scheduling guests to hosts.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-14 16:04:17 +00:00
Daniel P. Berrangé
2150c7c9f7 util: pull CPUID helper function out of CPU driver
This will be needed directly in the QEMU driver in a later patch.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-14 16:04:17 +00:00
Daniel P. Berrangé
34cb8f6fcd conf: extend domain capabilities for max SEV guest count
There are limits on the number of SEV/SEV-ES guests that can
be run on machines, which may be influenced by firmware
settings. This is important to expose to users.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-14 16:04:17 +00:00
Daniel P. Berrangé
8c071180cf qemu: report new launch security parameters
Report extra info about the SEV setup, returning those fields
that are required to calculate the expected launch measurement

 HMAC(0x04 || API_MAJOR || API_MINOR || BUILD ||
      GCTX.POLICY || GCTX.LD || MNONCE; GCTX.TIK)

specified in section 6.5.1 of AMD Secure Encrypted
Virtualization API.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-14 16:04:17 +00:00
Daniel P. Berrangé
cc9679ef14 qemu: add monitor APIs for query-sev
We're only returning the set of fields needed to perform an
attestation, per the SEV API docs.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-14 16:04:17 +00:00
Daniel P. Berrangé
5842163910 qemu: report error querying launch params for inactive guest
Querying launch params on a inactive guest currently triggers
a warning about the monitor being NULL.

https://bugzilla.redhat.com/show_bug.cgi?id=2030437

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-12-14 16:04:17 +00:00
Jim Fehlig
cbae4eaa19 libxl: Implement domainGetMessages API
Since commit 46783e6307, the 'virsh dominfo' command calls
virDomainGetMessages to report any messages from the domain.
Hypervisors not implementing the API now get the following
libvirtd log message when clients invoke 'virsh dominfo'

this function is not supported by the connection driver: virDomainGetMessages

Although libxl currently does not support any tainting or
deprecation messages, provide an implementation to squelch
the previously unseen error message when collecting dominfo.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 08:55:36 -07:00
Tim Wiederhake
9c2afd17fd conf: domain: Add hyperv passthrough mode
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-14 16:50:45 +01:00
Tim Wiederhake
5050b71da0 virDomainDefFormatFeatures: Write attribute "mode" of element "hyperv"
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-14 16:50:45 +01:00
Tim Wiederhake
6e83fafe33 virDomainFeaturesHyperVDefParse: Read attribute "mode" of element "hyperv"
Currently, this attribute may either have a value of "custom", or be absent
(which defaults to "custom"), for backwards compatibility.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-14 16:50:45 +01:00
Tim Wiederhake
cc1546ac6b conf: domain: Define enum for HyperV mode
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-14 16:50:45 +01:00
Ján Tomko
6698d8f530 util: use g_auto in virNodeSuspendHelper
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:36 +01:00
Ján Tomko
00a565aa78 util: refactor virNodeSuspendSetNodeWakeup
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:36 +01:00
Ján Tomko
9abf18ace7 util: iscsi: use two vars in CreateIfaceIQN
Do not mix automatic and manual cleanup.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:36 +01:00
Ján Tomko
1b5510c42d util: dnsmasq: refactor CapsRefresh
Use two variables with automatic cleanup instead of reusing one.

Remove the pointless cleanup label.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:36 +01:00
Ján Tomko
e86d62f8f7 vmware: refactor vmwareExtractVersion
Use g_auto for cleanup and remove the cleanup label.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
4f1c1c9ff7 vmware: use g_auto in vmwareLoadDomains
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
f7bdd27d2c vmware: refactor vmwareUpdateVMStatus
Use g_auto and get rid of the cleanup label, as well as the ret
variable.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
975a2b3555 vz: utils: use g_auto for virCommand
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
4a56179646 openvz: refactor openvzVEGetStringParam
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
7cd718cca5 openvz: use g_auto in openvzDomainMigratePerform3Params
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
c5ae8135df openvz: refactor openvzGetVEStatus
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
783e0b9c8e openvz: refactor openvzDomainSetBarrierLimit
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
0d47463356 openvz: refactor openvzDomainGetBarrierLimit
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
5c7c1db2f5 openvz: refactor openvzConnectListDefinedDomains
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:06 +01:00
Ján Tomko
80134168fe openvz: refactor openvzConnectListDomains
Use g_auto where possible, reduce scope of some variables and remove
pointless ret and rc variables.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:05 +01:00
Ján Tomko
0681365dc3 openvz: refactor openvzDomainSetNetwork
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:05 +01:00
Ján Tomko
83b063ca60 openvz: refactor openvzSetDiskQuota
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:05 +01:00
Ján Tomko
8690caf5d4 openvz: refactor openvzSetInitialConfig
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:05 +01:00
Ján Tomko
560de4e5cd openvz: refactor openvzDomainDefineCmd
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:05 +01:00
Ján Tomko
0dfb73a511 openvz: refactor openvzGetVEID
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:05 +01:00
Ján Tomko
680d8c91e8 openvz: refactor openvzLoadDomains
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:05 +01:00
Ján Tomko
73a716eecd openvz: refactor openvzExtractVersionInfo
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 16:41:05 +01:00
Hyman Huang(黄勇)
359e9f5cf4 qemu: Generate command line for dirty-ring-size
On QEMU command line it's represented by the dirty-ring-size
attribute of KVM accelerator.

Signed-off-by: Hyman Huang(黄勇) <huangy81@chinatelecom.cn>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 13:18:53 +01:00
Hyman Huang(黄勇)
5d18d740d8 qemu: support dirty ring feature
Dirty ring feature was introduced in qemu-6.1.0, this patch
add the corresponding feature named 'dirty-ring', which enable
dirty ring feature when starting VM.

To enable the feature, the following XML needs to be added to
the guest's domain description:

<features>
   <kvm>
     <dirty-ring state='on' size='xxx'>
   </kvm>
</features>

If property "state=on", property "size" must be specified, which
should be power of 2 and range in [1024, 65526].

Signed-off-by: Hyman Huang(黄勇) <huangy81@chinatelecom.cn>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-14 13:17:41 +01:00
Michal Privoznik
a8e0f9c682 conf: Turn virDomainDef.kvm_features into a struct
In future commits we will need to store not just an array of
VIR_TRISTATE_SWITCH_* but also an additional integer. Follow the
example of TCG and introduce a structure where both the array an
integer can live.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-12-14 12:49:50 +01:00
Laine Stump
497e6f5fa6 util: remove virFirewallOnceInit()
There is no longer anything to initialize at binary startup time.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-13 13:37:31 -05:00
Laine Stump
d566cc55bf util: remove currentBackend from virfirewall.c
Since the currentBackend (direct vs. firewalld) setting is no longer
used for anything, we don't need to set it (either explicitly from
tests, or implicitly during init), and can completely remove it.

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-12-13 13:37:31 -05:00