network: delay global firewall setup if no networks are running
Creating firewall rules for the virtual networks causes the kernel to
load the conntrack module. This imposes a significant performance
penalty on Linux network traffic. Thus we want to only take that hit if
we actually have virtual networks running.
We need to create global firewall rules during startup in order to
"upgrade" rules for any running networks created by older libvirt.
If no running networks are present though, we can safely delay setup
until the time we actually start a network.
Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
network: pull global chain init into separate method
Pull the logic for creating global iptables chains into a separate
method and protect its invocation with virOnce, to make it possible
to reuse it in non-startup paths.
Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Device validation should not have to wait until command line
generation time. Moving the code to a separate function also
allows us to avoid some unnecessary repetition.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Ján Tomko [Tue, 21 May 2019 13:05:37 +0000 (15:05 +0200)]
Introduce DOMAIN_DEVICE_ITERATE_MISSING_INFO
Rename the DOMAIN_DEVICE_ITERATE_GRAPHICS flag.
It was introduced by commit dd45c2710f6fd2d4f8a47f97960532d0e0091e7d
with the intention to run the Validate callback even on the graphics
device.
However, enumerating every single device in virDomainDeviceIterateFlags
is unsustainable and what really was special about the graphics device
was the lack of DeviceInfo.
Rename the flag and iterate over more info-less devices. (and leases)
Erik Skultety [Thu, 23 May 2019 12:26:40 +0000 (14:26 +0200)]
docs: Change the 'Launch Security' section id to "launchSecurity"
Although there's currently only support for SEV, it's likely other
solutions will appear, so we should not refer to the documentation
section simply with 'sev'.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Michal Privoznik [Thu, 23 May 2019 10:10:21 +0000 (12:10 +0200)]
misc: Drop useless checks from *Dispose() functions
Due to the way that our virObjectUnref() is written it's not
possible that a NULL is passed into *Dispose() function. However,
some functions check for that regardless.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Andrea Bolognani [Fri, 17 May 2019 14:37:56 +0000 (16:37 +0200)]
tests: Add negative test for Intel IOMMU
Make sure validation is working as intended by trying to use
Intel IOMMU with the i440fx machine type, though we know it's
a q35-only feature, and expecting an error to be returned.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Andrea Bolognani [Fri, 17 May 2019 12:45:36 +0000 (14:45 +0200)]
tests: Use DO_TEST_CAPS_*() for Intel IOMMU
We can drop the intel-iommu-machine test case while doing so,
since it is supposed to showcase how we generate different
command lines for older QEMU versions and we can do that
using a single input file now.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Andrea Bolognani [Fri, 17 May 2019 13:38:40 +0000 (15:38 +0200)]
tests: Simplify Intel IOMMU testing
Remove a bunch of irrelevant devices and make sure all input
files explicitly opt out of USB controllers: the latter change
will help later, when we start using DO_TEST_CAPS_*().
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 9 May 2019 10:20:42 +0000 (12:20 +0200)]
docs: hacking: Add good practices for shortening conditional expressions
Document that checking if a integer is (non-)zero should (not must)
avoid the shortened form that C allows as it may confuse readers into
overlooking the other possible values which might be interresting to
handle.
While pointers have distinct values from the point of view of the code
we only care whether it's non-NULL and thus it's documented it's okay
to shorten those.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> ACKed-by: Eric Blake <eblake@redhat.com>
Peter Krempa [Tue, 7 May 2019 14:47:00 +0000 (16:47 +0200)]
docs: hacking: Document few practices for creating error messages
State that error messages should not be broken into multiple lines for
programmer friendliness and should not be concatenated on the fly for
translator friendliness and few other details.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> ACKed-by: Eric Blake <eblake@redhat.com>
Peter Krempa [Mon, 20 May 2019 12:48:22 +0000 (14:48 +0200)]
qemu: migration: Don't pass around flags for different API
The NBD migration code uses drive/blockdev-mirror internally. In those
APIs we pass around flags for the monitor commands which are based on
the flags for the virDomainBlockRebase API. Since there's only one flag
which changes, pass it around explicitly rather than obscuring it in a
bitfield.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Wed, 15 May 2019 15:19:11 +0000 (17:19 +0200)]
qemu: blockcopy: sanitize permission handling for 'mirror'
At the point when we want to modify the permissions for the 'mirror' we
know whether it is supposed to have a backing chain or no. Given that
mirror->backingStore is populated only when we'd need to touch it ayways
we can use qemuDomainStorageSourceChainAccessAllow even in place of
qemuDomainStorageSourceAccessAllow used for other cases to simplify the
code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Wed, 15 May 2019 15:12:35 +0000 (17:12 +0200)]
qemu: Validate backing store of 'mirror' for block copy
Since 4e797f1a we parse backingStore of mirror which will later be used
with blockdev. Add some validation for the user passed mirror at the
current point to make sure it's not used improperly.
Validate that it's not used without blockdev and also that it's not
passed when not requesting a shallow copy. Also add a chain terminator
for a deep copy since we know the resulting mirror will not have chain.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 14 May 2019 12:42:35 +0000 (14:42 +0200)]
qemu: Remove unnecessary calls to qemuDomainStorageSourceAccessRevoke
Since 3decae00e90 qemuDomainStorageSourceAccessAllow revokes the
permissions it granted if it fails halfway, thus we can remove some
calls to qemuDomainStorageSourceAccessRevoke which tried to undo this
situation.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 14 May 2019 13:01:04 +0000 (15:01 +0200)]
qemu: Remove unecessary error keeping in qemuDomainBlockCopyCommon
Since 3decae00e90 qemuDomainStorageSourceAccessRevoke keeps the libvirt
error which was set prior to the call around even after the call, thus
we don't need to do the same when reverting access in the block copy
code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 12 Feb 2019 12:19:17 +0000 (13:19 +0100)]
qemu: driver: Set mirror state after successful command
When aborting or pivoting a block job we record which operation we do
for the mirror in the virDomainDiskDef structure. As everything is
synchronized by a job it's not necessary to modify the state prior to
calling the monitor and resetting the state on failure.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Tue, 12 Feb 2019 13:02:27 +0000 (14:02 +0100)]
qemu: blockjob: Fix documentation for 'newstate' of _qemuBlockJobData
When used with the new job handler the values will also include some of
the non-public values from qemuBlockjobState. Modify the comment to
clarify this.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
The virtlogd daemon's only intended client is the libvirtd daemon. As
such it should never allow clients from other user accounts to connect.
The code already enforces this and drops clients from other UIDs, but
we can get earlier (and thus stronger) protection against DoS by setting
the socket permissions to 0600
Fixes CVE-2019-10132
Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
The virtlockd daemon's only intended client is the libvirtd daemon. As
such it should never allow clients from other user accounts to connect.
The code already enforces this and drops clients from other UIDs, but
we can get earlier (and thus stronger) protection against DoS by setting
the socket permissions to 0600
Fixes CVE-2019-10132
Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
admin: reject clients unless their UID matches the current UID
The admin protocol RPC messages are only intended for use by the user
running the daemon. As such they should not be allowed for any client
UID that does not match the server UID.
Fixes CVE-2019-10132
Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
rpm: remove dependancy from qemu to network/storage drivers
The libvirt-daemon-driver-qemu RPM has historically had a hard
dependency on the libvirt-daemon-driver-network and
libvirt-daemon-driver-storage-core packages. This was because the QEMU
driver would directly call into APIs that were part of these drivers.
The dependency to the storage driver was eliminated in
Han Han [Sun, 28 Apr 2019 09:18:05 +0000 (17:18 +0800)]
qemu: Add entry for balloon stats stat-htlb-pgalloc and stat-htlb-pgfail
Qemu added reporting of virtio balloon new statistics stat-htlb-pgalloc and
stat-htlb-pgfail since qemu-3.0 commit b7b12644297. The value of
stat-htlb-pgalloc represents the number of successful hugetlb page allocations
while stat-htlb-pgfail represents the number of failed ones. Add this
statistics reporting to libvirt.
To enable this feature for vm, guest kenel >= 4.17 is required because
the exporting hugetlb page allocation for virtio balloon is introduced
since 6c64fe7f.
Signed-off-by: Han Han <hhan@redhat.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
qemu: Do not override config XML in case of snapshot revert
Snapshot create operation saves the live XML and uses it to replace the
domain definition in case of revert. But the VM config XML is not saved
and the revert operation does not address this issue. This commit
prevents the config XML from being overridden by snapshot definition.
An active domain stores both current and new definitions. The current
definition (vm->def) stores the live XML and the new definition
(vm->newDef) stores the config XML. In an inactive domain, only the
config XML is persistent, and it's saved in vm->def.
The revert operation uses the virDomainObjAssignDef() to set the
snapshot definition in vm->newDef, if domain is active, or in vm->def
otherwise. But before that, it saves the old value to return to
caller. This return is used here to restore the config XML after
all snapshot startup process finish.
Signed-off-by: Maxiwell S. Garcia <maxiwell@linux.ibm.com>
then the parent should refrain from touching @fd thereafter. This
is even documented in virCommandPassFD() comment. The reason is
that either at virCommandRun()/virCommandRunAsync() or
virCommandFree() time the @fd will be closed. Closing it earlier,
e.g. right after virCommandPassFD() call might result in
undesired results. Another thread might open a file and receive
the same FD which is then unexpectedly closed by virCommandFree()
or virCommandRun().
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
src: don't statically link code that's already in libvirt.so
Various binaries are statically linking to libvirt_util.la and
other intermediate libraries we build. These intermediate libs
all get built into the main libvirt.so shared library eventually,
so we can dynamically link to that instead and reduce the on disk
footprint.
It may happen that the system where libvirt is built at doesn't
have udevadm binary but the one where it runs does have it.
If we change how udevadm is run in virWaitForDevices() then we
can safely pass a default value in m4 macro.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Andrea Bolognani [Thu, 16 May 2019 10:04:48 +0000 (12:04 +0200)]
qemu: Only probe available machine types
Since we know the full list of machine types supported
by the QEMU binary when probing machine type properties,
we can save some work (and eventually test suite churn,
as more architecture-specific machine types need to be
probed) by only probing machines that we know exist.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Andrea Bolognani [Thu, 16 May 2019 14:29:53 +0000 (16:29 +0200)]
tests: Refresh capabilities for QEMU on ppc64
Now that we're probing machine type properties using the
latest machine type rather than the "spapr-machine" parent,
we can finally discover properties that are not available
on all machine types.
This commit refreshes replies for QEMU 4.0.0 as well as
3.1.0 to show not only that we're actually discovering new
machine type properties this way, but also that the number
of available machine type properties increases with each
subsequent QEMU release.
If qom-list-properties had been available in QEMU 2.10.0,
we could now drop the explicit version number checks for
the QEMU_CAPS_MACHINE_PSERIES_MAX_CPU_COMPAT and
QEMU_CAPS_MACHINE_PSERIES_RESIZE_HPT capabilities, but
unfortunately it wasn't, so we have to keep them around
still.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Andrea Bolognani [Thu, 16 May 2019 08:34:01 +0000 (10:34 +0200)]
qemu: Probe canonicalized machine type
Now that we have the list of machine types available when
probing machine type properties, we can list properties for
the canonicalized version of the "pseries" machine type
instead of having to go through "spapr-machine", which we
know to be the parent type for all "pseries-*-machine"
types. By doing this, we'll be able to find even properties
that are only available from a certain versioned machine
type forward, and can't thus be obtained when looking at
the parent type only.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Andrea Bolognani [Thu, 16 May 2019 08:18:58 +0000 (10:18 +0200)]
qemu: Add -machine suffix automatically
The QOM type for machine types is the machine type name
followed by the -machine suffix. Since this is always the
case, we can make virQEMUCapsMachineProps more readable
and avoid repetition by not including the suffix there and
adding it automatically while processing the data; moreover,
when later on we will start figuring out which specific
versioned machine type to probe at runtime instead of doing
so statically, adding the suffix dynamically will become
necessary.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Andrea Bolognani [Thu, 16 May 2019 13:46:58 +0000 (15:46 +0200)]
qemu: Move call to virQEMUCapsProbeQMPMachineProps()
We're going to need information about available machine types
when probing machine type properties soon, and that means we
have to change the order we call QMP commands.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Andrea Bolognani [Thu, 16 May 2019 13:45:08 +0000 (15:45 +0200)]
qemu: Introduce virQEMUCapsProbeQMPMachineProps()
Up until now we've probed machine type properties, along with
properties for other types, in virQEMUCapsProbeQMPDevices(), but
soon we're going to need some logic that is specific to machine
types and as such wouldn't quite fit into that function.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Peter Krempa [Fri, 17 May 2019 08:15:53 +0000 (10:15 +0200)]
qemu: blockjob: Fix saving of inactive XML after completed legacy blockjob
Commit c257352797 introduced a logic bug where we will never save the
inactive XML after a blockjob as the variable which was determining
whether to do so is cleared right before. Thus even if we correctly
modify the inactive state it will be rolled back when libvirtd is
restarted.
Reported-by: Thomas Stein <hello@himbee.re> Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Ján Tomko [Mon, 13 May 2019 14:17:46 +0000 (16:17 +0200)]
build: bump minimum udev version to 219
This is the version of systemd RHEL/CentOS 7 uses:
https://repology.org/project/systemd/versions
Oldest tracked openSUSE distros have 228,
Ubuntu 16.04 has 229 and Gentoo's alternative eudev
has bumped the version to 219 back in 2015.
Signed-off-by: Ján Tomko <jtomko@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
virt-aa-helper: allow sysfs path used for vhost-scsi
When a vhost scsi device is hotplugged virt-aa-helper is called to
add the respective path.
For example the config:
<hostdev mode='subsystem' type='scsi_host' managed='no'>
<source protocol='vhost' wwpn='naa.50014059de6fba4f'/>
</hostdev>
Will call it to add:
/sys/kernel/config/target/vhost//naa.50014059de6fba4f
But in general /sys paths are filtered in virt-aa-helper.c:valid_path
To allow the path used for vhost-scsi we need to add it to the list of
known and accepted overrides.
Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1829223 Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
qemuxml2argvtest: add test for remove cpu features
CPU features that always were a no-op in qemu got removed there.
We no more specify them as that would trigger errors and fail to start
qemu. This test ensures that those features really are not rendered into
qemu command line.
Without the related fix this test will trigger and fail like:
In 'tests/qemuxml2argvdata/cpu-no-removed-features.args':
Offset 371
Expect [ ]
Actual [,-osxsave,-ospke ]
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Tested-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Qemu dropped cpu features for osxsave and ospke [1][2].
The reason for the instant removal is that those features were never
configurable as discussed in [3].
Fortunately the use cases adding those flags in the past are rare, but
they exist. One that I identified are e.g. older virt-install when used
with --cpu=host-model and there always could be the case of a user
adding it to the guest xml.
This triggers an issue like:
qemu-system-x86_64: can't apply global Broadwell-noTSX-x86_64-
cpu.osxsave=on: Property '.osxsave' not found
Ensure that this does no more break spawning newer qemu versions by
not rendering those features into the qemu command line.
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com> Tested-by: Daniel Henrique Barboza <danielhb413@gmail.com>
The bit is set when microcode provides the mechanism to invoke a flush
of various exploitable CPU buffers by invoking the VERW instruction.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This function gets snapshot XML (provided by used) as an
argument. It parses it into a local variable @def and then sets
some more members (e.g. it creates a copy of live domain XML).
Then it proceeds to checking if snapshot XML is valid (e.g. it
contains as many disks as currently in the domain). If this fails
then the control jumps to endjob label and subsequently return
from the function. This is where AUTOFREE function for @def is
ran. Well, because the code says to run plain VIR_FREE() we leak
some memory because @def is actually an object and therefore
it should have been declared as AUTOUNREF.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Michal Privoznik [Tue, 14 May 2019 08:42:42 +0000 (10:42 +0200)]
storagepoolxml2argvtest: Avoid double free
A double free may occur in testCompareXMLToArgvFiles() when @def
is freed right after virStoragePoolObjNew() failed and the second
time at cleanup label.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Michal Privoznik [Tue, 14 May 2019 08:40:27 +0000 (10:40 +0200)]
virCommand: Make virCommandPassFDGetFDIndex fail if passed command is in error state
The idea of virCommand* APIs is that a possible error that
occurred while constructing cmd line is kept in virCommand
struct. If that's the case all subsequent calls to virCommand*()
are NO-OPs or they return an error. Well,
virCommandPassFDGetFDIndex() is not honoring that.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Michal Privoznik [Tue, 14 May 2019 08:31:52 +0000 (10:31 +0200)]
virstorageobj: Don't clear vols if they weren't initialized
If virStoragePoolObjNew() fails to create new volume object list
then virObjectUnref() is called and since refcounter is 1 then
virStoragePoolObjDispose() is called which in turn calls
virStoragePoolObjClearVols() which in turn dereferences
obj->volumes.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Michal Privoznik [Mon, 13 May 2019 12:32:06 +0000 (14:32 +0200)]
virsh: Don't leak disk targets in cmdDomBlkError
The virDomainGetDiskErrors() API copies disk targets into @disks
array that we allocate. But we forgot to free it:
==140828== 16 bytes in 4 blocks are definitely lost in loss record 41 of 242
==140828== at 0x4C2F08F: malloc (vg_replace_malloc.c:299)
==140828== by 0x8C406D9: strdup (in /lib64/libc-2.28.so)
==140828== by 0x5377DD3: virStrdup (virstring.c:966)
==140828== by 0x54C112F: testDomainGetDiskErrors (test_driver.c:3068)
==140828== by 0x55C863D: virDomainGetDiskErrors (libvirt-domain.c:10988)
==140828== by 0x15D1FA: cmdDomBlkError (virsh-domain-monitor.c:1215)
==140828== by 0x17F1A8: vshCommandRun (vsh.c:1335)
==140828== by 0x13489E: main (virsh.c:920)
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Andrea Bolognani [Fri, 10 May 2019 14:32:22 +0000 (16:32 +0200)]
examples: Install under $(docdir)
Our build system doesn't currently install the various
example programs provided along libvirt; however, both the
upstream .spec file and the Debian packaging go out of
their way to make sure these useful demos are included in
the respective documentation packages.
Moreover, doing so without help from the upstream build
system is easy to get wrong: the libvirt-docs RPM package,
for example, ends up missing one of the examples and
including a bunch of empty .deps/ directories.
Install the examples in $(docdir) as part of our regular
procedure, so that users and downstreams don't have to do
anything special about them.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Acked-by: Michal Privoznik <mprivozn@redhat.com>
Andrea Bolognani [Fri, 10 May 2019 14:22:11 +0000 (16:22 +0200)]
docs: Install documentation under $(docdir)
At the moment we allow the user to specify exactly where
they want the HTML documentation to be installed with an
extreme level of precision through the --with-html-dir and
--with-html-subdir configure options.
Most of the time, of course, the user will stick with the
default, that is $(datadir)/doc/$(PACKAGE)-$(VERSION)/html.
So close to $(docdir)! Including the version number in
the path, specifically, seems entirely unnecessary since
different releases of libvirt are not going to be able to
coexist on the same system anyway.
Drop all these custom flexibilty for flexibilty's sake
shenaningans in favor of the standard, well understood
$(docdir).
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Acked-by: Michal Privoznik <mprivozn@redhat.com>
Andrea Bolognani [Fri, 10 May 2019 12:54:52 +0000 (14:54 +0200)]
docs: Introduce $(devhelphtml_generated)
Our XSLT magic generates one Devhelp-compatible HTML file
per documentation module, but so far we have only shipped
and installed documentation for virterror.
Now that we have $(modules), however, we can generate the
list of files the same way we do for regular documentation
and make sure we always ship and install everything.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Acked-by: Michal Privoznik <mprivozn@redhat.com>
Eric Blake [Fri, 10 May 2019 14:38:31 +0000 (09:38 -0500)]
qemu: Fix regression with undefine --snapshots-metadata
In refactoring the snapshot code to prepare for checkpoints, I changed
qemuDomainMomentDiscardAll to take a callback that would handle the
cleanup of either a snapshot or a checkpoint, but failed to set the
callback on one of the two snapshot callers. As a result, 'virsh
undefine $dom --snapshots-metadata' crashed on a NULL function
dereference.
Fixes: a487890d371b8cc3662c1717dfe07eea3f1ef1c0 Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1707708 Signed-off-by: Eric Blake <eblake@redhat.com> Acked-by: Peter Krempa <pkrempa@redhat.com>
virSysinfoParseX86BaseBoard: Free memory upfront if no board detected
If no board was detected then VIR_REALLOC_N() done at the end of
the function will actually free the memory (because nborads ==
0), but @boards will be set to a non-NULL pointer. This makes it
unnecessary harder for a caller to see if any board was detected.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The way it works now the Makefile needs to be both make valid and automake
valid. That is fine for now, but if we want to use anything more advanced, like
conditionals, we cannot have it like that any more.
So instead forward all ci-* rules to that file.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Eric Blake [Thu, 9 May 2019 14:59:06 +0000 (09:59 -0500)]
snapshot: Make virDomainSnapshotDef a virObject
This brings about a couple of benefits:
- use of VIR_AUTOUNREF() simplifies several callers
- Fixes a todo about virDomainMomentObjList not being polymorphic enough
Signed-off-by: Eric Blake <eblake@redhat.com> Acked-by: Peter Krempa <pkrempa@redhat.com>
Eric Blake [Wed, 8 May 2019 18:30:38 +0000 (13:30 -0500)]
snapshot: Add virDomainSnapshotDefNew
In preparation for making virDomainSnapshotDef a descendant of
virObject, it is time to fix all callers that allocate an object to
use virDomainSnapshotDefNew() instead of VIR_ALLOC(). Fortunately,
there aren't very many :)
Signed-off-by: Eric Blake <eblake@redhat.com> Acked-by: Peter Krempa <pkrempa@redhat.com>
Eric Blake [Wed, 8 May 2019 22:10:58 +0000 (17:10 -0500)]
snapshot: s/current/parent/ as prep for virObject
VIR_CLASS_NEW insists that descendents of virObject have 'parent' as
the name of their inherited base class member at offset 0. While it
would be possible to write a new class-creation macro that takes the
actual field name 'current', and rewrite VIR_CLASS_NEW to call the new
macro with the hard-coded name 'parent', it seems less confusing if
all object code uses similar naming. Thus, this is a mechanical rename
in preparation of making virDomainSnapshotDef a descendent of
virObject.
Signed-off-by: Eric Blake <eblake@redhat.com> Acked-by: Peter Krempa <pkrempa@redhat.com>
Eric Blake [Wed, 8 May 2019 16:39:13 +0000 (11:39 -0500)]
snapshot: s/parent/parent_name/ as prep for virObject
VIR_CLASS_NEW insists that descendents of virObject have 'parent' as
the name of their inherited base class member at offset 0. While it
would be possible to write a new class-creation macro that takes the
actual field name, and rewrite VIR_CLASS_NEW to call the new macro
with the hard-coded name 'parent', so that we could make
virDomainMomentDef use a custom name for its base class, it seems less
confusing if all object code uses similar naming. Thus, this is a
mechanical rename in preparation of making virDomainSnapshotDef a
descendent of virObject, when we can no longer use 'parent' for a
different purpose than the base class.
Signed-off-by: Eric Blake <eblake@redhat.com> Acked-by: Peter Krempa <pkrempa@redhat.com>
Peter Krempa [Thu, 18 Apr 2019 14:16:57 +0000 (16:16 +0200)]
qemu: Mark when modifying access to existing source in qemuDomainStorageSourceAccessModify
Some operations e.g. namespace setup are not necessary when modifying
access to a file which the VM can already access. Add a flag which
allows to skip them.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 18 Apr 2019 14:10:52 +0000 (16:10 +0200)]
qemu: Allow skipping the revoke step in qemuDomainStorageSourceAccessModify
In some cases when we need to modify access permissions for a storage
source which is already used by the VM we should not revoke all
permissions on a failure. Allow this in qemuDomainStorageSourceAccessModify
by adding a new flag.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 18 Apr 2019 14:06:19 +0000 (16:06 +0200)]
qemu: Use bools rather than labels in qemuDomainStorageSourceAccessModify
Rather than jumping to the correct label use a set of booleans to
determine which operation needs to be rolled back. This will allow more
flexibility when e.g. rollback after a failed operation will not be
necessary/desired.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Peter Krempa [Thu, 18 Apr 2019 08:18:51 +0000 (10:18 +0200)]
qemu: Split entry points to qemuDomainStorageSourceChainAccessPrepare
Introduce qemuDomainStorageSourceChainAccess(Allow|Revoke) as entry
points to qemuDomainStorageSourceChainAccessPrepare for symmetry with
the functions for single backing chain elements.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
projects / libvirt.git / log