Masayoshi Mizuma [Wed, 11 Nov 2020 13:35:24 +0000 (08:35 -0500)]
qemu: Move qemuExtDevicesStop() before removing the pidfiles
A qemu guest which has virtiofs config fails to start if the previous
starting failed because of invalid option or something.
That's because the virtiofsd isn't killed by virPidFileForceCleanupPath()
on the former failure because the pidfile was already removed by
virFileDeleteTree(priv->libDir) in qemuProcessStop(), so
virPidFileForceCleanupPath() just returned.
Move qemuExtDevicesStop() before virFileDeleteTree(priv->libDir) so that
virPidFileForceCleanupPath() can kill virtiofsd correctly.
For example of the reproduction:
# virsh start guest
error: Failed to start domain guest
error: internal error: process exited while connecting to monitor: qemu-system-x86_64: -foo: invalid option
... fix the option ...
# virsh start guest
error: Failed to start domain guest
error: Cannot open log file: '/var/log/libvirt/qemu/guest-fs0-virtiofsd.log': Device or resource busy
#
Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
scripts: trim "__attribute__((packed))" in RPC struct diff
i686 builds on x86_64 host on Debian 10 result in the RPC structs
getting "__attribute__((packed))" annotations added to them. This is
harmless since we know the XDR protocol aligns and pads struct fields
suitably on the wire. Thus we can safely cull the attribute before doing
the diff comparison.
Reviewed-by: Erik Skultety <eskultet@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
In most cross builds we can't run tests since we can't assume QEMU user
mode emulators are loaded. i686 is special though because x86_64 can run
i686 natively, so we should run unit tests there.
The key benefit is that this gives us 32-bit unit test coverage in CI.
Reviewed-by: Erik Skultety <eskultet@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Lin Ma [Tue, 10 Nov 2020 09:51:01 +0000 (17:51 +0800)]
virsh: Move/add some of function declarations to virsh-domain.h
The upcoming patches introduce completers into virsh-completer-domain.c,
They will invoke the functions which are defined in virsh-domain.c, So
these functions need to be declared in virsh-domain.h.
Signed-off-by: Lin Ma <lma@suse.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Lin Ma [Tue, 10 Nov 2020 09:50:59 +0000 (17:50 +0800)]
vsh: Fix completion error in case of multiple mac addresses
We know that the bash completer automatically handle colon by preceding
it with an escape character backslash.
While our bash autompletion file vsh completes multiple items, In case
there're multiple items which have same prefix and the content of completion
items contain colon(say mac address), The vsh needs to correctly hands
the backslash which are added by bash completer, Otherwise the completion
won't be successful. This patch fixes this problem.
e.g.:
# virsh domiflist --domain VM
Interface Type Source Model MAC
-------------------------------------------------------------
vnet0 network default virtio 52:54:00:fb:7b:f5
vnet1 bridge br0 virtio 52:54:00:80:1b:21
Before:
# virsh detach-interface --domain VM --mac <TAB>
# virsh detach-interface --domain VM --mac 52\:54\:00\:<TAB><TAB>
After:
# virsh detach-interface --domain VM --mac <TAB>
# virsh detach-interface --domain VM --mac 52\:54\:00\:<TAB><TAB>
52:54:00:80:1b:21 52:54:00:fb:7b:f5
# virsh detach-interface --domain VM --mac 52\:54\:00\:
Signed-off-by: Lin Ma <lma@suse.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Pavel Hrdina [Mon, 9 Nov 2020 16:10:56 +0000 (17:10 +0100)]
virgdbus: fix getting non-shared DBus connection
We need to pass some flags in order to properly initialize the
connection otherwise it will not work. This copies what GLib does
for g_bus_get_sync() internally.
This fixes an issue with LXC driver where libvirt was not able to
register any VM with machined.
Reported-by: Matthias Maier <tamiko@gentoo.org> Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
When using .path() for an argument to a python script meson will not
setup dependancies on the file. This means that changes to the generator
script will not trigger a rebiuld
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Fix name prefix of VIR_DOMAIN_CHECKPOINT_REDEFINE_VALIDATE
The enum constant names should all have a prefix that matches the enum
name. VIR_DOMAIN_CHECKPOINT_REDEFINE_VALIDATE was missing the "CREATE_"
part of the name prefix.
Reviewed-by: Peter Krempa <pkrempa@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The viridentitytest tests our viridentity module which is
compiled on all platforms and OSes. There is no need to have
SELinux secdriver as individual test cases are skipped if SELinux
is missing.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
The %meson macro sets "--auto-features=enabled", so it is not enough to
disable the driver options, we must also disable any library options
which the drivers depend on.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Commit 89a3115bac2c92ac67516 was not updated after recent changes to
hash table usage and was still referencing the now removed deterministic
hash mock, which caused CI failure.
Fixes: 89a3115bac2c92ac67516d04df6a45769f69a37c Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Peter Krempa [Wed, 4 Nov 2020 12:37:35 +0000 (13:37 +0100)]
qemu: backup: Add partial validation of incremental backup checkpoint
Verify that the checkpoint requested by an incremental backup exists.
Unfortunately validating whether the checkpoint configuration actually
matches the disk may not be reasonably feasible as the disk may have
been renamed/snapshotted/etc. We still rely on bitmap presence.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 3 Nov 2020 11:28:46 +0000 (12:28 +0100)]
checkpoint: Introduce VIR_DOMAIN_CHECKPOINT_REDEFINE_VALIDATE flag
Introduce a flag which will allow users to perform hypervisor-specific
validation when redefining the checkpoint metadata. This will allow
checking metadata which is stored e.g. in disk images when populating
the libvirt metadata.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 3 Nov 2020 11:00:21 +0000 (12:00 +0100)]
qemu: backup: Use VIR_ERR_CHECKPOINT_INCONSISTENT when starting a backup
If we don't have a consistent chain of bitmaps for the backup to proceed
we'd report VIR_ERR_INVALID_ARG error code, which makes it hard to
decide whether an incremental backup makes even sense.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
This code will be used to signal cases when the checkpoint is broken
either during backup or other operations where a user might want to make
decision based on the presence of the checkpoint, such as do a full
backup instead of an incremental one.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 30 Oct 2020 16:45:07 +0000 (17:45 +0100)]
virCPUDefFormatBufFull: Use virXMLFormatElement
The function was basically open-coding it.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 30 Oct 2020 16:09:47 +0000 (17:09 +0100)]
qemumigrationcookiexmltest: Add synthetic test case
Add a test case attempting to exercise the most of the cookie XML
parsing/formatting infra. Note that the data is not based on any real
case.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 30 Oct 2020 14:10:29 +0000 (15:10 +0100)]
tests: Add testing of qemu migration cookie
Migration cookie transports a lot of information but there are no tests
for it.
The test supports both xml2xml testing and also testing of the
population of the migration cookie data from a domain object, although
that option is not very useful as many things are collected from running
qemu and thus can't be tested efficiently here.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 30 Oct 2020 15:14:00 +0000 (16:14 +0100)]
qemu_migration_cookie: Make cookie parsing robust against missing domain job
In testing code we don't properly populate the job sometimes. If it
isn't populated we should not touch it though in the migration cookie
code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 30 Oct 2020 13:56:49 +0000 (14:56 +0100)]
tests: Add mock library for virGetHostname and virGetHostUUID
The 'qemu_migration_cookie' module uses these. Provide a stable override
for tests.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 30 Oct 2020 13:55:32 +0000 (14:55 +0100)]
qemu_migration_cookie: Export qemuMigrationCookieXMLFormat for tests
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Fri, 30 Oct 2020 13:54:35 +0000 (14:54 +0100)]
qemu_migration_cookie: Make header standalone
Include qemu_domain.h and qemu_domainjob.h as the types from those
headers are used by this header.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Mon, 5 Oct 2020 15:47:01 +0000 (17:47 +0200)]
qemuxml2xmltest: Split out status XML testing to qemustatusxml2xmltest.c
Separate the test files.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Mon, 5 Oct 2020 15:52:29 +0000 (17:52 +0200)]
qemuxml2xmltest: Remove 'WITH_QEMU' conditional
The test is compiled only when the qemu driver is enabled so we don't
need the conditional code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Mon, 13 May 2019 08:04:27 +0000 (10:04 +0200)]
virsh: Allow listing just domain IDs
Some completers for libvirt related tools might want to list
domain IDs only. Just like the one I've implemented for
virt-viewer [1]. I've worked around it using some awk magic,
but if it was possible to just 'virsh list --id' then I could
drop awk.
virGDBusBusInit: Properly check for error when looking up D-Bus address
The virGDBusBusInit is supposed to return a reference to
requested bus type (system/session) or, if non-shared bus is
requested then create a new bus of the type. As an argument, it
gets a double pointer to GError which is passed to all g_dbus_*()
calls which allocate it on failure. Pretty standard approach.
However, since it is a double pointer we must dereference the
first level to see if the value is NULL. IOW:
if (*error)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
qemu: fix qemuMigrationSrcCleanup to use qemuMigrationJobFinish
qemuMigrationSrcCleanup uses qemuDomainObjDiscardAsyncJob currently. But
discard does not reduce jobs_queued counter so it leaks. Also discard does not
notify other threads that job condition is available. Discard does reset nested
job but nested job is not possible in this conditions.
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com> Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Andrea Bolognani [Thu, 29 Oct 2020 10:00:37 +0000 (11:00 +0100)]
Revert "Revert "spec: Simplify setting features off by default""
As explained in the original commit (31d687a3218c), these values
are actually unaffected by the corresponding _without_* macros
and so we can leave out the additional processing / obfuscation.
Peter Krempa [Fri, 23 Oct 2020 08:26:10 +0000 (10:26 +0200)]
tests: Remove 'virhashtest'
There's no much sense to test the remnants of the functions which just
NULL-check prior to handing off to g_hash_table* functions.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Mon, 26 Oct 2020 15:24:28 +0000 (16:24 +0100)]
util: hash: Add deprecation notices for functions which have g_hash_table replacements
For functions which have reasonable replacement, let's encourage usage
of g_hash_table_ alternatives.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Thu, 22 Oct 2020 17:04:18 +0000 (19:04 +0200)]
util: hash: Retire 'virHashTable' in favor of 'GHashTable'
Don't hide our use of GHashTable behind our typedef. This will also
promote the use of glibs hash function directly.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Thu, 22 Oct 2020 09:14:00 +0000 (11:14 +0200)]
util: hash: Reimplement virHashTable using GHashTable
Glib's hash table provides basically the same functionality as our hash
table.
In most cases the only thing that remains in the virHash* wrappers is
NULL-checks of '@table' argument as glib's hash functions don't tolerate
NULL.
In case of iterators, we adapt the existing API of iterators to glibs to
prevent having rewrite all callers at this point.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Thu, 22 Oct 2020 09:11:57 +0000 (11:11 +0200)]
util: hash: Don't use 'const' with virHashTablePtr
We didn't use it rigorously and some helpers even cast it away. Remove
const from all hash utility functions.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Fri, 23 Oct 2020 07:49:36 +0000 (09:49 +0200)]
util: hash: Use virHashForEachSafe in places which might delete the element
Convert all calls to virHashForEach where it's not obvious that the
callback is _not_ deleting the current element from the hash to
virHashForEachSafe which will be deemed safe to do such operation.
Now that no iterator used with virHashForEach deletes current element we
can document that virHashForEach must not touch the hash table in any
way.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Mon, 26 Oct 2020 14:30:10 +0000 (15:30 +0100)]
util: hash: Add delete-safe hash iterator
'virHashForEach' historically allowed deletion of the current element as
'virHashRemoveSet' didn't exist. To prevent us from having to deeply
analyse all iterators add virHashForEachSafe which first gets a list of
elements and iterates them outside of the hash table.
This will allow replace the internals of the hash table with other
implementation which don't allow such operation.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Wed, 21 Oct 2020 14:53:26 +0000 (16:53 +0200)]
tests: remove virdeterministichashmock.so
Code which is sensitive to ordering now uses deterministic iterator
functions, so we can remove the mock override.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Fri, 23 Oct 2020 07:07:02 +0000 (09:07 +0200)]
Use virHashForEachSorted in tested code
The simplest way to write tests is to check the output against expected
output, but we must ensure that the output is stable. We can use
virHashForEachSorted as a hash iterator to ensure stable ordering.
This patch fixes 3 instances of hash iteration which is tested in
various parts, including test output changes in appropriate places.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Mon, 26 Oct 2020 14:28:08 +0000 (15:28 +0100)]
util: hash: Introduce virHashForEachSorted
Iterate the hash elements sorted by key. This is useful to provide a
stable ordering such as in cases when the output is checked in tests.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Thu, 22 Oct 2020 15:38:53 +0000 (17:38 +0200)]
util: hash: Rewrite sorting of elements in virHashGetItems
All but one of the callers either use the list in arbitrary order or
sorted by key. Rewrite the function so that it supports sorting by key
natively and make it return the element count. This in turn allows to
rewrite the only caller to sort by value internally.
This allows to remove multiple sorting functions which were sorting by
key and the function will be also later reused for some hash operations
internally.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
Peter Krempa [Thu, 22 Oct 2020 15:41:26 +0000 (17:41 +0200)]
virhashtest: testHashGetItems: Remove test case for sorting by value
Upcoming patch will rewrite virHashGetItems to remove the sorting
function since the prevalent mode is to order by keys.
Remove the test for it.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Matt Coleman <matt@datto.com>
qemu_conf: Don't even attempt to enable rememberOwner if unsupported
The remember owner feature uses XATTRs to store original
seclabels. But that means we don't want a regular user to be able
to change what we stored and thus trick us into setting different
seclabel. Therefore, we use namespaces that are reserved to
CAP_SYS_ADMIN only. Such namespaces exist on Linux and FreeBSD.
That also means, that the whole feature is enabled only for
qemu:///system. Now, while the secdriver code is capable of
dealing with XATTRs being unsupported (it has to, not all
filesystems support them) if the feature is enabled users will
get an harmless error message in the logs and the feature
disables itself.
Since we have virSecurityXATTRNamespaceDefined() we can use it to
make a wiser decision on the default state of the feature.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
For seclabel remembering we need to have XATTRs and a special
namespace that is accessibly to CAP_SYS_ADMIN only (we don't want
regular users to trick us into restoring to a different label).
And what qemusecuritytest does is it checks whether we have not
left any path behind with XATTRs or not restored to original
seclabel after setAll + restoreAll round trip. But it can hardly
do so if ran on a platform where there's no XATTR namespace we
can use.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
The qemusecuritytest checks for random domain XMLs from
qemuxml2argvdata/ whether set+restore seclabels leaves something
behind. It can be an XATTR that we forgot to remove or a file
that the owner was not restored on. But so far only DAC driver is
checked. Implement missing pieces and enable SELinux testing too.
This is done by mocking some libselinux APIs and following the
same logic used for DAC - everything is implemented in memory,
there is new hash table introduced that holds SELinux labels for
paths that were setfilecon_raw()-ed and in the end the hash table
is checked for entries that don't have the default SELinux label
(i.e. were not restored).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
security_util: Don't error on macOS when getting/setting/moving XATTRs
There are three internal APIs implemented in this security_util
file: virSecurityGetRememberedLabel(),
virSecuritySetRememberedLabel() and
virSecurityMoveRememberedLabel() for getting, setting and moving
remembered seclabel. All three have a special return value of -2
when XATTRs are not supported (for whatever reason) and callers
are expected to handle it gracefully. However, after my commit of
v5.7.0-rc1~115 it may happen that one of the three functions
returned -1 even though XATTRs are not supported (and thus -2
should have been returned).
Fixes: 7cfb7aab573a031880a1f4fd20747843fea109ba Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com> Reviewed-by: Andrea Bolognani <abologna@redhat.com>
projects / libvirt.git / log