Ján Tomko [Fri, 14 Jun 2019 07:17:39 +0000 (09:17 +0200)]
api: disallow virConnect*HypervisorCPU on read-only connections
These APIs can be used to execute arbitrary emulators.
Forbid them on read-only connections.
Fixes: CVE-2019-10168 Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit bf6c2830b6c338b1f5699b095df36f374777b291) Signed-off-by: Ján Tomko <jtomko@redhat.com>
Ján Tomko [Fri, 14 Jun 2019 07:16:14 +0000 (09:16 +0200)]
api: disallow virConnectGetDomainCapabilities on read-only connections
This API can be used to execute arbitrary emulators.
Forbid it on read-only connections.
Fixes: CVE-2019-10167 Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26) Signed-off-by: Ján Tomko <jtomko@redhat.com>
Ján Tomko [Fri, 14 Jun 2019 07:14:53 +0000 (09:14 +0200)]
api: disallow virDomainManagedSaveDefineXML on read-only connections
The virDomainManagedSaveDefineXML can be used to alter the domain's
config used for managedsave or even execute arbitrary emulator binaries.
Forbid it on read-only connections.
Fixes: CVE-2019-10166 Reported-by: Matthias Gerstner <mgerstner@suse.de> Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a) Signed-off-by: Ján Tomko <jtomko@redhat.com>
Ján Tomko [Fri, 14 Jun 2019 06:47:42 +0000 (08:47 +0200)]
api: disallow virDomainSaveImageGetXMLDesc on read-only connections
The virDomainSaveImageGetXMLDesc API is taking a path parameter,
which can point to any path on the system. This file will then be
read and parsed by libvirtd running with root privileges.
Forbid it on read-only connections.
Fixes: CVE-2019-10161 Reported-by: Matthias Gerstner <mgerstner@suse.de> Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit aed6a032cead4386472afb24b16196579e239580) Signed-off-by: Ján Tomko <jtomko@redhat.com>
Conflicts:
src/libvirt-domain.c
src/remote/remote_protocol.x
Upstream commit 12a51f372 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE
alias for VIR_DOMAIN_XML_SECURE is not backported.
Just skip the commit since we now disallow the whole API on read-only
connections, regardless of the flag.
The virtlogd daemon's only intended client is the libvirtd daemon. As
such it should never allow clients from other user accounts to connect.
The code already enforces this and drops clients from other UIDs, but
we can get earlier (and thus stronger) protection against DoS by setting
the socket permissions to 0600
Fixes CVE-2019-10132
Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit e37bd65f9948c1185456b2cdaa3bd6e875af680f)
The virtlockd daemon's only intended client is the libvirtd daemon. As
such it should never allow clients from other user accounts to connect.
The code already enforces this and drops clients from other UIDs, but
we can get earlier (and thus stronger) protection against DoS by setting
the socket permissions to 0600
Fixes CVE-2019-10132
Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit f111e09468693909b1f067aa575efdafd9a262a1)
admin: reject clients unless their UID matches the current UID
The admin protocol RPC messages are only intended for use by the user
running the daemon. As such they should not be allowed for any client
UID that does not match the server UID.
Fixes CVE-2019-10132
Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7)
virDomainConfNWFilterInstantiate: initialize @xml to avoid random crash
If the code jump to the cleanup before assigning value to @xml
libvirtd may crash when it tries to free an uninitialized pointer.
backtrace:
0 0x00007ffff428d59c in free () from /lib64/libc.so.6
1 0x00007ffff721314a in virFree (ptrptr=ptrptr@entry=0x7fffc67f1b00) at util/viralloc.c:582
2 0x00007ffff7345ac4 in virDomainConfNWFilterInstantiate (vmname=<optimized out>,
vmuuid=vmuuid@entry=0x7fffc0181ca8 "߉\237\\۔H\262\206z\340\302f\265\233z", net=<optimized out>,
ignoreExists=ignoreExists@entry=true) at conf/domain_nwfilter.c:122
3 0x00007fffca5a77f6 in qemuProcessFiltersInstantiate (ignoreExists=true, def=0x7fffc0181ca0) at qemu/qemu_process.c:3028
4 qemuProcessReconnect (opaque=<optimized out>) at qemu/qemu_process.c:7653
5 0x00007ffff72c4895 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
6 0x00007ffff45dcdd5 in start_thread () from /lib64/libpthread.so.0
7 0x00007ffff4305ead in clone () from /lib64/libc.so.6
qemu: fix UNIX socket chardevs operating in client mode
When support was adding for passing a pre-opened listener socket to UNIX
chardevs, it accidentally passed the listener socket for client mode
chardevs too with predictable amounts of fail resulting. This affects
libvirt when using QEMU >= 2.12
Expand the unit test coverage to validate that we are only doing FD
passing when operating in server mode.
Tested-by: Richard W.M. Jones <rjones@redhat.com> Reported-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 1bc1a7e3205f7ef75ebd8fd1ef7653f8e181e3d2)
qemu: don't use chardev FD passing for vhostuser backend
QEMU chardevs have a bug which makes the vhostuser backend complain
about lack of support for FD passing when validating the chardev.
While this is ultimately QEMU's responsibility to fix, libvirt needs to
avoid tickling the bug.
Simply disabling chardev FD passing just for vhostuser's chardev is
the most prudent approach, avoiding need for a QEMU version number
check.
qemu: consolidate parameters of qemuBuildChrChardevStr into flags
There are two boolean parameters passed to qemuBuildChrChardevStr,
and soon there will be a third. It will be clearer to understand
from callers' POV if we use named flags instead.
qemu: don't use chardev FD passing with standalone args
When using domxml-to-native, we must generate CLI args that can be used
in a standalone scenario. This means no FD passing can be used. To
achieve this we must clear the QEMU_CAPS_CHARDEV_FD_PASS capability bit.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 7ac08cc929dc512e8682fbfcc5d33518058f20e4)
Jiri Denemark [Thu, 28 Jun 2018 09:38:52 +0000 (11:38 +0200)]
qemu_migration: Check for active domain after talking to remote daemon
Once we called qemuDomainObjEnterRemote to talk to the destination
daemon during a peer to peer migration, the vm lock is released and we
only hold an async job. If the source domain dies at this point the
monitor EOF callback is allowed to do its job and (among other things)
clear all private data irrelevant for stopped domain. Thus when we call
qemuDomainObjExitRemote, the domain may already be gone and we should
avoid touching runtime private data (such as current job info).
In other words after acquiring the lock in qemuDomainObjExitRemote, we
need to check the domain is still alive. Unless we're doing offline
migration.
Jiri Denemark [Thu, 28 Jun 2018 12:09:47 +0000 (14:09 +0200)]
qemu_migration: Rename 'offline' variable in SrcPerformPeer2Peer
The variable is used to store the offline migration capability of the
destination daemon. Let's call it 'dstOffline' so that we can later use
'offline' to indicate whether we were asked to do offline migration.
Julio Faracco [Wed, 27 Jun 2018 02:47:53 +0000 (23:47 -0300)]
nwfilter: variable 'obj' must be initialized inside nwfilterBindingCreateXML().
The function nwfilterBindingCreateXML() is failing to compile due to a
conditional branch which leads to an undefined 'obj' variable. So 'obj'
must have an initial value to avoid compilation errors. See the problem:
CC nwfilter/libvirt_driver_nwfilter_impl_la-nwfilter_driver.lo
nwfilter/nwfilter_driver.c:752:9: error: variable 'obj' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
if (virNWFilterBindingCreateXMLEnsureACL(conn, def) < 0)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
nwfilter/nwfilter_driver.c:779:10: note: uninitialized use occurs here
if (!obj)
^~~
nwfilter/nwfilter_driver.c:752:5: note: remove the 'if' if its condition is always false
if (virNWFilterBindingCreateXMLEnsureACL(conn, def) < 0)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
nwfilter/nwfilter_driver.c:742:33: note: initialize the variable 'obj' to silence this warning
virNWFilterBindingObjPtr obj;
^
= NULL
This commit initialized 'obj' with NULL to fix the error properly.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
When updating a live device users might pass different alias than
the one the device has. Currently, this is silently ignored which
goes against our behaviour for other parts of the device where we
explicitly allow only certain changes and error out loudly on
anything else.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Michal Privoznik [Tue, 26 Jun 2018 08:37:27 +0000 (10:37 +0200)]
conf: Reintroduce action to virDomainDefCompatibleDevice
This was lost in c57f3fd2f8999d17e01. But now we are going to
need it again (except the DETACH action where checking for device
compatibility does not make much sense anyway).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
John Ferlan [Wed, 20 Jun 2018 22:37:15 +0000 (18:37 -0400)]
docs: Add news article for volume encryption modifications
Include both the domain and storage modifications in a "Removed
features" section as well as describing the improvement to allow
using a raw input volume to create the luks encrypted volume.
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
John Ferlan [Wed, 20 Jun 2018 19:51:47 +0000 (15:51 -0400)]
storage: Add support for using inputvol for encryption
Starting with QEMU 2.9, encryption convert processing requires
a multi-step process in order to generate an encrypted image from
some non encrypted raw image.
Processing requires to first create an encrypted image using the
sizing parameters from the input source and second to use the
--image-opts, -n, and --target-image-opts options along with inline
driver options to describe the input and output files, generating
two commands such as:
This patch handles the convert processing by running the processing
in a do..while loop essentially reusing the existing create logic and
arguments to create the target vol from the inputvol and then converting
the inputvol using new arguments.
This then allows the following virsh command to work properly:
John Ferlan [Tue, 19 Jun 2018 15:56:21 +0000 (11:56 -0400)]
storage: Remove storageBackendGenerateSecretData
Since we no longer support creating qcow2 encryption format
volumes, we no longer have to possibly create some secret and
have no real need for the function, so move the remaining
functionality to build the secret path back into the caller
storageBackendCreateQemuImg.
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
Since commit c4eedd793 disallowed qcow2 encrypted images to be
used for domains, it no longer makes sense to allow a qcow2
encrypted volume to be created or resized.
Add a test that will exhibit the failure of creation as well
as the xml2xml validation of the format still being correct.
Update the documentation to note the removal of the capability
to create and use qcow/default encrypted volumes.
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
John Ferlan [Wed, 20 Jun 2018 19:52:30 +0000 (15:52 -0400)]
tests: Remove qcow2 encryption from storagevol tests
We're about to disallow creation of a qcow2 encrypted storage
volume, so let's remove the qcow encryption element from the
tests which are testing whether other format='qcow2' related
features work properly.
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
John Ferlan [Tue, 19 Jun 2018 16:05:31 +0000 (12:05 -0400)]
storage: Don't allow encryption secretPath to be NULL
Allowing a NULL @secretPath for virStorageBackendCreateQemuImgCmdFromVol
would result in a generated command line with a dangling "file=" output.
So let's make sure the @secretPath exists before processing.
This means we should pass a dummy path from the storage test.
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
nwfilter: convert virt drivers to use public API for nwfilter bindings
Remove the callbacks that the nwfilter driver registers with the domain
object config layer. Instead make the current helper methods call into
the public API for creating/deleting nwfilter bindings.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
nwfilter: wire up new APIs for creating and deleting nwfilter bindings
This allows the virsh commands nwfilter-binding-create and
nwfilter-binding-delete to be used.
Note using these commands lets you delete filters that were
previously created automatically by the virt drivers, or add
filters for VM nics that were not there before. Generally it
is expected these new APIs will only be used by virt drivers.
It is the admin's responsibility to not shoot themselves in
the foot.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
nwfilter: remove virt driver callback layer for rebuilding filters
Now that the nwfilter driver keeps a list of bindings that it has
created, there is no need for the complex virt driver callbacks. It is
possible to simply iterate of the list of recorded filter bindings.
This means that rebuilding filters no longer has to acquire any locks on
the virDomainObj objects, as they're never touched.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Currently the nwfilter driver does not keep any record of what filter
bindings it has active. This means that when it needs to recreate
filters, it has to rely on triggering callbacks provided by the virt
drivers. This introduces a hash table recording the virNWFilterBinding
objects so the driver has a record of all active filters.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Anya Harter [Wed, 20 Jun 2018 13:17:00 +0000 (09:17 -0400)]
qemu: Escape commas for qemuBuildSCSIiSCSIHostdevDrvStr
Add comma escaping for netsource. This is done here because
qemuBuildNetworkDriveStr has other external callers which
may not expect an escaped comma; however, this particular
command building path needs to perform the escaping for the
hostdev command line, so we do it now to ensure src->path
and src->host->name are covered.
Michal Privoznik [Wed, 20 Jun 2018 12:17:45 +0000 (14:17 +0200)]
qemuDomainObjBeginJobInternal: Report agent job in error message
If a thread is unable to acquire a job (e.g. because of timeout)
an error is reported and the error message contains reference to
the other thread holding the job. Well, the error message should
report agent job too as it is yet another source of possible
failure.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Chen Hanxiao [Thu, 21 Jun 2018 11:28:55 +0000 (19:28 +0800)]
set-lifecycle-action: add description of type and action
In [1], <type> are described as "on_poweroff", "on_reboot",
"on_crash". but we accept "poweroff", "reboot" and "crash".
This patch adds documentation for them.
conf: report an error if nic needs filtering by no driver is present
If a <interface> includes a filter name but the nwfilter driver is not
present we silently do nothing. This is very bad, because an application
that thinks it is protected by malicious guest traffic will in fact be
vulnerable. Reporting an error gives the administrator the ability to
know there is a problem and fix it.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
nwfilter: export port binding concept in the public API
When the daemons are split there will need to be a way for the virt
drivers and/or network driver to create and delete bindings between
network ports and network filters. This defines a set of public APIs
that are suitable for managing this facility.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
conf: change virNWFilterBindingPtr to virNWFilterBindingDefPtr
We are going to want to expose the NWFilter binding concept in the
public API, so the virNWFilterBindingPtr type needs to be used there.
Our internal type will shortly gain an XML representation, so rename
it to virNWFilterBindingDefPtr which follows our normal conventions.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Andrea Bolognani [Thu, 21 Jun 2018 14:14:48 +0000 (16:14 +0200)]
spec: Move SASL configuration file from -libs to -daemon
SASL authentication is configured server-side, so the sample
configuration file should be shipped along with the daemon
rather than with the libraries.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Julio Faracco [Tue, 26 Jun 2018 03:18:21 +0000 (00:18 -0300)]
util: fix mount issue by moving NULL value to "none" in syscall.
After running libvirt daemon with valgrind tools, some errors are
appearing when you try to start a domain. One example:
==18012== Syscall param mount(type) points to unaddressable byte(s)
==18012== at 0x6FEE3CA: mount (syscall-template.S:78)
==18012== by 0x531344D: virFileMoveMount (virfile.c:3828)
==18012== by 0x27FE7675: qemuDomainBuildNamespace (qemu_domain.c:11501)
==18012== by 0x2800C44E: qemuProcessHook (qemu_process.c:2870)
==18012== by 0x52F7E1D: virExec (vircommand.c:726)
==18012== by 0x52F7E1D: virCommandRunAsync (vircommand.c:2477)
==18012== by 0x52F4EDD: virCommandRun (vircommand.c:2309)
==18012== by 0x2800A731: qemuProcessLaunch (qemu_process.c:6235)
==18012== by 0x2800D6B4: qemuProcessStart (qemu_process.c:6569)
==18012== by 0x28074876: qemuDomainObjStart (qemu_driver.c:7314)
==18012== by 0x280522EB: qemuDomainCreateWithFlags (qemu_driver.c:7367)
==18012== by 0x55484BF: virDomainCreate (libvirt-domain.c:6531)
==18012== by 0x12CDBD: remoteDispatchDomainCreate (remote_daemon_dispatch_stubs.h:4350)
==18012== by 0x12CDBD: remoteDispatchDomainCreateHelper (remote_daemon_dispatch_stubs.h:4326)
==18012== Address 0x0 is not stack'd, malloc'd or (recently) free'd
Some documentation recommends to use "none" when you don't have a
filesystem type to use. Specially, for bind and move actions.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
qemu: ensure FDs passed to QEMU for chardevs have correct SELinux labels
The UNIX socket FDs were we passing to QEMU inherited a label based on
libvirtd's context. QEMU is thus denied ability to access the UNIX
socket. We need to use the security manager to change our current
context temporarily when creating the UNIX socket FD.
Reviewed-by: Laine Stump <laine@laine.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
docs: formatdomain: Mention that 'urandom' is the recommended RNG backend
Since libvirt 1.3.4, any RNG source is accepted for the 'random'
backend. However, '/dev/urandom' is the _recommended_ source of
entropy. Therefore we should mention that in the docs.
Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Michal Privoznik [Wed, 20 Jun 2018 12:15:42 +0000 (14:15 +0200)]
qemuDomainObjBeginJobInternal: Log agent job too
If a thread is unable to start a job (e.g. because of timeout)
a warning is printed into the logs. So far, the message does not
contain agent job info. Add it as it might help future debugging.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Weilun Zhu [Wed, 20 Jun 2018 08:45:27 +0000 (16:45 +0800)]
qemu: fix msg could be a wild pointer in qemuMonitorIOProcess()
As qemuMonitorJSONIOProcess will call qemuMonitorJSONIOProcessEvent
which unlocks the monitor mutex, there is some extreme situation,
eg qemu send message to monitor twice in a short time, where the
local viriable 'msg' of qemuMonitorIOProcess could be a wild point:
1. qemuMonitorSend() assign mon->msg to parameter 'msg', which is alse a
local variable of its caller qemuMonitorJSONCommandWithFd(), cause
eventloop to send message to monitor, then wait condition.
2. qemu send message to monitor for the first time immediately.
3. qemuMonitorIOProcess() is called, then wake up the qemuMonitorSend()
thread, but the qemuMonitorSend() thread stuck for a while as cpu pressure
or some other reasons, which means the qemu monitor is still unlocked.
4. qemu send event message to monitor for the second time,
such as RTC_CHANGE event
5. qemuMonitorIOProcess() is called again, the local viriable 'msg' is
assigned to mon->msg.
6. qemuMonitorIOProcess() call qemuMonitorJSONIOProcess() to deal with
the qemu event.
7. qemuMonitorJSONIOProcess() unlock the qemu monitor in the macro
'QEMU_MONITOR_CALLBACK', then qemuMonitorSend() thread get the mutex
and free the mon->msg, assign mon->msg to NULL.
Pino Toscano [Thu, 14 Jun 2018 13:34:25 +0000 (15:34 +0200)]
vmx: allow an odd number of vCPUs
Most probably this was a limitation in older ESX versions, and it seems
it does not exist anymore in more recent versions; see the following
thread:
https://www.redhat.com/archives/libvir-list/2018-May/msg02159.html
https://www.redhat.com/archives/libvir-list/2018-June/msg00043.html
Hence, allow an odd number (greater than 1) of vCPUs, since most
probably older versions of ESXi will error out anyway.
For inactive domains using networked storage, a "-" will
be printed instead of the value since it's not possible
to determine the value without the storage connection.
Signed-off-by: Chen Hanxiao <chenhanxiao@gmail.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Laine Stump [Thu, 21 Jun 2018 06:07:17 +0000 (02:07 -0400)]
schema: allow a <rule> element with no subelements in a nwfilter
This is a regression in behavior caused by commit 37359814. It was
intended to limit the schema to allow only a single subelement of
<rule>, but it is also acceptable for <rule> to have no subelement at
all.
To prevent the same error from reoccurring in the future, the
examples/xml/nwfilter directory was added to the list of nwfilter
schema test directories.
Laine Stump [Thu, 21 Jun 2018 07:42:32 +0000 (03:42 -0400)]
hyperv: erase "generated files" sentinel during make maintainer-clean
Re-generating of generated source files in the hyperv directory
depends on src/.hyperv_wmi_generator.stamp not existing, or having a
timestamp older than src/hyperv/hyperv_wmi_generator.py. "make
maintainer-clean" erases the generated files, but not this sentinel
file, so the erased files aren't regenerated during the next
make. Once we add it to the list of MAINTAINERCLEANFILES, it gets
deleted at the same time as the generated files, so make is able to
understand they need regeneration.
Signed-off-by: Laine Stump <laine@laine.org> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
Laine Stump [Thu, 21 Jun 2018 06:19:45 +0000 (02:19 -0400)]
hyperv: fix typo in Makefile.am.inc
The problem has been around for quite awhile - the misspelling was
faithfully copied from src/Makefile.am to src/hyperv/Makefile.am.inc
in commit 253b528c.
Signed-off-by: Laine Stump <laine@laine.org> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
Attempting to use the FORCE flag for snapshot-revert was resulting
in failures because qemuProcessStart and qemuProcessStartCPUs were
using QEMU_ASYNC_JOB_START after a qemuProcessStop resulting in an
error when entering the monitor:
error: internal error: unexpected async job 6 type expected 0
So create a local @jobType, initialize to QEMU_ASYNC_JOB_START, and
change to QEMU_ASYNC_JOB_NONE if we end up in the --force path
where the qemuProcessStop is run before a Start and StartCPUs.
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
John Ferlan [Tue, 19 Jun 2018 22:54:18 +0000 (18:54 -0400)]
qemu: Unset the genid start change flag for revert force
If the the snapshot revert involves a forced revert option, then
let's not cause startup to change the genid flag in order to signify
that we're still running the same/previous guest and not some
snapshot reversion.
Related to:
https://bugzilla.redhat.com/show_bug.cgi?id=1149445
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
Cole Robinson [Tue, 19 Jun 2018 15:42:37 +0000 (11:42 -0400)]
qemu_command: replace vlan= with netdev= for legacy nic
VMs with hardcoded platform network devices are forced to use old
style '-net nic' command line config. Current we use qemu's vlan
option to hook this with the '-netdev' host side of things.
However since qemu 1.2 there is '-net nic,netdev=X' option for
explicitly referencing a netdev ID, which is more inline with
typical VM commandlines, so let's switch to that
projects / thirdparty / libvirt.git / log
