Stefan Berger [Wed, 5 Feb 2020 18:35:45 +0000 (13:35 -0500)]
conf: Introduce VIR_DOMAIN_TPM_MODEL_DEFAULT as default model
Introduce VIR_DOMAIN_TPM_MODEL_DEFAULT as a default model which we use
in case the user does not provide a model in the device XML. It has
the TIS's previous value of '0'. In the post parsing function
we change this default value to 'TIS' to have the same model as before.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Ján Tomko <jtomko@redhat.com>
The virFilePrintf function was a wrapper for fprintf() to provide
Windows portability, since gnulib's fprintf() replacement was
license restricted. This is no longer needed now we have the
g_fprintf function available.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The printf/fprintf function impls provided on Windows do
not follow the normal syntax for format specifiers as
the UNIX hosts. Currently we use GNULIB to provide a
portability fix for this. GLib has also imported the
GNULIB impl for this same reason, and thus we can rely
on the g_printf / g_fprintf functions.
This identified a couple of places not explicitly
linking to glib.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This addreses portability to Windows and standardizes
error reporting. This fixes a number of places which
failed to set O_CLOEXEC or failed to report errors.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Most code now uses the virProcess / virCommand APIs, so
the need for sys/wait.h is quite limited. Removing this
include removes the dependency on GNULIB providing a
dummy sys/wait.h for Windows.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Almost none of the virFDStream code will actually work
on WIN32 builds, nor is it used except for in the
virtualbox driver for screenshots. It is simpler to
wrap it all in a '#ifndef WIN32'.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The current event loop test suite has two threads running
in lockstep. This was just about viable when we have full
control over the internal details of the event loop impl.
When we're using the GLib event loop though there are
things going on that we don't know about, such as use of
eventfd() file descriptors. This will break the assumptions
in the test suite, causing non-deterministic failures.
This change switches the event loop thread to run fully
asynchronously from the test suite cases. This is slightly
weaker validation, but the only way we can get a reliable
test suite.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The event test directly calls the internal poll event impl
APIs. It does not rely on any specific details of the poll
impl, so it is better to use the public APIs.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Peter Krempa [Wed, 29 Jan 2020 11:08:50 +0000 (12:08 +0100)]
qemu: block: Add validator for bitmap chains accross backing chains
Add a validator which checks that a bitmap spanning multiple backing
chain members doesn't look broken. The current rules are that no
intermediate birmaps are missing (unfortunately it's hard to know
whether the topmost or bottommost bitmap is missing) and none of the
components is inconsistent.
We can obviously improve it over time.
The validator is also tested against the existing bitmap data we have
for the backup merging test as well as some of the existing broken
bitmap synthetic test cases.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 30 Jan 2020 13:02:55 +0000 (14:02 +0100)]
qemu: blockjob: Store 'flags' for all the block job types
The flags may control important aspects of the block job which may
influence also the termination of the job. Store the 'flags' for all
the block job types.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 31 Jan 2020 12:00:29 +0000 (13:00 +0100)]
qemu: blockjob: Store 'jobflags' with block job data
Add a variable which will store the contents of the 'flags' variable as
passed in by the individual block jobs. Since the flags may influence
behaviour of the jobs it's important to preserve them to the
finalization steps.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 21 Jan 2020 14:10:27 +0000 (15:10 +0100)]
qemu: block: Extract calls of qemuBlockGetNamedNodeData into a helper function
Create a wrapper for qemuBlockGetNamedNodeData named
qemuBlockGetNamedNodeData. The purpose of the wrapper is to integrate
the monitor handling functionality and in the future possible
qemuCaps-based flags.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 9 Jan 2020 13:19:07 +0000 (14:19 +0100)]
qemu: checkpoint: Introduce support for deleting checkpoints accross snapshots
Allow deleting of checkpoints when snapshots were created along. The
code tracks and modifies the checkpoint list so that backups can still
be taken with such a backing chain. This unfortunately requires to
rename few bitmaps (by copying and deleting them) in some cases.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 9 Jan 2020 14:32:49 +0000 (15:32 +0100)]
tests: qemublock: Add synthetic snapshot+checkpoint test data
Add a faked qemu output which would simulate scenario where libvirt
would take a snapshot and checkpoint simultaneously. This is visible in
libvirt-2-format node where bitmap 'c' appears, but bitmap 'b' which is
active in the previous layer is not present.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Thu, 30 Jan 2020 10:06:47 +0000 (11:06 +0100)]
apparmor: Reflect paths from configure in profiles
The configure script allows users to specify different paths for
/etc/, /usr/sbin/, /var/run/ and /usr/libexec/. Instead of
assuming user will pass expected value, generate the apparmor
profiles using the actual values.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Julio Faracco [Mon, 3 Feb 2020 01:28:34 +0000 (22:28 -0300)]
lxc: remove domain definition from lxc network struct
Domain definition is useless now inside network structure. This pointer
was required because new network definition was being added each time
that a new network type appeared. So, this should be processed into
old function `lxcNetworkParseDataType()`. Now, as it was moved to an
array, it can be handle together each interface pointer.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Julio Faracco [Mon, 3 Feb 2020 01:28:33 +0000 (22:28 -0300)]
lxc: add LXC version 3 network parser
LXC version 3 or higher introduced indexes for network interfaces.
Libvirt should be able to parse entries like `lxc.net.2.KEY`. This
commit adds functions to parse this type of field. That's why array
structures are so important this time.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Julio Faracco [Mon, 3 Feb 2020 01:28:32 +0000 (22:28 -0300)]
lxc: refactor lxcNetworkParseData pointers to use new structures
Struct lxcNetworkParseData is being used as a single pointer which
iterates through LXC config lines. It means that it will be applied as a
network each time that a new type appears. After, the same struct is
used to populate a new network interface. This commit changes this logic
to multiple lxcNetworkParseData to move this strcuture to an array. It
makes more sense if we are using indexes to fill interface settings.
This is better to improve code clarity.
This commit still introduces *Legacy() functions to keep support of
network old style definitions.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Fri, 31 Jan 2020 16:01:47 +0000 (17:01 +0100)]
tests: Drop viratomictest
In future commits our virAtomic* APIs will be replaced with their
GLib variants. Instead of trying to update the test after each
commit and eventually removing the test anyway, remove it upfront
and save the hassle.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Ján Tomko [Fri, 31 Jan 2020 16:02:26 +0000 (17:02 +0100)]
qemu: drop unused variable
The g_auto conversion made clang realize the variable is unused:
../../src/qemu/qemu_domain.c:10349:36: error: unused variable
'cfg' [-Werror,-Wunused-variable]
g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
Signed-off-by: Ján Tomko <jtomko@redhat.com> Fixes: 20fa2bc6e52e01feaf39d12d38bcf8eaec4c9a46
Jim Fehlig [Thu, 30 Jan 2020 18:29:41 +0000 (11:29 -0700)]
build: Drop execute permissions on virsh bash completion command
rpmlint complains about "script-without-shebang" due to the execute
permissions on /usr/share/bash-completion/completions/vsh. Use
INSTALL_DATA instead of INSTALL_SCRIPT to avoid the unnecessary
execute permissions.
Signed-off-by: Jim Fehlig <jfehlig@suse.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Ján Tomko [Fri, 31 Jan 2020 14:27:37 +0000 (15:27 +0100)]
qemu: Fix domain ID allocation
The rewrite to use GLib's atomic ops functions changed the behavior
of virAtomicIntInc - before it returned the pre-increment value.
Most of the callers using its value were adjusted, but the one
in qemuDriverAllocateID was not. If libvirtd would reconnect to
a running domain during startup, the next started domain would get
the same ID:
$ virsh list
Id Name State
--------------------------
1 f28live running
1 f28live1 running
Use the g_atomic_add function directly (as recommended in viratomic.h)
and add 1 to the result.
This also restores the usual numbering from 1 instead of 0.
Signed-off-by: Ján Tomko <jtomko@redhat.com> Fixes: 7b9645a7d127a374b8d1c83fdf9789706dbab2c9 Reviewed-by: Peter Krempa <pkrempa@redhat.com>
qemu_domain_address.c: turn qemuDomainFillDeviceIsolationGroup to void
Starting on commit 1f43393283ff, qemuDomainFillDeviceIsolationGroup()
returns 0 in all circunstances. Let's turn it to 'void' make it
clearer that the function will not fail. This also spares a
check for < 0 return in qemu_hotplug.c. The
qemuDomainFillDeviceIsolationGroupIter() callback now returns
0 at all times - which is already happening anyway.
Refer to 1f43393283ff commit message for more details on why
the function was changed to never return an error.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
qemu_domain.c: turn qemuDomainChrDefDropDefaultPath to void
qemuDomainChrDefDropDefaultPath() returns an int, but it's
always returning 0. Callers are checking for result < 0 to
run their cleanup code needlessly.
Turn the function to 'void' and adjust the callers.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Previous patches deprecated some 'cleanup' labels. Let's remove
them.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Avoid some of the virObjectUnref() calls by using g_autoptr.
Aside from the 'cleanup' label in qemuDomainSetFakeReboot(),
all other now deprecated cleanup labels will be removed in
the next patch.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The 'caps' variable in qemuDomainObjPrivateXMLParseAutomaticPlacement()
is set to auto clean via g_autoptr(), but a 'virObjectUnref(caps)' is
being executed in the 'cleanup' label.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Thu, 30 Jan 2020 13:57:56 +0000 (14:57 +0100)]
qemuMigrationCookieAddNBD: Move monitor call out of the loop
The data is gathered only once so we can move the whole block which
fetches the data out of the loop and get rid of the logic which
prevents multiple calls.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Tue, 28 Jan 2020 12:40:24 +0000 (13:40 +0100)]
conf: domain: Remove checking of return value of virHashCreateFull
This module has last two direct checks whether the value returned by
virHashCreateFull is NULL. Remove them so that static analyzers don't
get the false idea that checking the value is necessary.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Andrea Bolognani [Thu, 30 Jan 2020 17:05:49 +0000 (18:05 +0100)]
docs: Update download location for Go packages
We haven't ever made releases of the Go components, which makes
sense because that's just not how that specific ecosystem works.
For people who are looking to use libvirt from Go, the brief
introductory pages located at the same URLs used to import the
packages are a better entry point than an empty directory
listing, so let's send them there instead.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
apparmor: fix qemu_bridge_helper for named profile
Since a3ab6d42 "apparmor: convert libvirtd profile to a named profile"
the detection of the subelement for qemu_bridge_helper is wrong.
In combination with the older 123cc3e1 "apparmor: allow
/usr/lib/qemu/qemu-bridge-helper" it now detects qemu-bridge-helper no
more with its path, but instead as a proper subelement of the named profile
like: label=libvirtd//qemu_bridge_helper
In the same fashion the reverse rule in the qemu_bridge_helper
sub-profile still uses the path and not the named profile label.
Erik Skultety [Thu, 30 Jan 2020 12:51:30 +0000 (13:51 +0100)]
nwfilter: Use immediate packet delivery mode rather than buffering
Our nwfilter code doesn't set any timeout on the pcap packet buffer which
means that when DHCP snooping is enabled on a guest interface and
libvirt is trying to learn the IP address from guest's DHCP traffic, it
takes up to 4x longer to ping a guest successfully compared to a case
where nwfilter isn't enabled at all or libvirt uses the cached nwfilter
leases to populate the corresponding rules to ebtables.
With the pcap filter and rate limiting already in place, we should be
able to afford enabling the immediate packet delivery, FWIW immediate
mode was actually the default prior libpcap-1.5.0 (CentOS 6) regardless
of whether a buffer was requested.
The lack of any kind of timeout on the pcap buffer messed with the
libvirt TCK test suite which, even with a generous timeout in place,
timeouts every single time simply because it takes a while until
guest actually starts producing any kind of traffic to fill up
the buffer in place (apart from the DHCP traffic which happens fairly
early on).
Signed-off-by: Erik Skultety <eskultet@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Michal Privoznik [Thu, 30 Jan 2020 06:58:25 +0000 (07:58 +0100)]
apparmor: Drop 'Last modified' comment from profiles
At the beginning of each profile we have a comment that says when
the profile was last updated. In theory, it makes sense because
one can see immediately if they are using an outdated profile.
However, we don't do a good job in keeping the comments in sync
with reality and also sysadmins should rather use their package
manager to find out libvirt version which installed the profiles.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Michal Privoznik [Sat, 25 Jan 2020 08:38:53 +0000 (09:38 +0100)]
apparmor: Allow some more BIOS/UEFI paths
There are two more paths that we are missing in the default
domain profile: /usr/share/edk2-ovmf/ and /usr/share/sgabios/.
These exist on my Gentoo box and contain UEFI and BIOS images
respectively.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Michal Privoznik [Sat, 25 Jan 2020 08:28:47 +0000 (09:28 +0100)]
apparmor: Sort paths in blocks in libvirt-qemu profile
Even though we construct a domain specific profile for each
domain we start (which should cover domain specific paths), there
is also another file that is included from the profile and which
contains domain agnostic paths (e.g. to cover libraries that qemu
links with). The paths in the file are split into blocks divided
by comments. Sort the paths in each block individually (ignoring
case sensitivity).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Acked-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
Dario Faggioli [Wed, 29 Jan 2020 11:05:15 +0000 (12:05 +0100)]
libxl: support getting and setting parameters for the Credit2
With Credit2 being Xen default scheduler, it's definitely the case to
allow Credit2's scheduling parameters to be get and set via libvirt.
This is easy, as Credit and Credit2 have (at least as of now) the very
same parameters ('weight' and 'cap'). So we can just let credit2 pass
the scheduler-type check and the same code will work for both.
Signed-off-by: Dario Faggioli <dfaggioli@suse.com> Reviewed-by: Jim Fehlig <jfehlig@suse.com>
projects / libvirt.git / log