Thomas Huth [Mon, 13 Jan 2020 08:04:57 +0000 (09:04 +0100)]
qemu_capabilities: Do not report USB as subsystem type if it is not available
libvirt currently always reports that USB is available as a bus subsystem
type when running "virsh domcapabilities". However, this is not always
true, for example the qemu-system-s390x binary normally never has support
for USB. Thus we should only report that USB is available if there is
also a USB host controller available where we can attach USB devices.
Reported-by: Sebastian Mitterle <smitterl@redhat.com> Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1759849 Signed-off-by: Thomas Huth <thuth@redhat.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Thomas Huth [Mon, 13 Jan 2020 08:30:14 +0000 (09:30 +0100)]
domain_conf: Do not use USB by default for <input> devices on s390x
When trying to specify an input device on s390x without bus like this:
<input type='keyboard'/>
... then libvirt currently complains:
error: unsupported configuration: USB is disabled for this domain,
but USB devices are present in the domain XML
This is somewhat confusing since the user did not specify an USB
device here. Since USB is not available on s390x, we should default
to the "virtio" bus here instead.
Peter Krempa [Fri, 10 Jan 2020 16:25:16 +0000 (17:25 +0100)]
conf: Always format storage source auth and encryption under <source> for backing files
Historically there are two places where we format authentication and
encryption for a disk. The logich which formats it for backing files was
flawed though and didn't format it at all. This worked if the image
became a backing file through the means of a snapshot but not directly.
Force formatting of the source and encryption for any non-disk case to
fix the issue.
This caused problems in many places as we use the formatter to copy the
definition. Effectively any copy lost the secret definition.
Commit v5.10.0-269-g62065a6cb5 moved NUMA validation code to domain
definition time and appropriately adjusted affected test cases except
for hugepages-default-system-size. And since we don't mock
virGetSystemPageSizeKB in our tests, hugepages-default-system-size test
would fail on architectures (ppc64le) with default page size other than
4KiB.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
In v5.0.0-rc1~94 we switched from one huge switch() to an array
for translating error numbers into error messages. However, the
array is declared to have VIR_ERR_NUMBER_LAST items which makes
it impossible to spot this place by compile checking when adding
new error number.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
When debugging tests under GDB/valgrind there is a significant
delay each time an execve is done as they scan shared libraries
once again. For tests which use many mock libraries, we have
been invoking execve many times which makes the debug experience
horrible. This changes our framework to activate the full
set of mock libraries in one single execve.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Michael Weiser [Fri, 3 Jan 2020 18:43:25 +0000 (19:43 +0100)]
docs: Add snapshot-revert qemu managedsave force
Add documentation for additional reason why snapshot-revert might need
to be forced. This explains why restoring an inactive snapshot while
there is managed saved state is refused by default.
Signed-off-by: Michael Weiser <michael.weiser@gmx.de> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michael Weiser [Fri, 3 Jan 2020 18:43:24 +0000 (19:43 +0100)]
docs: Reformat snapshot-revert force reasons
Reformat explanations of the snapshot-revert force reasons in
preparation for more to be added. This is a simple reformat without any
wording changes.
Signed-off-by: Michael Weiser <michael.weiser@gmx.de> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michael Weiser [Fri, 3 Jan 2020 18:43:23 +0000 (19:43 +0100)]
qemu: Warn of restore with managed save being risky
Internal snapshots of a non-running domain do not carry any memory state
and restoring such a snapshot will not replace existing saved memory
state. This allows a scenario, where a user first suspends a domain into
managedsave, restores a non-running snapshot and then resumes the domain
from managedsave. After that, the guest system will run with its
previous memory state atop a different disk state. The most obvious
possible fallout from this is extensive file system corruption. Swap
content and RAID bitmaps might also be off.
This has been discussed[1] and fixed[2] from the end-user perspective for
virt-manager.
This patch marks the restore operation as risky at the libvirt level,
requiring the user to remove the saved memory state first or force the
operation.
Signed-off-by: Michael Weiser <michael.weiser@gmx.de> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Michael Weiser [Fri, 3 Jan 2020 18:39:56 +0000 (19:39 +0100)]
docs: Harmonize hypervisor names for QEMU and LXC
Trivially replace usages of qemu and lxc in the virsh manpage with their
more heavily used and (according to Wikipedia) correct upper-case
spellings QEMU and LXC.
Signed-off-by: Michael Weiser <michael.weiser@gmx.de> Suggested-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Jiri Denemark [Thu, 9 Jan 2020 14:40:14 +0000 (15:40 +0100)]
qemu: Don't use NULL path from qemuDomainGetHostdevPath
Commit v5.10.0-290-g3a4787a301 refactored qemuDomainGetHostdevPath to
return a single path rather than an array of paths. When the function is
called on a missing device, it will now return NULL in @path rather than
a NULL array with zero items and the callers need to be adapted
properly.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Jiri Denemark [Tue, 17 Dec 2019 13:31:10 +0000 (14:31 +0100)]
virsh migrate: Require --tls for --tls-destination
--tls-destination would be just ignored unless --tls is not specified,
which is correct, but let's provide a bit of a guidance is a user
forgets to add --tls.
This is just a virsh-only check targeted to end users as we don't
currently have such checks at the API level for migration parameters
that depend on flags.
bhyveargv2xmlmock calls virBhyveCapsBuild which in turn
calls virCPUProbeHost, probing the real host CPU. This
causes a test failure if the host CPU happens to contain
the 'arch-capabilities' feature as it triggers a call
to virHostCPUGetMSR() which fails on FreeBSD.
Fortunately we already have convenient code for mocking
the host CPU probing.
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
schema: Allow iSCSI source to have interleaved children
There is no need to require users to produce iSCSI disk source
following our ordering of children elements. In fact, we don't
even accept our own order in the schema :(.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Laine Stump <laine@redhat.com>
bhyve_parse_command.c: Don't jump onto non-existent label in CONSUME_ARG()
In v5.10.0-508-gfbf3f3d86a, the 'error' label was removed from
bhyveParseBhyveCommandLine(), however the CONSUME_ARG() macro
still uses it. Fix the macro to return an error instead.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Ján Tomko [Wed, 8 Jan 2020 09:20:39 +0000 (10:20 +0100)]
qemu: fix implicit fallthrough warning
src/qemu/qemu_domain_address.c:680:13: error: this statement may fall through [-Werror=implicit-fallthrough=]
switch ((virDomainFSModel) dev->data.fs->model) {
Signed-off-by: Ján Tomko <jtomko@redhat.com> Fixes: f363af7e351c6cac0ff442390d0dab283cbd9fae
vz: Don't try to jump on a non-existent label in prlsdkRemoveBootDevices()
Commit v5.10.0-522-g9000b2f298 was too aggressive and removed the
'error' label from prlsdkRemoveBootDevices() even though it's
used. Luckily, it's used only from one place and we have an
alternative for it that doesn't require the label.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
qemu_firmware: Accept int in qemuFirmwareOSInterfaceTypeFromOsDefFirmware()
The point of this function is to translate virDomainOsDefFirmware
enum to qemuFirmwareOSInterface enum. However, with my commit v5.10.0-507-g8e1804f9f6 we are passing a variable type of
virDomainLoader enum. Make the function accept both enums and
make the enum members correspond to each other.
This fixes clang build.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Michal Privoznik [Tue, 17 Dec 2019 13:08:42 +0000 (14:08 +0100)]
remote_daemon: Initialize host boot time global variable
This is not strictly needed, but it makes sure we initialize the
@bootTime global variable. Thing is, in order to validate XATTRs
and prune those set in some previous runs of the host, a
timestamp is recorded in XATTRs. The host boot time was unique
enough so it was chosen as the timestamp value. And to avoid
querying and parsing /proc/uptime every time, the query function
does that only once and stores the boot time in a global
variable. However, the only time the query function is called is
in a child process that does lock files and changes seclabels. So
effectively, we are doing exactly what we wanted to prevent from
happening.
The fix is simple, call the virHostBootTimeInit() function which
sets the global variable.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Cole Robinson <crobinso@redhat.com>
gather_scsi_host_cap() in node_device_hal.c can be greatly
simplified, given that the 'out' label is always getting
hit regardless of 'retval', which can also be eliminated.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Michal Privoznik [Tue, 17 Dec 2019 16:45:50 +0000 (17:45 +0100)]
qemu_firmware: Try to autofill for old style UEFI specification
While we discourage people to use the old style of specifying
UEFI for their domains (the old style is putting path to the FW
image under /domain/os/loader/ whilst the new one is using
/domain/os/@firmware), some applications might have not adapted
yet. They still rely on libvirt autofilling NVRAM path and
figuring out NVRAM template when using the old way (notably
virt-install does this). We must preserve backcompat for this
previously supported config approach. However, since we really
want distro maintainers to leave --with-loader-nvram configure
option and rely on JSON descriptors, we need to implement
autofilling of NVRAM template for the old way too.
qemu_firmware: Introduce @want variable to qemuFirmwareMatchDomain()
This simplifies condition when matching FW interface by having a
single line condition instead of multiline one. Also, it prepares
the code for future expansion.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Michal Privoznik [Fri, 13 Dec 2019 14:41:16 +0000 (15:41 +0100)]
qemu_firmware: Pass virDomainDef into qemuFirmwareFillDomain()
This function needs domain definition really, we don't need to
pass the whole domain object. This saves couple of dereferences
and characters esp. in more checks to come.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Cole Robinson <crobinso@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
The 'domifaddr' command accepts several arguments. Let's validate
them first and look up domain to work with only after to save
some RPC cycles should validation fail.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Introduced in v5.10.0-449-gcf44ec5577 it used
virshCommaStringListComplete() to generate list of options. But
this is not correct because the '--source' argument of the
'domifaddr' doesn't accept a string list (for instance
"arp,agent,lease") rather than a single string. Therefore, the
completer must return these strings separately and thus must
refrain from using virshCommaStringListComplete().
At the same time, now that we have strings we need declared as
an enum we can use TypeToString() instead of copying strings.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Pavel Hrdina [Mon, 6 Jan 2020 14:23:06 +0000 (15:23 +0100)]
po/Makefile.am: use SOURCE_DATE_EPOCH to set POT creation date
When building RPMs for libvirt the PO files are part of libvirt-libs
package. Now that we generate libvirt.pot during build time the POT
creation date is also generated at that time.
The issue here is that when building libvirt-libs for x86_64 and i686
the generated libvirt.pot file will have different POT creation date
which affects installed PO files as well which leads to conflict when
installing both x86_64 and i686 packages.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Debian 9 ships the oldest versions of some of our dependent
packages so can highlight bugs not seen elsewhere. CentOS 7,
despite being quite old, has rebased some packages to much
newer versions.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
GLib header files annotate every API with a version number.
It is possible to define some constants before including
glib.h which will result in useful compile time warnings.
Setting GLIB_VERSION_MIN_REQUIRED will result in a warning
if libvirt uses an API that was deprecated in the declared
version, or before. Such API usage should be rewritten to
use the documented new replacement API.
Setting GLIB_VERSION_MAX_ALLOWED will result in a warning
if libvirt uses an API that was not introduced until a
version of GLib that's newer than our minimum declared
version. This avoids accidentally using functionality
that is not available on some supported platforms.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
src: replace strptime()/timegm()/mktime() with GDateTime APIs set
Unfortunately g_date_time_new_from_iso8601 isn't available until
glib 2.56, and backporting it requires alot of code copying and
poking at private glib structs.
This reverts domain_conf.c back to its original parsing logic prior
to 810613a60efe3924c536b3663246900bc08910a5, but using g_date_time_new()
instead of gmtime(). The other files are then adapted to follow a
similar approach.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
g_canonicalize_filename was not introduced until glib 2.58
so we need a temporary backport of its impl.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
util: keep glib compat methods in alphabetical order
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
util: always replace g_fsync usage with our wrapper
g_fsync was introduced in 2.63 which is newer than our minimum
glib version. A future commit will introduce compile time
checking of API versions to prevent accidental usage of APIs
from glib newer than our min declared.
To avoid triggering this warning, however, we need to ensure
that we always use our wrapper function via glibcompat.c,
which will disable the API version warnings.
Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Currently, when security driver is not available users are informed that
it wasn't found which can be confusing.
1. Update error message
2. Add comment to domain doc
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by Sebastian Mitterle <smitterl@redhat.com>
Peter Krempa [Mon, 6 Jan 2020 14:32:54 +0000 (15:32 +0100)]
qemu: backup: roll-back checkpoint metadata if the checkpoint wasn't taken
We insert the checkpoint metadata into the list of checkpoints prior to
actually creating the on-disk bits. If the 'transaction' or any other
steps done between inserting the checkpoint and creating the on-disk
data fail we'd end up with an unusable checkpoint that would vanish
after libvirtd restart.
Prevent this by rolling back the metadata if we didn't actually take and
record the checkpoint.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Peter Krempa [Mon, 6 Jan 2020 14:03:56 +0000 (15:03 +0100)]
qemu: checkpoint: Extract and export rollback of checkpoint metadata storing
If we are certain that the checkpoint creation failed we remove the
metadata from the list. To allow reusing this in the backup code add a
new helper and export it.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
When allowing/denying a device in devices CGroupV2 we have to
write a BPF program for it. The program we put there is merely
static and all it does it looks up a device in a hash table (also
known as map in BPF terminology). A map is referenced via an FD
which can be acquired via virBPFCreateMap() and like any other FD
it should be closed when no longer needed. However, we close it
twice: the first time in virCgroupV2DevicesAttachProg() which
closes it unconditionally, and the second time in either
virCgroupV2DevicesCreateProg() or
virCgroupV2DevicesPrepareProg(). Remove the second close.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Andrea Bolognani [Wed, 11 Dec 2019 17:40:31 +0000 (18:40 +0100)]
ci: Fetch list of available container images dynamically
Any static list of images is destined to become outdated eventually,
so let's start generating it dynamically instead.
Unfortunately there doesn't seem to be a straightforward way to get
Podman/Docker to list all repositories under quay.io/libvirt, so we
have to resort to searching and filtering manually; and since the
two tools behave slightly differently in that regard, it's more
sane to have the logic in a separate shell script than it would be
to keep it inline in the Makefile with all the annoying escaping
doing so would entail.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Cole Robinson <crobinso@redhat.com>
Wang Huaqiang [Thu, 2 Jan 2020 10:45:04 +0000 (18:45 +0800)]
util, resctrl: using 64bit interface instead of 32bit for counters
The underlying resctrl monitoring is actually using 64 bit counters,
not the 32bit one. Correct this by using 64bit data type for reading
hardware value.
To keep the interface consistent, the result of CPU last level cache
that occupied by vcpu processors of specific restrl monitor group is
still reported with a truncated 32bit data type. because, in silicon
world, CPU cache size will never exceed 4GB.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Wang Huaqiang <huaqiang.wang@intel.com>
Peter Krempa [Fri, 20 Dec 2019 10:27:37 +0000 (11:27 +0100)]
schemas: backup: Remove pointless <choice> for 'name' of backup disk
One of the first versions thought of using disk path as the second
option but this was dropped as being a legacy interface. Remove the
leftover pointless <choice> wrapper for the disk name as there's just
one option now.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Peter Krempa [Fri, 20 Dec 2019 10:20:24 +0000 (11:20 +0100)]
qemu: process: Terminate backup job on VM destroy
Commit d75f865fb989b3e6330c78c28e1c3bf7fa28e6a5 caused a job-deadlock if
a VM is running the backup job and being destroyed as it removed the
cleanup of the async job type and there was nothing to clean up the
backup job.
Add an explicit cleanup of the backup job when destroying a VM.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
projects / libvirt.git / log