Michal Privoznik [Mon, 24 Apr 2023 10:12:57 +0000 (12:12 +0200)]
qemu: Deny all but VFIO PCI backends in hostdev prepare phase
We used to support KVM and VFIO style of PCI assignment. The
former was dropped in v5.7.0-rc1~103 and thus we only support
VFIO. All other backends lead to an error (see
qemuBuildPCIHostdevDevProps(), or qemuBuildPCIHostdevDevStr() as
it used to be called in the era of aforementioned commit).
Might as well report the error in prepare phase and save hassle
of proceeding with device preparation (e.g. in case of hotplug
overriding the device's driver, setting seclabels, etc.).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Mon, 24 Apr 2023 07:51:46 +0000 (09:51 +0200)]
qemuxml2argvtest: Drop needless PCI backend setting
The qemuxml2argvtest does a bit of 'fixups' to parsed
virDomainDef just before generating the cmd line. For instance,
it sets PCI backend for hostdevs (to VFIO). The reason for this
is that we want to make the test host independent and thus
letting the code chose backend at runtime might render different
results on different machines. But this is not necessary, as
virpcimock (that the test uses) already creates a fake, but
stable environment (where /dev/vfio/vfio and IOMMU groups exist),
thus qemuHostdevHostSupportsPassthroughVFIO() returns true,
regardless of the actual host support.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Fri, 21 Apr 2023 14:56:10 +0000 (16:56 +0200)]
qemu: Move <hostdev/> PCI backend setting into qemuDomainPrepareHostdev()
virsh command domxml-to-native failed with below error but start
command succeed for same domain xml.
"internal error: invalid PCI passthrough type 'default'"
If a <hostdev> PCI backend is not set in the XML, the supported
one is then chosen in qemuHostdevPreparePCIDevicesCheckSupport().
But this function is not called anywhere from
qemuConnectDomainXMLToNative(). But qemuDomainPrepareHostdev()
is. And it is also called from domain startup/hotplug code.
Therefore, move the backend setting to the common path and drop
qemuHostdevPreparePCIDevicesCheckSupport().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Mon, 24 Apr 2023 08:51:52 +0000 (10:51 +0200)]
qemu_domain: Move internals of qemuDomainPrepareHostdev() into a separate function
So far, qemuDomainPrepareHostdev() is a NOP for anything but a
SCSI hostdev. This will change soon. Therefore, move the SCSI
hostdev preparation into a separate function
(qemuDomainPrepareHostdevSCSI()) and make
qemuDomainPrepareHostdev() call function corresponding to the
hostdev type (or nothing if the type doesn't need any
preparation).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Fri, 14 Apr 2023 10:43:47 +0000 (12:43 +0200)]
qemuDomainAttachHostDevice: Prepare device early and for all types
When attaching a hostdev of a SCSI subsys,
qemuDomainPrepareHostdev() is called. This makes sense because
the function prepares just SCSI hostdevs ignoring others. But
this will soon change. Thefore, move the function call out of
qemuDomainAttachHostSCSIDevice() and into
qemuDomainAttachHostDevice().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Tue, 25 Apr 2023 08:00:18 +0000 (10:00 +0200)]
lxc: Fix access to hostdev capabilities
In a few places, where a capabilities <hostdev/> is processed, a
wrong union member is access: def->source.subsys.type instead of
def->source.caps.type. Fortunately, both union members have .type
as the very first member so no real harm is done. Nevertheless,
we should access the correct union member.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Tue, 25 Apr 2023 07:29:53 +0000 (09:29 +0200)]
lxc: Make lxcCreateHostdevDef() less versatile
Usually, we want a function to be as reusable as possible. But in
this specific case, when it's used just once we don't need that.
The lxcCreateHostdevDef() function is meant to create a hostdev.
The first argument selects the hostdev mode (caps/subsys) and the
second argument selects the type of hostdev (NET/STORAGE/MISC).
But because of how the function is written, it's impossible to
create a subsys hostdev as the function sets
hostdev->source.caps.type, regardless of mode. So the @mode
argument can be dropped.
Then, the function is called from one place and one place only.
And in there, VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET is passed for
@type so we can drop that argument too.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Fri, 21 Apr 2023 07:56:20 +0000 (09:56 +0200)]
qemuhotplugtest: Verify domain XML on UPDATE
Just like we check the resulting domain XML after ATTACH and
DETACH, we should do the same after UPDATE action. This is as
simple as calling testQemuHotplugCheckResult() and providing
missing XMLs. For those test cases where no change is done, we
can just make the expected XML a symlink to the input XML.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
Michal Privoznik [Fri, 21 Apr 2023 08:06:10 +0000 (10:06 +0200)]
qemuhotplugtest: Don't overwrite vm->def->id in testQemuHotplugCheckResult()
This is a leftover from v2.0.0-rc1~300. In v1.2.12-rc1~43 we've
introduced a code that explicitly sets vm->def->id to -1 to force
generation of inactive XML. But this was removed in the later
commit, which forgot to remove the restoration of the original
dom ID.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
Michal Privoznik [Thu, 20 Apr 2023 15:59:02 +0000 (17:59 +0200)]
qemuhotplugtest: Fix misleading comment on monitor unlock
There's a comment in testQemuHotplug() trying to explain why we
need to unlock the monitor object. Well, while it might have been
correct when being introduced, it's no longer factually correct
as just any function (attach/detach/update) might talk to the
monitor and it expects the monitor to be unlocked (as it calls
qemuDomainObjEnterMonitor() + qemuDomainObjExitMonitor()).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
Michal Privoznik [Thu, 20 Apr 2023 15:17:08 +0000 (17:17 +0200)]
qemu_hotplug.h: Expose less functions
After previous cleanups a lot of functions from qemu_hotplug.c
are called only within the file. Make them static and drop their
declarations from the header file.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
There's no reason for qemuhotplugtest to reimplement which device
update function to call (testQemuHotplugUpdate()) when
qemuDomainUpdateDeviceLive() already does that. Thus, drop
testQemuHotplugUpdate() and call qemuDomainUpdateDeviceLive()
directly.
BTW: this also shows why reimplementing
qemuDomainUpdateDeviceLive() is bad idea: The
"disk-cdrom-nochange" test is succeeding only because
testQemuHotplugUpdate() supports graphics and returns an
(expected) error for every other devtype.
NB, there's still missing check that the resulting XML is the
expected one (just like we do for attach and detach), but that's
pre-existing and will be fixed later.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
There's no reason for qemuhotplugtest to reimplement which device
attach function to call (testQemuHotplugAttach()) when
qemuDomainAttachDeviceLive() already does that. Thus, drop
testQemuHotplugAttach() and call qemuDomainAttachDeviceLive()
directly.
There's one small catch though, qemuDomainAttachDeviceLive() now
calls one monitor command more (to list all aliases). We don't
care really, because we're not testing that. Therefore, just
provide a dummy reply.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
The testQemuHotplugDetach() already does call
qemuDomainDetachDeviceLive() but only for some device types. For
the rest it reports an error (but only if running test
verbosely). This makes no sense. Just call
qemuDomainDetachDeviceLive() directly and drop
testQemuHotplugDetach().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
Michal Privoznik [Thu, 20 Apr 2023 15:25:51 +0000 (17:25 +0200)]
qemu: Move qemuDomainUpdateDeviceLive() into qemu_hotplug.c
There is no good reason for qemuDomainUpdateDeviceLive() to live
in (ever growing) qemu_driver.c while we have qemu_hotplug.c
which already contains the rest of hotplug code. Move the
function to its new home.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
Michal Privoznik [Thu, 20 Apr 2023 14:52:43 +0000 (16:52 +0200)]
qemu: Move qemuDomainAttachDeviceLive() into qemu_hotplug.c
There is no good reason for qemuDomainAttachDeviceLive() to live
in (ever growing) qemu_driver.c while we have qemu_hotplug.c
which already contains the rest of hotplug code. Move the
function to its new home.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
Michal Privoznik [Thu, 20 Apr 2023 15:29:57 +0000 (17:29 +0200)]
qemu: Replace @dom argument with @driver in qemuDomainUpdateDeviceLive()
The qemuDomainUpdateDeviceLive() accepts virDomainPtr as one of
its arguments, but use it only to get QEMU driver out of it.
Well, the only caller already does that and thus can pass it
instead of virDomainPtr.
This also makes it look like the rest of device hot(un-)plug
functions: qemuDomainAttachDeviceLive() and
qemuDomainUpdateDeviceLive().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
K Shiva [Sat, 22 Apr 2023 17:55:30 +0000 (23:25 +0530)]
Move default Input bus logic to PostParse handling
A new enum type "Default" has been added for Input bus.
The logic that handled default input bus types in
virDomainInputParseXML() has been moved to a new function
virDomainInputDefPostParse() in domain_postparse.c
Link to Issue: https://gitlab.com/libvirt/libvirt/-/issues/8
Signed-off-by: K Shiva <shiva_kr@riseup.net> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Peter Krempa [Wed, 19 Apr 2023 14:49:52 +0000 (16:49 +0200)]
qemu: hotplug: Update disk private data after hotplug
The disk private data contain information about the tray and
removability of the disk. Until recently we didn't support hotplug of
removable disks thus it wasn't a problem but now when you can hotplug a
CDROM you would not be able to open its tray.
Fix it by updating the hotplugged disk the same way we do at startup.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2160435 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Wed, 19 Apr 2023 13:44:28 +0000 (15:44 +0200)]
qemuProcessRefreshDisks: Properly compare tray status
The code compares the 'tray_open' boolean from 'struct
qemuDomainDiskInfo' directly against 'disk->tray_status' which is
declared as virDomainDiskTray (enum). Now the logic works correctly
because the _OPEN enum has value '1'.
Separate the event emission code from the update code and remember the
old tray state in a separate variable rather than having the sneaky
logic we have today.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 20 Apr 2023 08:17:42 +0000 (10:17 +0200)]
kbase: debuglogs: Emphasize disabling daemon timeout in 'TL;DR' section
Disabling the daemon timeout is important so that the settings don't get
discarded. Remove the comment saying it's optional and add a paragraph
outlining what to do if it is not available.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Thu, 23 Mar 2023 10:11:42 +0000 (11:11 +0100)]
meson: Work around configure_file(copy:true) deprecation
In our meson scripts, we use configure_file(copy:true) to copy
files from srcdir into builddir. However, as of meson-0.64.0,
this is deprecated [1] in favor of using:
fs = import('fs')
fs.copyfile(in, out)
Except, the submodule's new method wasn't introduced until
0.64.0. And since we can't bump the minimal meson version we
require, we have to work with both: new and old versions.
Now, the fun part: fs.copyfile() is not a drop in replacement as
it returns different type (a custom_target object). This is
incompatible with places where we store the configure_file()
retval in a variable to process it further.
While we could just replace 'copy:true' with a dummy
'configuration:...' (say 'configuration: configmake_conf') we
can't do that for binary files (like src/fonts/ or src/images/).
Therefore, places where we are not interested in the retval can
be switched to fs.copyfile() and places where we are interested
in the retval will just use a dummy 'configuration:'.
Except, src/network/meson.build. In here we not just copy the
file but also specify alternative install dir and that's not
something that fs.copyfile() can handle. Yet, using 'copy: true'
is viewed wrong [2].
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2185184 Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
qemu, ch: Move threads to cgroup dir before changing parameters
With cgroupv2 this has better effect on the resource allocation. An
excerpt from Documentation/admin-guide/cgroup-v2.rst explains is this
way:
Migrating a process across cgroups is a relatively expensive operation
and stateful resources such as memory are not moved together with the
process. This is an explicit design decision as there often exist
inherent trade-offs between migration and various hot paths in terms
of synchronization cost.
[...]
Setting a non-empty value to "cpuset.mems" causes memory of
tasks within the cgroup to be migrated to the designated nodes if
they are currently using memory outside of the designated nodes.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
This makes it also work during attach. Also add a test for attaching a
watchdog with incompatible action.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2187278 Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
The loop initially skipped the first one because it was mainly checking
the incompatible actions, but was then modified to also check the
duplicity of iTCO watchdogs.
While at it change the type of the iteration variable to the usual size_t.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2187133 Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
qemu: Forbid ib700 watchdogs for non-i440fx machine types
We can launch qemu with it, but it will not work since it's not even
probed by the kernel at the mapped address with different machine types
since they are expected to be connected to ISA and not even its newer
LPC counterpart found on q35. And it does not exist on non-x86
architectures.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Wed, 12 Apr 2023 15:15:08 +0000 (17:15 +0200)]
qemu_domain: Increase memlock limit for NVMe disks
When starting QEMU, or when hotplugging a PCI device QEMU might
lock some memory. How much? Well, that's an undecidable problem.
But despite that, we try to guess. And it more or less works,
until there's a counter example. This time, it's a guest with
both <hostdev/> and an NVMe <disk/>. I've started a simple guest
with 4GiB of memory:
# virsh dominfo fedora
Max memory: 4194304 KiB
Used memory: 4194304 KiB
And here are the amounts of memory that QEMU tried to lock,
obtained via:
3) with one <hostdev/> and one NVMe <disk/>
VmLck: 8522852 kB
Now, what's surprising is case 2) where the locked memory exceeds
the VM memory. It almost resembles VDPA. Therefore, treat is as
such.
Unfortunately, I don't have a box with two or more spare NVMe-s
so I can't tell for sure. But setting limit too tight means QEMU
refuses to start.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2014030 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
Michal Privoznik [Mon, 17 Apr 2023 08:10:15 +0000 (10:10 +0200)]
networkRefreshDhcpDaemon: Get dnsmasq's PID once
This is a relic of commit v3.7.0-rc1~132 when getter/setter APIs
for dnsmasq's PID were introduced. Previously, obj->dnsmasqPid
was accessed directly. But the aforementioned commit introduced
two calls to virNetworkObjGetDnsmasqPid() even though the result
of the first call is stored in a variable.
Remove the second call as it's unnecessary.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Mon, 17 Apr 2023 08:10:04 +0000 (10:10 +0200)]
conf: Initialize _virNetworkObj::dnsmasqPid to -1 in virNetworkObjNew()
Throughout all of our network driver code we assume that
dnsmasqPid of value -1 means the network has no dnsmasq process
running. There are plenty of calls to:
virNetworkObjSetDnsmasqPid(obj, -1);
or:
pid_t dnsmasqPid = virNetworkObjGetDnsmasqPid(obj);
if (dnsmasqPid > 0) ...;
Now, a virNetworkObj is created via virNetworkObjNew() which
might as well set this de-facto default value.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Mon, 17 Apr 2023 08:09:51 +0000 (10:09 +0200)]
networkUpdateState: do not assume dnsmasq_caps
Assume there's a dnsmasq running (because there's an active
virtual network that spawned it). Now, shut down the daemon,
remove the dnsmasq binary and start the daemon again. At this
point, networkUpdateState() is called, but dnsmasq_caps is NULL
(because networkStateInitialize() called earlier failed to set
them, rightfully though).
Now, the networkUpdateState() tries to read the dnsmasq's PID
file using virPidFileReadIfAlive() which takes a path to the
corresponding binary as one of its arguments. To provide that
path, dnsmasqCapsGetBinaryPath() is called, but since
dnsmasq_caps is NULL, it dereferences it and thus causes a crash.
It's true that virPidFileReadIfAlive() can deal with a removed
binary (well virPidFileReadPathIfAlive() which it calls can), but
iff the binary path is provided in its absolute form. Otherwise,
virFileResolveAllLinks() fails to canonicalize the path
(expected, the path doesn't exist anyway).
Therefore, reading dnsmasq's PID file didn't work before
v8.1.0-rc1~401 which introduced this crash. It was always set to
-1. But passing NULL as binary path instead, makes
virPidFileReadIfAlive() return early, right after the PID file is
read and it's confirmed the PID exists.
Yes, this may yield wrong results, as the PID might be of a
completely different binary. But this problem is preexistent and
until we start locking PID files, there's nothing we can do about
it. IOW, it would require rework of dnsmasq PID file handling.
Fixes: 4b68c982e283471575bacbf87302495864da46fe
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/456 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Jim Fehlig [Fri, 14 Apr 2023 17:01:33 +0000 (11:01 -0600)]
qemu: Change default machine type for RISC-V
It's quite difficult, if not impossible, to create a working RISC-V VMs
using the current default machine type of 'spike_v1.10'. Change the
default to the more appropriate and virtualization friendly 'virt'
machine type.
Signed-off-by: Jim Fehlig <jfehlig@suse.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Jim Fehlig [Fri, 14 Apr 2023 16:48:49 +0000 (10:48 -0600)]
qemu: Change default machine type for ARM
It's quite difficult, if not impossible, to create a usable ARM VMs
using the current default machine type of 'integratorcp'. Change the
default to the more appropriate and virtualization friendly 'virt'
machine type.
Signed-off-by: Jim Fehlig <jfehlig@suse.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Michal Privoznik [Wed, 12 Apr 2023 10:41:53 +0000 (12:41 +0200)]
qemu_hotplug: Deny live detach of <console/>
I've tried, then I've tried even harder, but still wasn't able to
make sense of our console backcompat code in all its fine
details. Since I value my sanity, let's just forbid hotunplug of
<console/>, especially since detaching of corresponding <serial/>
works.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Wed, 12 Apr 2023 08:22:42 +0000 (10:22 +0200)]
qemuDomainRemoveChrDevice: Deal with qemuDomainChrRemove() failure
When cleaning up after removed device, qemuDomainChrRemove() is
called. But this may fail, in which case we successfully ignore
the failure and virDomainChrDefFree() the device anyway. While it
decreases our memory consumption, it's a bit too far, especially
if the next step is 'virsh dumpxml'. Then our memory consumption
decreases all the way down to zero as we crash.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Wed, 12 Apr 2023 10:20:42 +0000 (12:20 +0200)]
qemuAssignDeviceChrAlias: Fix a crasher during <console/> hotplug
For a running guest, a <serial/> device can be hotunplugged. This
will then remove also aliased <console/>. Trying to hotplug a
<console/> device then, libvirtd crashed because it dereferences
def->consoles while there's none.
Fixes: 42d53ac799a1d7f1414737caa4deb73871876992 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
When removing the compat console from domain defintion, removing
it from the vmdef->consoles array is good, but not sufficient.
The console definition might have been fully allocated (after
daemon restarted and reloaded the status XML). Use
virDomainChrDefFree() to free also the definition.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
When hotpluging a <serial/> device, we might need to add a
<console/> device with it (because of some crazy backcompat).
Now, hotplugging is done in several phases. In one of them,
qemuDomainChrPreInsert() allocates space for both devices, and
then qemuDomainChrInsertPreAlloced() actually inserts the device
into domain definition and sets up the <console/> device with it.
Except, the condition that checks whether to create the aliased
<console/> is wrong as it compares nconsoles against 0.
Surprisingly, qemuDomainChrInsertPreAllocCleanup() doesn't suffer
from the same error.
Fixes: daf51be5f1b0f7b41c0813d43d6b66edfbe4f6d9 Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Andrea Bolognani [Tue, 18 Apr 2023 09:08:03 +0000 (11:08 +0200)]
conf: Restrict use of <portForward> to the passt backend
That's already the case in practice, but it's a better
experience for the user if we reject this configuration
outright instead of silently ignoring part of it.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Boris Fiuczynski [Tue, 18 Apr 2023 09:53:08 +0000 (11:53 +0200)]
tests: viracpitest only works on little endian
Commit fc216db4fb789cbd309 introduced a mocked test with binary test data
which fails on big endian machines.
Therefore build the viracpitest test only on little endian machines.
Fixes: fc216db4fb789cbd30917be036d0b94d965bdf7f Signed-off-by: Boris Fiuczynski <fiuczy@linux.ibm.com> Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Fri, 14 Apr 2023 14:06:02 +0000 (16:06 +0200)]
virsh: Introduce --xpath and --wrap to domcapabilities
Similarly to dumpxml, let's have --xpath and --wrap to the
'domcapabilities' command since users might be interested only in
a subset of domcapabilities XML.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
Michal Privoznik [Fri, 14 Apr 2023 14:01:56 +0000 (16:01 +0200)]
virsh: Introduce --xpath and --wrap to capabilities
Similarly to dumpxml, let's have --xpath and --wrap to the
'capabilities' command since users might be interested only in a
subset of capabilities XML.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Kristina Hanicova <khanicov@redhat.com>
Peter Krempa [Mon, 17 Apr 2023 11:31:25 +0000 (13:31 +0200)]
kbase: debuglogs: Add a 'TL;DR' section for enabling logging in most common case
The document grew a bit too much explaining all the mistakes we've seen
the users do when configuring logging. Add a section distilling the
configuration of the most basic scenario which we can refer to when
upstream issues are reported. The scenario is for a runtime setting of
logging into a file applied to the 'virtqemud' daemon.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Thu, 13 Apr 2023 07:31:34 +0000 (09:31 +0200)]
virsh: event: Introduce virshEventPrintf
Extract internals of virshEventPrint into a function that can take the
format string. The function will be used in upcoming patches which make
the event formatting translatable.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Wed, 12 Apr 2023 12:46:04 +0000 (14:46 +0200)]
virCgroupV1GetBlkioIo(Device)Serviced: Refactor extraction of cgroup data
Rewrite the code to improve maintainability and also re-do construction
of error messages which are assembled from non-translatable parts.
Closes: https://gitlab.com/libvirt/libvirt/-/issues/455 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Eric Farman [Sat, 1 Apr 2023 00:42:04 +0000 (02:42 +0200)]
security: do not remember/recall labels for VFIO MDEVs
Commit dbf1f68410 ("security: do not remember/recall labels for VFIO")
rightly changed the DAC and SELinux labeling parameters to fix a problem
with "VFIO hostdevs" but really only addressed the PCI codepaths.
As a result, we can still encounter this with VFIO MDEVs such as
vfio-ccw and vfio-ap, which can fail on a hotplug:
[test@host ~]# mdevctl stop -u 11f2d2bc-4083-431d-a023-eff72715c4f0
[test@host ~]# mdevctl start -u 11f2d2bc-4083-431d-a023-eff72715c4f0
[test@host ~]# cat disk.xml
<hostdev mode='subsystem' type='mdev' model='vfio-ccw'>
<source>
<address uuid='11f2d2bc-4083-431d-a023-eff72715c4f0'/>
</source>
<address type='ccw' cssid='0xfe' ssid='0x0' devno='0x3c51'/>
</hostdev>
[test@host ~]# virsh attach-device guest ~/disk.xml
error: Failed to attach device from /home/test/disk.xml
error: Requested operation is not valid: Setting different SELinux label on /dev/vfio/3 which is already in use
Make the same changes as reported in commit dbf1f68410, for the mdev paths.
Reported-by: Matthew Rosato <mjrosato@linux.ibm.com> Signed-off-by: Eric Farman <farman@linux.ibm.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
igb is a new network device which will be introduced with QEMU 8.0.0.
It is a successor of e1000e so it has PCIe interface and is understands
virtio-net headers as e1000e does.
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Jim Fehlig [Tue, 11 Apr 2023 15:15:43 +0000 (09:15 -0600)]
qemu: Fix potential crash during driver cleanup
During qemu driver shutdown, objects are freed in qemuStateCleanup that
could still be used by active worker threads, resulting in crashes. E.g.
a worker thread could be processing a monitor EOF event after the
security manager is already disposed
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007fd9a9a1e1fe in virSecurityManagerMoveImageMetadata (mgr=0x7fd948012160, pid=-1, src=src@entry=0x7fd98c072c90, dst=dst@entry=0x0)
at ../../src/security/security_manager.c:468
#1 0x00007fd9646ff0f0 in qemuSecurityMoveImageMetadata (driver=driver@entry=0x7fd948043830, vm=vm@entry=0x7fd98c066db0, src=src@entry=0x7fd98c072c90,
dst=dst@entry=0x0) at ../../src/qemu/qemu_security.c:182
#2 0x00007fd96462c7b0 in qemuBlockRemoveImageMetadata (driver=driver@entry=0x7fd948043830, vm=vm@entry=0x7fd98c066db0, diskTarget=0x7fd98c072530 "vda",
src=<optimized out>) at ../../src/qemu/qemu_block.c:2628
#3 0x00007fd9646929d6 in qemuProcessStop (driver=driver@entry=0x7fd948043830, vm=vm@entry=0x7fd98c066db0, reason=reason@entry=VIR_DOMAIN_SHUTOFF_SHUTDOWN,
asyncJob=asyncJob@entry=QEMU_ASYNC_JOB_NONE, flags=<optimized out>) at ../../src/qemu/qemu_process.c:7585
#4 0x00007fd9646fc842 in processMonitorEOFEvent (vm=0x7fd98c066db0, driver=0x7fd948043830) at ../../src/qemu/qemu_driver.c:4794
#5 qemuProcessEventHandler (data=0x561a93febb60, opaque=0x7fd948043830) at ../../src/qemu/qemu_driver.c:4900
#6 0x00007fd9a9971a31 in virThreadPoolWorker (opaque=opaque@entry=0x561a93fb58e0) at ../../src/util/virthreadpool.c:163
(gdb) p mgr->drv
$2 = (virSecurityDriverPtr) 0x0
Prior to commit 7cf76d4e3ab, the worker thread pool was freed before
disposing any driver objects. Let's return to that pattern, but leave
the other changes made by 7cf76d4e3ab.
Signed-off-by: Tamara Schmitz <tamara.schmitz@suse.com> Signed-off-by: Jim Fehlig <jfehlig@suse.com> Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
conf: Move validation of virDomainGraphicsListenDef out of parser
In an effort to separate the validation steps from the Parse stage,
a few validation checks of virDomainGraphicsListenDef have been moved from
virDomainGraphicsListenDefParseXML() in domain_conf.c to
virDomainGraphicsDefListensValidate() in domain_validate.c
Signed-off-by: K Shiva <shiva_kr@riseup.net> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Thu, 6 Apr 2023 13:23:46 +0000 (15:23 +0200)]
qemu: snapshot: Allow inactive internal snapshots with uefi
Historically the snapshot code attempted to forbid internal snapshots
with UEFI both in active and inactive case. Unfortunately due to the
intricacies of UEFI probing this didn't really work for inactive VMs
which made users rely on the feature.
Now with the changes to store detected UEFI environment also in the
inactive definition this broke the feature for those users.
Since the varstore doesn't really change that much in the lifecycle of a
VM it usually is okay to simply leave it as is.
Restore the functionality for inactive snapshots by disabling the check.
In the future when uefi snapshotting will be added the rest of the
condition will also be removed.
Resolves: https://gitlab.com/libvirt/libvirt/-/issues/460 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 24 Mar 2023 15:33:06 +0000 (16:33 +0100)]
qemuxml2(argv|xml)test: Modernize testing of USB controllers on aarch64
All supported qemu versions at this point support both 'qemu-xhci' and
'nec-xhci' controllers. To allow using real capabilities restructure the
tests so that we test both controllers explicitly as well as the
selection of the default model.
Also add a xml2xml test invocation of the unified test.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
projects / libvirt.git / log