conf: Add 'fdgroup' attribute for 'file' disks

The 'fdgroup' will allow users to specify a passed FD (via the
'virDomainFDAssociate()' API) to be used instead of opening a path.
This is useful in cases when e.g. the file is not accessible from inside
a container.

Since this uses the same disk type as when we open files via names this
patch also introduces a hypervisor feature which the hypervisor asserts
that code paths are ready for this possibility.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>

diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index d7fffc6e0b477e66678811c598a9f93537cfa5b7..109a2ac45ab5d26926ba435e581b93e9c9a0089a 100644 (file)
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -2701,6 +2701,14 @@ paravirtualized driver is specified via the ``disk`` element.
    ``file``
       The ``file`` attribute specifies the fully-qualified path to the file
       holding the disk. :since:`Since 0.0.3`
+
+      :since:`Since 9.0.0` a new optional attribute ``fdgroup`` can be added
+      instructing to access the disk via file descriptiors associated to the
+      domain object via the ``virDomainFDAssociate()`` API rather than opening
+      the files. The files do not necessarily have to be accessible by libvirt
+      via the filesystem. The filename passed via ``file`` can still be used
+      to generate paths to write into image metadata when doing block operations
+      but libvirt will not access these natively.
    ``block``
       The ``dev`` attribute specifies the fully-qualified path to the host
       device to serve as the disk. :since:`Since 0.0.3`

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index d16a247a45adb4fbea941b9023ba71b05fc55f6c..6d27229e995d90b108b8e5a7866170545930f9c1 100644 (file)
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -7345,6 +7345,7 @@ virDomainStorageSourceParse(xmlNodePtr node,
     switch (src->type) {
     case VIR_STORAGE_TYPE_FILE:
         src->path = virXMLPropString(node, "file");
+        src->fdgroup = virXMLPropString(node, "fdgroup");
         break;
     case VIR_STORAGE_TYPE_BLOCK:
         src->path = virXMLPropString(node, "dev");
@@ -21877,6 +21878,7 @@ virDomainDiskSourceFormat(virBuffer *buf,
     switch (src->type) {
     case VIR_STORAGE_TYPE_FILE:
         virBufferEscapeString(&attrBuf, " file='%s'", src->path);
+        virBufferEscapeString(&attrBuf, " fdgroup='%s'", src->fdgroup);
         break;
 
     case VIR_STORAGE_TYPE_BLOCK:

diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 9e281692fffde14c23762896e99e3654fa9596f9..c1f1fccf62b0f3a513a00f238258adaa6adc835e 100644 (file)
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -3167,6 +3167,7 @@ typedef enum {
     VIR_DOMAIN_DEF_FEATURE_NO_BOOT_ORDER = (1 << 6),
     VIR_DOMAIN_DEF_FEATURE_FW_AUTOSELECT = (1 << 7),
     VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING = (1 << 8),
+    VIR_DOMAIN_DEF_FEATURE_DISK_FD = (1 << 9),
 } virDomainDefFeatures;
 
 

diff --git a/src/conf/domain_postparse.c b/src/conf/domain_postparse.c
index 9a3e8f494c7d177a2bf4db9befe18dc994bb157c..d1f0b803389d3cc51fcec14500c9fb61d66cded1 100644 (file)
--- a/src/conf/domain_postparse.c
+++ b/src/conf/domain_postparse.c
@@ -885,6 +885,15 @@ virDomainDeviceDefPostParseCheckFeatures(virDomainDeviceDef *dev,
         return -1;
     }
 
+    if (dev->type == VIR_DOMAIN_DEVICE_DISK &&
+        dev->data.disk->src->fdgroup &&
+        UNSUPPORTED(VIR_DOMAIN_DEF_FEATURE_DISK_FD)) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("driver does not support FD passing for disk '%s'"),
+                       dev->data.disk->dst);
+        return -1;
+    }
+
     return 0;
 }
 #undef UNSUPPORTED

diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincommon.rng
index c588a48fd26d5ac4718a62f12e2f22a1dc624d64..ccc114beffb8aab970d11684ee98392a80e4ee04 100644 (file)
--- a/src/conf/schemas/domaincommon.rng
+++ b/src/conf/schemas/domaincommon.rng
@@ -1806,6 +1806,9 @@
                 <ref name="vmwarePath"/>
               </choice>
             </attribute>
+            <optional>
+              <attribute name="fdgroup"/>
+            </optional>
           </optional>
           <ref name="diskSourceCommon"/>
           <optional>

diff --git a/src/conf/storage_source_conf.c b/src/conf/storage_source_conf.c
index ad9ff36ff135efdabce7c35d04d0982ff9b5a8ba..4b1df19ab43b6ce8a461f8e673bddfe129e9a903 100644 (file)
--- a/src/conf/storage_source_conf.c
+++ b/src/conf/storage_source_conf.c
@@ -817,6 +817,7 @@ virStorageSourceCopy(const virStorageSource *src,
     def->drv = NULL;
 
     def->path = g_strdup(src->path);
+    def->fdgroup = g_strdup(src->fdgroup);
     def->volume = g_strdup(src->volume);
     def->relPath = g_strdup(src->relPath);
     def->backingStoreRaw = g_strdup(src->backingStoreRaw);
@@ -1123,6 +1124,7 @@ virStorageSourceClear(virStorageSource *def)
         return;
 
     VIR_FREE(def->path);
+    VIR_FREE(def->fdgroup);
     VIR_FREE(def->volume);
     VIR_FREE(def->snapshot);
     VIR_FREE(def->configFile);

diff --git a/src/conf/storage_source_conf.h b/src/conf/storage_source_conf.h
index 7c99ac89764418c1412705d7a28bcbe66814dbe4..ef82104e6c6b0ecc3d053f93921d0c7dc74cdfb2 100644 (file)
--- a/src/conf/storage_source_conf.h
+++ b/src/conf/storage_source_conf.h
@@ -289,6 +289,7 @@ struct _virStorageSource {
     unsigned int id; /* backing chain identifier, 0 is unset */
     virStorageType type;
     char *path;
+    char *fdgroup; /* name of group of file descriptors the user wishes to use instead of 'path' */
     int protocol; /* virStorageNetProtocol */
     char *volume; /* volume name for remote storage */
     char *snapshot; /* for storage systems supporting internal snapshots */

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 53a1cd10489bc009762ddce84d4a0f6986ac8921..c8db925094a3093e5a91af3cb6ca691ab496d97a 100644 (file)
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -607,7 +607,8 @@ virDomainDefParserConfig virAAHelperDomainDefParserConfig = {
     .features = VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG |
                 VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN |
                 VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS |
-                VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING,
+                VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING |
+                VIR_DOMAIN_DEF_FEATURE_DISK_FD,
 };
 
 static int

diff --git a/tests/qemuxml2argvdata/disk-source-fd.xml b/tests/qemuxml2argvdata/disk-source-fd.xml
new file mode 100644 (file)
index 0000000..d8c47fa
--- /dev/null
+++ b/tests/qemuxml2argvdata/disk-source-fd.xml
@@ -0,0 +1,40 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219136</memory>
+  <currentMemory unit='KiB'>219136</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='/path/to/blah' fdgroup='testgroup2'/>
+      <target dev='vde' bus='virtio'/>
+    </disk>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='/var/lib/libvirt/images/rhel7.1484071880' fdgroup='testgroup5'/>
+      <backingStore type='file'>
+        <format type='qcow2'/>
+        <source file='/var/lib/libvirt/images/rhel7.1484071877' fdgroup='testgroup6'/>
+        <backingStore type='file'>
+          <format type='qcow2'/>
+          <source file='/var/lib/libvirt/images/rhel7.1484071876'/>
+          <backingStore/>
+        </backingStore>
+      </backingStore>
+      <target dev='vdf' bus='virtio'/>
+    </disk>
+    <controller type='usb'/>
+    <controller type='pci' model='pci-root'/>
+    <memballoon model='virtio'/>
+  </devices>
+</domain>