John Ferlan [Mon, 9 Apr 2018 14:31:17 +0000 (10:31 -0400)]
qemu: Alter VM Generation ID for specific startup/launch transitions
Before we generate the command line for qemu, if the domain about to
be launched desires to utilize the VM Generation ID functionality, then
handle both the regenerating the GUID value for backup recovery (restore
operation) and the startup after snapshot as both require a new GUID to
be generated to allow the guest operating system to recognize the VM
is re-executing something that has already executed before.
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
John Ferlan [Mon, 9 Apr 2018 16:10:02 +0000 (12:10 -0400)]
conf: Add VM Generation ID parse/format support
The VM Generation ID is a mechanism to provide a unique 128-bit,
cryptographically random, and integer value identifier known as
the GUID (Globally Unique Identifier) to the guest OS. The value
is used to help notify the guest operating system when the virtual
machine is executed with a different configuration.
This patch adds support for a new "genid" XML element similar to
the "uuid" element. The "genid" element can have two forms "<genid/>"
or "<genid>$GUID</genid>". If the $GUID is not provided, libvirt
will generate one and save it in the XML.
Since adding support for a generated GUID (or UUID like) value to
be displayed modifying the xml2xml test to include virrandommock.so
is necessary since it will generate a "known" value.
Signed-off-by: John Ferlan <jferlan@redhat.com> ACKed-by: Michal Privoznik <mprivozn@redhat.com>
Lin Ma [Wed, 23 May 2018 06:32:41 +0000 (14:32 +0800)]
virsh: Move vshEventCallback structure definition to virsh-domain.h
The next patch will use it in virsh-completer.c for returning the
strings of domain event name. At the same time, rename it to
avoid possible name clashing.
Signed-off-by: Lin Ma <lma@suse.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Peter Krempa [Tue, 22 May 2018 11:46:05 +0000 (13:46 +0200)]
qemu: monitor: Drop JSON versions of savevm/delvm/loadvm
qemu did not QAPIfy these and the design and name will most probably
change. The replacements will not be compatible. Drop the JSON stubs and
annotate that there won't be a replacement.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Wed, 28 Feb 2018 14:20:17 +0000 (15:20 +0100)]
qemu: migration: Add support for transporting NBD over TLS
Implement the secure way to transport non-shared storage data across
migrations. The new approach uses blockdev-add to create the NBD client
so that the TLS secret object can be specified.
Peter Krempa [Thu, 22 Feb 2018 15:11:59 +0000 (16:11 +0100)]
qemu: migration: Rename NBD migration functions
Drop the mention of 'drive mirror' from the function names and mention
NBD. This will help when adding the 'blockdev mirror' migration code
which will allow using TLS.
Additionally fix some of the function comments to make more sense
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Peter Krempa [Wed, 28 Feb 2018 14:22:30 +0000 (15:22 +0100)]
qemu: domain: Add private data for NBD migration storage source definition
Allow saving various aspects necessary to do NBD migration via blockdev
by storing a 'virStorageSource' in the disk private data meant to store
the NBD target of migration. Along with this add code to parse and
format it into the status XML.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Peter Krempa [Fri, 23 Feb 2018 11:59:13 +0000 (12:59 +0100)]
qemu: block: Add helpers for hot-adding virStorageSource via blockdev
These helpers add infrastructure which simplifies adding and rolling
back virStorageSources to a running qemu instance. Using of the helper
structure and separate functions allows for a much cleaner code in the
section dealing with the monitor.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Peter Krempa [Tue, 20 Feb 2018 16:56:46 +0000 (17:56 +0100)]
qemu: monitor: Factor out and document code to format QMP command
Move formatting of the qemu command out of qemuMonitorJSONMakeCommandRaw
to qemuMonitorJSONMakeCommandInternal to allow greater reusability and
document the function better.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Peter Krempa [Thu, 29 Mar 2018 11:22:04 +0000 (13:22 +0200)]
qemu: caps: Add capability for blockdev-add/blockdev-del
The capability also represents that 'blockdev-add' is functional. It's
necessary to detect it via presence of 'blockdev-del' since blockdev-add
did not have the unsupported 'x-blockdev-add' version previously and
thus would be marked as present even if we could not use it.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Peter Krempa [Fri, 23 Feb 2018 08:03:49 +0000 (09:03 +0100)]
qemu: migration: Don't access disk members without lock
The initiation of a synchronous block job in the NBD storage migration
code was placed after entering the monitor thus after the lock on the VM
object was unlocked. Thankfully nothing bad could happen in this
situation since the migration job prevents any disk detaches or other
modifications of the domain object.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Peter Krempa [Mon, 14 May 2018 11:54:12 +0000 (13:54 +0200)]
qemu: block: Don't nest storage layer properties into format layer
Reference the storage via node name rather than inlining it. This is
the approach that will be used with -blockdev/blockdev-add since it
allows more control and is more future proof.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Filip Alac [Tue, 22 May 2018 11:12:32 +0000 (13:12 +0200)]
conf: Introduce codec type 'output'
Introduce support for codec type 'output' ('hda-output' in QEMU) for ich6
and ich9 sound devices, which only advertises a line-out in the guest.
This has been available in QEMU since 0.14.
Signed-off-by: Filip Alac <filipalac@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Ján Tomko [Fri, 18 May 2018 12:46:54 +0000 (14:46 +0200)]
Reintroduce QEMU_CAPS_SECCOMP_SANDBOX
Commit 766d5c1b deprecated the capability, because we were assuming
it for every QEMU binary. At the time of the introduction, there
was no way to probe for this via QMP.
However since QEMU 1.5.0 (which is the earliest version we support)
we can rely on the query-command-line-options command to detect this
feature.
Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Just like ec982f6d929f3c23 denies hugepages for non-existent
guest NUMA nodes in case there are some nodes configured.
Unfortunately, when there are none, qemuBuildNumaArgStr() is not
called and thus we have to have check in qemuBuildMemPathStr()
too.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
cpu: define the 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
Some AMD processors only support a non-architectural means of
enabling Speculative Store Bypass Disable. To allow simplified
handling in virtual environments, hypervisors will expose an
architectural definition through CPUID bit 0x80000008_EBX[25].
This needs to be exposed to guest OS running on AMD x86 hosts to
allow them to protect against CVE-2018-3639.
Note that since this CPUID bit won't be present in the host CPUID
results on physical hosts, it will not be enabled automatically
in guests configured with "host-model" CPU unless using QEMU
version >= 2.9.0. Thus for older versions of QEMU, this feature
must be manually enabled using policy=force. Guests using the
"host-passthrough" CPU mode do not need special handling.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
cpu: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
tools: Tiny clean-ups for two functions in virsh-completer.c
These two functions were duplicating some cleanup paths, so let's just merge
both cleanup and error paths together. To distinguish whether we need to
clean-up the return value let's keep it in @tmp until the function is successful
in which case we set @ret to the value of @tmp and set @tmp to NULL.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
travis: Print test log file from distcheck as well
Since we started using `make distcheck` in travis, the part that's printing the
tests/test-suite.log file is rather pointless. Let's check for both known
locations (keeping the previous one there on purpose) so that the output is
usable again.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
We currently print the libvirt and qemu version strings into the
per-guest logfile. It would be useful to know what kernel is running
too, so add that.
Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com> Tested-by: Kashyap Chamarthy <kchamart@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Ján Tomko [Fri, 18 May 2018 13:41:25 +0000 (15:41 +0200)]
Remove type_sep parameter from qemuBuildHostNetStr
The last caller not passing a comma was removed by:
commit ad8a7c4f8599bd58608500a72cdfec18a6bf2318
Author: Ján Tomko <jtomko@redhat.com>
CommitDate: 2018-04-12 17:17:16 +0200
qemu: deprecate QEMU_CAPS_NETDEV
Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
Michal Privoznik [Thu, 17 May 2018 11:53:34 +0000 (13:53 +0200)]
qemu: Implement multiple screen support for virDomainScreenshot
According to virDomainScreenshot() documentation, screens are
numbered sequentially. e.g. having two graphics cards, both with
four heads, screen ID 5 addresses the second head on the second
card.
But apart from that, there's nothing special happening here.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Thu, 17 May 2018 09:41:37 +0000 (11:41 +0200)]
qemu: Introduce QEMU_CAPS_SCREENDUMP_DEVICE
As of v2.12.0-rc0~32^2 QEMU is capable specifying which display
device and head should the screendump be taken from. Track this
capability so that we can use it later in our virDomainScreenshot
API.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Historically we matched log filters with strstr(), and when switching to
fnmatch in cbb0fd3cfdc287f6f4653ef1f04a7cfb2ea51b27, it was stated that
we would continue to match substrings, with "foo" being equivalent to
"*foo*". Unfortuntely I forget to provide the code to actually make that
happen. This fixes it to prepend and append "*". We don't bother to
check if the pattern already has a leading/trailing '*', because
"**foo**" will match the same as "*foo*".
Reviewed-by: Erik Skultety <eskultet@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Ján Tomko [Tue, 15 May 2018 07:58:50 +0000 (09:58 +0200)]
virCryptoHashBuf: return the length of the hash in bytes
virCryptoHashString also needs to know the size of the returned hash.
Return it if the hash conversion succeeded so the caller does not need
to access the hashinfo array.
This should make virCryptoHashString build without gnutls.
Also fixes the missing return value for the virCryptoHashBuf stub.
Signed-off-by: Ján Tomko <jtomko@redhat.com> Suggested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Michal Privoznik [Tue, 15 May 2018 11:49:06 +0000 (13:49 +0200)]
virDomainMemoryDefParseXML: Don't leak discard
==1589== 7 bytes in 2 blocks are definitely lost in loss record 34 of 261
==1589== at 0x4C2AF0F: malloc (vg_replace_malloc.c:299)
==1589== by 0x8A82794: xmlStrndup (in /usr/lib64/libxml2.so.2.9.8)
==1589== by 0x5DD8392: virXMLPropString (virxml.c:510)
==1589== by 0x5E12427: virDomainMemoryDefParseXML (domain_conf.c:15704)
==1589== by 0x5E207DE: virDomainDefParseXML (domain_conf.c:20351)
==1589== by 0x5E2184F: virDomainDefParseNode (domain_conf.c:20636)
==1589== by 0x5E216A1: virDomainDefParse (domain_conf.c:20580)
==1589== by 0x5E21747: virDomainDefParseFile (domain_conf.c:20606)
==1589== by 0x112F5F: testCompareXMLToArgv (qemuxml2argvtest.c:493)
==1589== by 0x138780: virTestRun (testutils.c:180)
==1589== by 0x117129: mymain (qemuxml2argvtest.c:937)
==1589== by 0x13A83C: virTestMain (testutils.c:1120)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Peter Krempa [Fri, 11 May 2018 13:40:34 +0000 (15:40 +0200)]
qemu: process: Change semantics of functions starting PR daemon
Libvirt only manages one PR daemon. This means that we don't need to
pass the 'disk' object and also rename the functions dealing with this
so that it's obvious we only deal with the managed PR daemon.
Signed-off-by: Peter Krempa <pkrempa@redhat st.com>
Peter Krempa [Mon, 14 May 2018 05:25:43 +0000 (07:25 +0200)]
util: storage: Allow passing <source> also for managed PR case
To allow storing status information in the XML move the validation that
the 'path' is not valid for managed PR daemon case into
qemuDomainValidateStorageSource and allow parsing of the data even in
case when managed='yes'.
projects / libvirt.git / log