Peter Krempa [Thu, 25 Nov 2021 15:17:16 +0000 (16:17 +0100)]
qemu: Fix validation of PCI option rom settings on hotplug
Commit 24be92b8e moved the option rom settings validation code to the
validation callbacks, but that doesn't work properly with device hotplug
as we assign addresses only after parsing the whole XML. The check is
too strict for that and caused failures when hotplugging devices such
as:
This patch relaxes the check in the validation callback to accept also
_NONE and _UNASSIGNED address types and returns the check to
'qemuBuildRomProps' so that we preserve the full validation as we've
used to.
Fixes: 24be92b8e38762e9ba13e
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2021437 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Wed, 24 Nov 2021 16:22:29 +0000 (17:22 +0100)]
qemu: monitor: Fix usage of 'query-blockstats'
Commit bc24810c2cab modified code querying blockstats to use the
'query-nodes' parameter so that we can fetch stats also for images which
are not attached to a frontend such as block copy and backup scratch
images.
Unfortunately that broke the old blockstats because if 'query-nodes' is
enabled qemu doesn't output the 'qdev' parameter which our code used for
matching to the disk and also qemu neglects to populate the frontend
stats at all so we can't even switch to using nodename for matching.
To fix this we need to do two calls, one with 'query-nodes' disabled
using the old logic to populate everything and then an additional one
which populates all the remaining images.
Closes: https://gitlab.com/libvirt/libvirt/-/issues/246 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Tested-by: Erik Skultety <eskultet@redhat.com>
qemu: Remove 'else' branches after 'return' or 'goto'
I think it makes no sense to have else branches after return or
goto as it will never reach them in cases it should not. This
patch makes the code more readable (at least to me).
virDomainObjListAdd: Transfer definition ownership
Upon successful return from virDomainObjListAdd() the
virDomainObj is the owner of secret definition. To make this
ownership transfer even more visible, lets pass the definition as
a double pointer and use g_steal_pointer().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Tue, 23 Nov 2021 16:09:59 +0000 (17:09 +0100)]
virStoragePoolObjListAdd: Transfer definition ownership
Upon successful return from virStoragePoolObjListAdd() the
virStoragePoolObj is the owner of secret definition. To make this
ownership transfer even more visible, lets pass the definition as
a double pointer and use g_steal_pointer().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Tue, 23 Nov 2021 16:03:44 +0000 (17:03 +0100)]
virSecretObjListAdd: Transfer definition ownership
Upon successful return from virSecretObjListAdd() the
virSecretObj is the owner of secret definition. To make this
ownership transfer even more visible, lets pass the definition as
a double pointer and use g_steal_pointer().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
virInterfaceObjListAssignDef: Transfer definition ownership
Upon successful return from virInterfaceObjListAssignDef() the
virInterfaceObj is the owner of secret definition. To make this
ownership transfer even more visible, lets pass the definition as
a double pointer and use g_steal_pointer().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
util: fix cache invalidation of swtpm capabilities
The check for whether the swtpm binary was modified is checking pointers
to the mtime field in two distinct structs, so will always compare
different. This resulted in re-probing swtpm capabilities every time,
as many as 20 times for a single VM launch.
tpm: Check whether previously found executables were updated
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
When a build fails it is helpful to know what packages were installed,
because by the time we look at the build job output, the original
container image might have changed.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Xu Chao [Wed, 24 Nov 2021 02:33:11 +0000 (10:33 +0800)]
util: virExec may blocked by reading pipe if grandchild prematurely exit
When VIR_EXEC_DAEMON is set, if virPidFileAcquirePath/virSetInherit failed,
then pipesync[0] can not be closed when granchild process exit, because
pipesync[1] still opened in child process. and then saferead in child
process may blocked forever, and left grandchild process in defunct state.
Signed-off-by: Xu Chao <xu.chao6@zte.com.cn> Signed-off-by: Yi Wang <wang.yi59@zte.com.cn> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Mon, 22 Nov 2021 16:44:49 +0000 (17:44 +0100)]
util: xml: Remove virXMLPropStringLimit and virXPathStringLimit
The functions have very difficult semantics where callers are not able
to tell whether the property is missing or failed the length check. Only
the latter produces errors.
Since usage of the functions was phased out, remove them completely to
avoid further broken code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Mon, 22 Nov 2021 15:33:37 +0000 (16:33 +0100)]
virSecurityLabelDefParseXML: Directly assign strings into appropriate variables
'seclabel->label', 'seclabel->imagelabel' and 'seclabel->baselabel' are
populated by stealing the pointer from the 'p' temporary string. Remove
the extra step.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
The cpuset_getaffinity() function is checked in sys/cpuset.h to see if
BSD CPU affinity APIs are available. This check requires including
sys/param.h to work properly, otherwise the test program fails with
unrelated errors like:
/usr/include/sys/cpuset.h:155:1: error: unknown type name
'__BEGIN_DECLS'
__BEGIN_DECLS
^
/usr/include/sys/cpuset.h:156:12: error: unknown type name 'cpusetid_t';
did you mean 'cpuset_t'?
int cpuset(cpusetid_t *);
and so forth.
Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This patch removes variables such as 'ret', 'rc' and others which
are easily replaced. Therefore, making the code look cleaner and
easier to understand.
Signed-off-by: Kristina Hanicova <khanicov@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This eliminates one incorrect parsing implementation which relied on the
command field not having a closing bracket. This possibility is already
tested against in the virProcessGetStat() tests.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This reads and separates all fields from /proc/<pid>/stat or
/proc/<pid>/task/<tid>/stat as there are easy mistakes to be done in the
implementation. Some tests are added to show it works correctly. No number
parsing is done as it would be unused for most of the fields most, if not all,
of the time. No struct is used for the result as the length can vary (new
fields can be added in the future).
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Pavel Hrdina [Tue, 23 Nov 2021 14:15:43 +0000 (15:15 +0100)]
virsh: man: update snapshot-revert description
We've changed the behavior of this API that from now on it will always
restart the VM process and we are no longer able to revert to snapshots
created by libvirt older then 0.9.5.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
virsh: Do not try connecting first time without polkit agent
Trying to connect once without a polkit agent will generate an error on the
server side which seems too rough given it only serves the purpose of the client
(virsh in this case) to figure out that an agent is needed. Thankfully we can
just try running the agent. It does not break anything as we are running it
with `--fallback`, which makes sure it does not replace an existing agent in
case there is one already registered.
The second piece of code trying to start the polkit text agent is kept in order
to _really_ try out starting the agent (and error out when failing to do so)
just in case the agent was not available the first time it was ran. Even though
it should not happen it avoids a very rare race condition and really does not
add much complexity.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1945501 Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
With this function we can decide whether to try running the polkit text agent
only if it is available, removing a potential needless error saying that the
agent binary does not exist, which is useful especially when running the agent
before knowing whether it is going to be needed.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Recently, FreeBSD has got sched_get/setaffinity(3) implementations and
the sched.h header as well [1]. To make these routines visible,
users have to define _WITH_CPU_SET_T.
This breaks current detection. Specifically, meson sees the
sched_getaffinity() symbol and defines WITH_SCHED_GETAFFINITY. This
define unlocks Linux implementation of virProcessSetAffinity() and other
functions, which fails to build on FreeBSD because cpu_set_t is not
visible as _WITH_CPU_SET_T is not defined.
For now, change detection to the following:
- Instead of checking sched_getaffinity(), check if 'cpu_set_t' is
available through sched.h
- Explicitly check the sched.h header instead of assuming its presence
if WITH_SCHED_SETSCHEDULER is defined
We've changed the behavior of this API that from now on it will always
restart the VM process and we are no longer able to revert to snapshots
created by libvirt older then 0.9.5.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Thu, 11 Nov 2021 16:34:46 +0000 (17:34 +0100)]
test: snapshot revert: always error out if VM XML is missing
We should have this check even if FORCE flag is used because later we
unconditionally copy the `snap->def->dom` and error out if there is no
copy created. The test driver will always save the VM XML when creating
new snapshot.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Wed, 10 Nov 2021 14:44:07 +0000 (15:44 +0100)]
qemu_snapshot: revert: always restart QEMU process for running VM
Our compatibility check code isn't complete and there are cases where it
fails to detect incompatible configuration and the revert fails. In
addition future support for external snapshot will always require
restarting the QEMU process.
To unify the behavior drop the compatibility check code and always
restart the QEMU process.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Wed, 10 Nov 2021 12:55:58 +0000 (13:55 +0100)]
qemu_snapshot: revert: always error out if VM XML is missing
The support to revert snapshots was introduced in libvirt 0.8.0 but
saving the whole VM XML was implemented later in libvirt 0.9.5.
That is more then 10 years ago so we can safely assume that nobody will
try reverting to snapshot created by that old libvirt. In the unlikely
scenario where someone would actually did it we would simply error out.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Pavel Hrdina [Fri, 19 Nov 2021 17:01:23 +0000 (18:01 +0100)]
util: fix various ATTRIBUTE_NONNULL calls
Git bisect took me to commit where incorrect usage of ATTRIBUTE_NONNULL
was introduced and caused coverity scan to fail. This patch fixes the
issue where the index starts from 1 and not 0 and two other different
cases.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
We currently use -machine accel=XXX which is just a syntax sugar
for -accel XXX. The former doesn't allow specifying arguments for
accelerator, because all arguments passed to -machine are
treated as arguments of machine itself.
The -accel argument was introduced in QEMU commit
v2.9.0-rc0~70^2~19 and since our minimum required version is
newer (2.11.0) we can safely assume its existence and use it
without any capability.
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/233 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Tested-by: Kashyap Chamarthy <kchamart@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
qemu_command: Don't validate accelerator when building cmd line
The domain accelerator was validated in qemuValidateDomainDef()
which calls virQEMUCapsIsVirtTypeSupported() which reports proper
error if QEMU is not capable of KVM/TCG. There is no point in
doing the validation again when building command line.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Tested-by: Kashyap Chamarthy <kchamart@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Peter Krempa [Fri, 19 Nov 2021 12:25:00 +0000 (13:25 +0100)]
qemuMonitorJSONBuildChrChardevReconnect: Unify with qemuBuildChrChardevReconnectStr
When formatting the commandline we explicitly set the reconnect timeout
to 0 when it's disabled even when that's the default. Do the same in
the monitor/hotplug code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 19 Nov 2021 12:17:27 +0000 (13:17 +0100)]
qemuMonitorJSONAttachCharDevGetProps: Rename 'backend_type' and 'data'
Rename 'data' to 'backendData' so that it's more clear what the object
represents and 'backend_type' to 'backendType' to go with the common
camel case notation.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
In some cases we have a label that contains nothing but a return
statement. The amount of such labels rises as we use automagic
cleanup. Anyway, such labels are pointless and can be dropped.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Michal Privoznik [Wed, 15 Sep 2021 13:59:59 +0000 (15:59 +0200)]
qemu_command: Generate -mem-prealloc in one corner case more
When guest has NUMA nodes and QEMU is new enough to report
default RAM ID then ideally we would use -numa memdev= combined
with memory-backend-* combo becasue -mem-path/-mem-prealloc/-numa
mem are deprecated. Well, there is one problem - the .memdev=
attribute is machine type dependent (just look at arguments of
virQEMUCapsGetMachineNumaMemSupported()) and to ensure backwards
compatibility we prefer -numa mem= over -numa memdev=.
But there was one corner case when -mem-prealloc was requested
but not generated on the cmd line. It all starts with
qemuBuildMemCommandLine() which generates just '-m XXX' and
because it sees defaultRAMid and guest NUMA nodes greater than
zero it does nothing more.
Then, qemuBuildNumaCommandLine() sees that -numa mem= is still
supported for given machine type and nothing else set
@needBackend thus qemuBuildMemPathStr() is called which output
-mem-prealloc only in a few cases assuming it was outputted
earlier.
Reported-by: Jing Qi <jinqi@redhat.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
cpu_ppc64.c: remove 'guest' param from ppc64Compute()
ppc64Compute() is used only once, by virCPUppc64Compare(), which
doesn't use the 'guest' parameter. It was last used by an API
called 'cpuGuestData' that was dropped by commit 03fa904c0c0cb2.
Removing the 'guest' parameter will not only remove unused code from
ppc64Compute() but also remove the ppc64MakeCPUData() entirely.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Vasiliy Ulyanov [Fri, 19 Nov 2021 12:37:38 +0000 (13:37 +0100)]
qemu: Fix the check of AMD secure guest support
The content of /sys/module/kvm_amd/parameters/sev may vary depending on
the kernel version. Check also for 'Y' and 'y' in addition to '1' to
cover several possible variants. The fix is similar to the one
introduced in commit 3f9c1a4bb841
Signed-off-by: Vasiliy Ulyanov <vulyanov@suse.de> Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 16 Nov 2021 13:45:53 +0000 (14:45 +0100)]
qemuDomainPrepareStorageSourceBlockdev: Set default encryption engine also when preparing virStorageSource
Originally the default encryption engine is populated in the disk
post-parse callback code. This works for disks but for any additional
images introduced either via the block copy API or via the backup API we
don't populate the default.
In case when the backup or block copy is requested on an encrypted image
this would then lead to an error:
error: internal error: Unexpected enum value 0 for virStorageEncryptionEngine
This patch adds another point where we populate the default which is
when setting up a virStorageSource for actual usage.
We keep the original setting in the post-parse callback as that's the
only point that is recorded in the XML file after definition.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2023674 Fixes: ab1d46d6128 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 18 Nov 2021 08:23:09 +0000 (09:23 +0100)]
qemuBuildHostdevMediatedDevProps: Format 'ramfb' only when enabled
Before commit 73c352ab8c97d3 which converted the hostdev commandline
formatter to JSON the 'ramfb' property was formatted only if it was
enabled.
The main reason for that is that enabling 'ramfb' switches the device
model to 'vfio-pci-nohotplug' which actually has the property, while
'vfio-pci' (used when 'ramfb' is disabled or absent) doesn't have it.
Restore the logic to format 'ramfb' only when it's enabled and add a
comment that it's deliberate.
Fixes: 73c352ab8c97d3
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2024435 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Mon, 15 Nov 2021 15:52:52 +0000 (16:52 +0100)]
qemuxml2argvtest: Fix type for faked chardev backing a TPM
The test filled the chardev type to VIR_DOMAIN_CHR_TYPE_FILE and thus
set the 'data.emulator.source->data.file.path' pointer, but the
commandline formatter is unconditionally expecting VIR_DOMAIN_CHR_TYPE_UNIX
and thus reading 'data.emulator.source->data.nix.path'. Since it's an
union it happened to land in the correct place. Fix the faked data.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 5 Nov 2021 15:51:22 +0000 (16:51 +0100)]
conf: Properly instantiate virDomainChrSourceDef in virDomainTPMDef
'virDomainChrSourceDef' contains private data so 'virDomainChrSourceDefNew'
must be used to allocate it. 'virDomainTPMDef' was using it directly
which won't work with the chardev helper functions.
Convert it to a pointer to properly allocate private data.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 14 Oct 2021 13:53:48 +0000 (15:53 +0200)]
qemu: hotplug: Add wrapper for qemuMonitorAttachCharDev
Add a simple wrapper for 'qemuMonitorAttachCharDev' named
'qemuHotplugChardevAttach' which will simplify the moving of the
character device property generator out of the monitor code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
projects / thirdparty / libvirt.git / log
