1 /*
2 * qemu_domain.c: QEMU domain private state
3 *
4 * Copyright (C) 2006-2019 Red Hat, Inc.
5 * Copyright (C) 2006 Daniel P. Berrange
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library. If not, see
19 * <http://www.gnu.org/licenses/>.
20 */
21
22 #include <config.h>
23
24 #include "qemu_domain.h"
25 #include "qemu_alias.h"
26 #include "qemu_block.h"
27 #include "qemu_cgroup.h"
28 #include "qemu_command.h"
29 #include "qemu_process.h"
30 #include "qemu_capabilities.h"
31 #include "qemu_hostdev.h"
32 #include "qemu_migration.h"
33 #include "qemu_migration_params.h"
34 #include "qemu_security.h"
35 #include "qemu_slirp.h"
36 #include "qemu_extdevice.h"
37 #include "qemu_blockjob.h"
38 #include "qemu_checkpoint.h"
39 #include "qemu_validate.h"
40 #include "qemu_namespace.h"
41 #include "viralloc.h"
42 #include "virlog.h"
43 #include "virerror.h"
44 #include "viridentity.h"
45 #include "cpu/cpu.h"
46 #include "viruuid.h"
47 #include "virfile.h"
48 #include "domain_addr.h"
49 #include "domain_capabilities.h"
50 #include "domain_driver.h"
51 #include "domain_event.h"
52 #include "domain_validate.h"
53 #include "virtime.h"
54 #include "virnetdevbandwidth.h"
55 #include "virnetdevopenvswitch.h"
56 #include "virstoragefile.h"
57 #include "storage_source.h"
58 #include "virstring.h"
59 #include "virthreadjob.h"
60 #include "virprocess.h"
61 #include "vircrypto.h"
62 #include "virrandom.h"
63 #include "virsystemd.h"
64 #include "virsecret.h"
65 #include "logging/log_manager.h"
66 #include "locking/domain_lock.h"
67 #include "virdomainsnapshotobjlist.h"
68 #include "virdomaincheckpointobjlist.h"
69 #include "backup_conf.h"
70 #include "virutil.h"
71 #include "virqemu.h"
72 #include "virsecureerase.h"
73
74 #include <sys/time.h>
75 #include <fcntl.h>
76
77 #define QEMU_QXL_VGAMEM_DEFAULT 16 * 1024
78
79 #define VIR_FROM_THIS VIR_FROM_QEMU
80
81 VIR_LOG_INIT("qemu.qemu_domain");
82
83
84 static void *
qemuJobAllocPrivate(void)85 qemuJobAllocPrivate(void)
86 {
87 return g_new0(qemuDomainJobPrivate, 1);
88 }
89
90
91 void
qemuDomainJobPrivateMigrateTempBitmapFree(qemuDomainJobPrivateMigrateTempBitmap * bmp)92 qemuDomainJobPrivateMigrateTempBitmapFree(qemuDomainJobPrivateMigrateTempBitmap *bmp)
93 {
94 if (!bmp)
95 return;
96
97 g_free(bmp->nodename);
98 g_free(bmp->bitmapname);
99 g_free(bmp);
100 }
101
102
103 static void
qemuJobFreePrivate(void * opaque)104 qemuJobFreePrivate(void *opaque)
105 {
106 qemuDomainJobPrivate *priv = opaque;
107
108 if (!priv)
109 return;
110
111 qemuMigrationParamsFree(priv->migParams);
112 if (priv->migTempBitmaps)
113 g_slist_free_full(priv->migTempBitmaps,
114 (GDestroyNotify) qemuDomainJobPrivateMigrateTempBitmapFree);
115 g_free(priv);
116 }
117
118
119 static void
qemuJobResetPrivate(void * opaque)120 qemuJobResetPrivate(void *opaque)
121 {
122 qemuDomainJobPrivate *priv = opaque;
123
124 priv->spiceMigration = false;
125 priv->spiceMigrated = false;
126 priv->dumpCompleted = false;
127 qemuMigrationParamsFree(priv->migParams);
128 priv->migParams = NULL;
129 }
130
131
132 static int
qemuDomainObjPrivateXMLFormatNBDMigrationSource(virBuffer * buf,virStorageSource * src,virDomainXMLOption * xmlopt)133 qemuDomainObjPrivateXMLFormatNBDMigrationSource(virBuffer *buf,
134 virStorageSource *src,
135 virDomainXMLOption *xmlopt)
136 {
137 g_auto(virBuffer) attrBuf = VIR_BUFFER_INITIALIZER;
138 g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf);
139
140 virBufferAsprintf(&attrBuf, " type='%s' format='%s'",
141 virStorageTypeToString(src->type),
142 virStorageFileFormatTypeToString(src->format));
143
144 if (virDomainDiskSourceFormat(&childBuf, src, "source", 0, false,
145 VIR_DOMAIN_DEF_FORMAT_STATUS,
146 false, false, xmlopt) < 0)
147 return -1;
148
149 virXMLFormatElement(buf, "migrationSource", &attrBuf, &childBuf);
150
151 return 0;
152 }
153
154
155 static int
qemuDomainObjPrivateXMLFormatNBDMigration(virBuffer * buf,virDomainObj * vm)156 qemuDomainObjPrivateXMLFormatNBDMigration(virBuffer *buf,
157 virDomainObj *vm)
158 {
159 qemuDomainObjPrivate *priv = vm->privateData;
160 size_t i;
161 virDomainDiskDef *disk;
162 qemuDomainDiskPrivate *diskPriv;
163
164 for (i = 0; i < vm->def->ndisks; i++) {
165 g_auto(virBuffer) attrBuf = VIR_BUFFER_INITIALIZER;
166 g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf);
167 disk = vm->def->disks[i];
168 diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
169
170 virBufferAsprintf(&attrBuf, " dev='%s' migrating='%s'",
171 disk->dst, diskPriv->migrating ? "yes" : "no");
172
173 if (diskPriv->migrSource &&
174 qemuDomainObjPrivateXMLFormatNBDMigrationSource(&childBuf,
175 diskPriv->migrSource,
176 priv->driver->xmlopt) < 0)
177 return -1;
178
179 virXMLFormatElement(buf, "disk", &attrBuf, &childBuf);
180 }
181
182 return 0;
183 }
184
185
186 static void
qemuDomainObjPrivateXMLFormatMigrateTempBitmap(virBuffer * buf,GSList * bitmaps)187 qemuDomainObjPrivateXMLFormatMigrateTempBitmap(virBuffer *buf,
188 GSList *bitmaps)
189 {
190 g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf);
191 GSList *next;
192
193 for (next = bitmaps; next; next = next->next) {
194 qemuDomainJobPrivateMigrateTempBitmap *t = next->data;
195 g_auto(virBuffer) bitmapBuf = VIR_BUFFER_INITIALIZER;
196
197 virBufferAsprintf(&bitmapBuf, " name='%s'", t->bitmapname);
198 virBufferAsprintf(&bitmapBuf, " nodename='%s'", t->nodename);
199
200 virXMLFormatElement(&childBuf, "bitmap", &bitmapBuf, NULL);
201 }
202
203 virXMLFormatElement(buf, "tempBlockDirtyBitmaps", NULL, &childBuf);
204 }
205
206
207 static int
qemuDomainFormatJobPrivate(virBuffer * buf,qemuDomainJobObj * job,virDomainObj * vm)208 qemuDomainFormatJobPrivate(virBuffer *buf,
209 qemuDomainJobObj *job,
210 virDomainObj *vm)
211 {
212 qemuDomainJobPrivate *priv = job->privateData;
213
214 if (job->asyncJob == QEMU_ASYNC_JOB_MIGRATION_OUT) {
215 if (qemuDomainObjPrivateXMLFormatNBDMigration(buf, vm) < 0)
216 return -1;
217
218 qemuDomainObjPrivateXMLFormatMigrateTempBitmap(buf, priv->migTempBitmaps);
219 }
220
221 if (priv->migParams)
222 qemuMigrationParamsFormat(buf, priv->migParams);
223
224 return 0;
225 }
226
227
228 static int
qemuDomainObjPrivateXMLParseJobNBDSource(xmlNodePtr node,xmlXPathContextPtr ctxt,virDomainDiskDef * disk,virDomainXMLOption * xmlopt)229 qemuDomainObjPrivateXMLParseJobNBDSource(xmlNodePtr node,
230 xmlXPathContextPtr ctxt,
231 virDomainDiskDef *disk,
232 virDomainXMLOption *xmlopt)
233 {
234 VIR_XPATH_NODE_AUTORESTORE(ctxt)
235 qemuDomainDiskPrivate *diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
236 g_autofree char *format = NULL;
237 g_autofree char *type = NULL;
238 g_autoptr(virStorageSource) migrSource = NULL;
239 xmlNodePtr sourceNode;
240
241 ctxt->node = node;
242
243 if (!(ctxt->node = virXPathNode("./migrationSource", ctxt)))
244 return 0;
245
246 if (!(type = virXMLPropString(ctxt->node, "type"))) {
247 virReportError(VIR_ERR_XML_ERROR, "%s",
248 _("missing storage source type"));
249 return -1;
250 }
251
252 if (!(format = virXMLPropString(ctxt->node, "format"))) {
253 virReportError(VIR_ERR_XML_ERROR, "%s",
254 _("missing storage source format"));
255 return -1;
256 }
257
258 if (!(migrSource = virDomainStorageSourceParseBase(type, format, NULL)))
259 return -1;
260
261 /* newer libvirt uses the <source> subelement instead of formatting the
262 * source directly into <migrationSource> */
263 if ((sourceNode = virXPathNode("./source", ctxt)))
264 ctxt->node = sourceNode;
265
266 if (virDomainStorageSourceParse(ctxt->node, ctxt, migrSource,
267 VIR_DOMAIN_DEF_PARSE_STATUS, xmlopt) < 0)
268 return -1;
269
270 diskPriv->migrSource = g_steal_pointer(&migrSource);
271 return 0;
272 }
273
274
275 static int
qemuDomainObjPrivateXMLParseJobNBD(virDomainObj * vm,xmlXPathContextPtr ctxt)276 qemuDomainObjPrivateXMLParseJobNBD(virDomainObj *vm,
277 xmlXPathContextPtr ctxt)
278 {
279 qemuDomainObjPrivate *priv = vm->privateData;
280 g_autofree xmlNodePtr *nodes = NULL;
281 size_t i;
282 int n;
283
284 if ((n = virXPathNodeSet("./disk[@migrating='yes']", ctxt, &nodes)) < 0)
285 return -1;
286
287 if (n > 0) {
288 if (priv->job.asyncJob != QEMU_ASYNC_JOB_MIGRATION_OUT) {
289 VIR_WARN("Found disks marked for migration but we were not "
290 "migrating");
291 n = 0;
292 }
293 for (i = 0; i < n; i++) {
294 virDomainDiskDef *disk;
295 g_autofree char *dst = NULL;
296
297 if ((dst = virXMLPropString(nodes[i], "dev")) &&
298 (disk = virDomainDiskByTarget(vm->def, dst))) {
299 QEMU_DOMAIN_DISK_PRIVATE(disk)->migrating = true;
300
301 if (qemuDomainObjPrivateXMLParseJobNBDSource(nodes[i], ctxt,
302 disk,
303 priv->driver->xmlopt) < 0)
304 return -1;
305 }
306 }
307 }
308
309 return 0;
310 }
311
312
313 static int
qemuDomainObjPrivateXMLParseMigrateTempBitmap(qemuDomainJobPrivate * jobPriv,xmlXPathContextPtr ctxt)314 qemuDomainObjPrivateXMLParseMigrateTempBitmap(qemuDomainJobPrivate *jobPriv,
315 xmlXPathContextPtr ctxt)
316 {
317 g_autoslist(qemuDomainJobPrivateMigrateTempBitmap) bitmaps = NULL;
318 g_autofree xmlNodePtr *nodes = NULL;
319 size_t i;
320 int n;
321
322 if ((n = virXPathNodeSet("./tempBlockDirtyBitmaps/bitmap", ctxt, &nodes)) < 0)
323 return -1;
324
325 if (n == 0)
326 return 0;
327
328 for (i = 0; i < n; i++) {
329 qemuDomainJobPrivateMigrateTempBitmap *bmp;
330
331 bmp = g_new0(qemuDomainJobPrivateMigrateTempBitmap, 1);
332 bmp->nodename = virXMLPropString(nodes[i], "nodename");
333 bmp->bitmapname = virXMLPropString(nodes[i], "name");
334
335 bitmaps = g_slist_prepend(bitmaps, bmp);
336
337 if (!bmp->bitmapname || !bmp->nodename) {
338 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
339 _("malformed <tempBlockDirtyBitmaps> in status XML"));
340 return -1;
341 }
342
343 }
344
345 jobPriv->migTempBitmaps = g_slist_reverse(g_steal_pointer(&bitmaps));
346 return 0;
347 }
348
349
350 static int
qemuDomainParseJobPrivate(xmlXPathContextPtr ctxt,qemuDomainJobObj * job,virDomainObj * vm)351 qemuDomainParseJobPrivate(xmlXPathContextPtr ctxt,
352 qemuDomainJobObj *job,
353 virDomainObj *vm)
354 {
355 qemuDomainJobPrivate *priv = job->privateData;
356
357 if (qemuDomainObjPrivateXMLParseJobNBD(vm, ctxt) < 0)
358 return -1;
359
360 if (qemuDomainObjPrivateXMLParseMigrateTempBitmap(priv, ctxt) < 0)
361 return -1;
362
363 if (qemuMigrationParamsParse(ctxt, &priv->migParams) < 0)
364 return -1;
365
366 return 0;
367 }
368
369
370 static qemuDomainObjPrivateJobCallbacks qemuPrivateJobCallbacks = {
371 .allocJobPrivate = qemuJobAllocPrivate,
372 .freeJobPrivate = qemuJobFreePrivate,
373 .resetJobPrivate = qemuJobResetPrivate,
374 .formatJob = qemuDomainFormatJobPrivate,
375 .parseJob = qemuDomainParseJobPrivate,
376 };
377
378 /**
379 * qemuDomainObjFromDomain:
380 * @domain: Domain pointer that has to be looked up
381 *
382 * This function looks up @domain and returns the appropriate virDomainObj *
383 * that has to be released by calling virDomainObjEndAPI().
384 *
385 * Returns the domain object with incremented reference counter which is locked
386 * on success, NULL otherwise.
387 */
388 virDomainObj *
qemuDomainObjFromDomain(virDomainPtr domain)389 qemuDomainObjFromDomain(virDomainPtr domain)
390 {
391 virDomainObj *vm;
392 virQEMUDriver *driver = domain->conn->privateData;
393 char uuidstr[VIR_UUID_STRING_BUFLEN];
394
395 vm = virDomainObjListFindByUUID(driver->domains, domain->uuid);
396 if (!vm) {
397 virUUIDFormat(domain->uuid, uuidstr);
398 virReportError(VIR_ERR_NO_DOMAIN,
399 _("no domain with matching uuid '%s' (%s)"),
400 uuidstr, domain->name);
401 return NULL;
402 }
403
404 return vm;
405 }
406
407
408 struct _qemuDomainLogContext {
409 GObject parent;
410
411 int writefd;
412 int readfd; /* Only used if manager == NULL */
413 off_t pos;
414 ino_t inode; /* Only used if manager != NULL */
415 char *path;
416 virLogManager *manager;
417 };
418
419 G_DEFINE_TYPE(qemuDomainLogContext, qemu_domain_log_context, G_TYPE_OBJECT);
420 static virClass *qemuDomainSaveCookieClass;
421
422 static void qemuDomainLogContextFinalize(GObject *obj);
423 static void qemuDomainSaveCookieDispose(void *obj);
424
425
426 static int
qemuDomainOnceInit(void)427 qemuDomainOnceInit(void)
428 {
429 if (!VIR_CLASS_NEW(qemuDomainSaveCookie, virClassForObject()))
430 return -1;
431
432 return 0;
433 }
434
qemu_domain_log_context_init(qemuDomainLogContext * logctxt G_GNUC_UNUSED)435 static void qemu_domain_log_context_init(qemuDomainLogContext *logctxt G_GNUC_UNUSED)
436 {
437 }
438
qemu_domain_log_context_class_init(qemuDomainLogContextClass * klass)439 static void qemu_domain_log_context_class_init(qemuDomainLogContextClass *klass)
440 {
441 GObjectClass *obj = G_OBJECT_CLASS(klass);
442
443 obj->finalize = qemuDomainLogContextFinalize;
444 }
445
446 VIR_ONCE_GLOBAL_INIT(qemuDomain);
447
448 static void
qemuDomainLogContextFinalize(GObject * object)449 qemuDomainLogContextFinalize(GObject *object)
450 {
451 qemuDomainLogContext *ctxt = QEMU_DOMAIN_LOG_CONTEXT(object);
452 VIR_DEBUG("ctxt=%p", ctxt);
453
454 virLogManagerFree(ctxt->manager);
455 VIR_FREE(ctxt->path);
456 VIR_FORCE_CLOSE(ctxt->writefd);
457 VIR_FORCE_CLOSE(ctxt->readfd);
458 G_OBJECT_CLASS(qemu_domain_log_context_parent_class)->finalize(object);
459 }
460
461 /* qemuDomainGetMasterKeyFilePath:
462 * @libDir: Directory path to domain lib files
463 *
464 * Generate a path to the domain master key file for libDir.
465 * It's up to the caller to handle checking if path exists.
466 *
467 * Returns path to memory containing the name of the file. It is up to the
468 * caller to free; otherwise, NULL on failure.
469 */
470 char *
qemuDomainGetMasterKeyFilePath(const char * libDir)471 qemuDomainGetMasterKeyFilePath(const char *libDir)
472 {
473 if (!libDir) {
474 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
475 _("invalid path for master key file"));
476 return NULL;
477 }
478 return virFileBuildPath(libDir, "master-key.aes", NULL);
479 }
480
481
482 /* qemuDomainWriteMasterKeyFile:
483 * @driver: qemu driver data
484 * @vm: Pointer to the vm object
485 *
486 * Get the desired path to the masterKey file and store it in the path.
487 *
488 * Returns 0 on success, -1 on failure with error message indicating failure
489 */
490 int
qemuDomainWriteMasterKeyFile(virQEMUDriver * driver,virDomainObj * vm)491 qemuDomainWriteMasterKeyFile(virQEMUDriver *driver,
492 virDomainObj *vm)
493 {
494 g_autofree char *path = NULL;
495 VIR_AUTOCLOSE fd = -1;
496 qemuDomainObjPrivate *priv = vm->privateData;
497
498 /* Only gets filled in if we have the capability */
499 if (!priv->masterKey)
500 return 0;
501
502 if (!(path = qemuDomainGetMasterKeyFilePath(priv->libDir)))
503 return -1;
504
505 if ((fd = open(path, O_WRONLY|O_TRUNC|O_CREAT, 0600)) < 0) {
506 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
507 _("failed to open domain master key file for write"));
508 return -1;
509 }
510
511 if (safewrite(fd, priv->masterKey, priv->masterKeyLen) < 0) {
512 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
513 _("failed to write master key file for domain"));
514 return -1;
515 }
516
517 if (qemuSecurityDomainSetPathLabel(driver, vm, path, false) < 0)
518 return -1;
519
520 return 0;
521 }
522
523
524 static void
qemuDomainMasterKeyFree(qemuDomainObjPrivate * priv)525 qemuDomainMasterKeyFree(qemuDomainObjPrivate *priv)
526 {
527 if (!priv->masterKey)
528 return;
529
530 virSecureErase(priv->masterKey, priv->masterKeyLen);
531 g_clear_pointer(&priv->masterKey, g_free);
532 }
533
534 /* qemuDomainMasterKeyReadFile:
535 * @priv: pointer to domain private object
536 *
537 * Expected to be called during qemuProcessReconnect once the domain
538 * libDir has been generated through qemuStateInitialize calling
539 * virDomainObjListLoadAllConfigs which will restore the libDir path
540 * to the domain private object.
541 *
542 * This function will get the path to the master key file and if it
543 * exists, it will read the contents of the file saving it in priv->masterKey.
544 *
545 * Once the file exists, the validity checks may cause failures; however,
546 * if the file doesn't exist or the capability doesn't exist, we just
547 * return (mostly) quietly.
548 *
549 * Returns 0 on success or lack of capability
550 * -1 on failure with error message indicating failure
551 */
552 int
qemuDomainMasterKeyReadFile(qemuDomainObjPrivate * priv)553 qemuDomainMasterKeyReadFile(qemuDomainObjPrivate *priv)
554 {
555 g_autofree char *path = NULL;
556 int fd = -1;
557 uint8_t *masterKey = NULL;
558 ssize_t masterKeyLen = 0;
559
560 if (!(path = qemuDomainGetMasterKeyFilePath(priv->libDir)))
561 return -1;
562
563 if (!virFileExists(path)) {
564 virReportError(VIR_ERR_INTERNAL_ERROR,
565 _("domain master key file doesn't exist in %s"),
566 priv->libDir);
567 goto error;
568 }
569
570 if ((fd = open(path, O_RDONLY)) < 0) {
571 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
572 _("failed to open domain master key file for read"));
573 goto error;
574 }
575
576 masterKey = g_new0(uint8_t, 1024);
577
578 if ((masterKeyLen = saferead(fd, masterKey, 1024)) < 0) {
579 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
580 _("unable to read domain master key file"));
581 goto error;
582 }
583
584 if (masterKeyLen != QEMU_DOMAIN_MASTER_KEY_LEN) {
585 virReportError(VIR_ERR_INTERNAL_ERROR,
586 _("invalid master key read, size=%zd"), masterKeyLen);
587 goto error;
588 }
589
590 masterKey = g_renew(uint8_t, masterKey, masterKeyLen);
591
592 priv->masterKey = masterKey;
593 priv->masterKeyLen = masterKeyLen;
594
595 VIR_FORCE_CLOSE(fd);
596
597 return 0;
598
599 error:
600 if (masterKeyLen > 0)
601 memset(masterKey, 0, masterKeyLen);
602 VIR_FREE(masterKey);
603
604 VIR_FORCE_CLOSE(fd);
605
606 return -1;
607 }
608
609
610 /* qemuDomainMasterKeyRemove:
611 * @priv: Pointer to the domain private object
612 *
613 * Remove the traces of the master key, clear the heap, clear the file,
614 * delete the file.
615 */
616 void
qemuDomainMasterKeyRemove(qemuDomainObjPrivate * priv)617 qemuDomainMasterKeyRemove(qemuDomainObjPrivate *priv)
618 {
619 g_autofree char *path = NULL;
620
621 if (!priv->masterKey)
622 return;
623
624 /* Clear the contents */
625 qemuDomainMasterKeyFree(priv);
626
627 /* Delete the master key file */
628 path = qemuDomainGetMasterKeyFilePath(priv->libDir);
629 unlink(path);
630 }
631
632
633 /* qemuDomainMasterKeyCreate:
634 * @vm: Pointer to the domain object
635 *
636 * As long as the underlying qemu has the secret capability,
637 * generate and store 'raw' in a file a random 32-byte key to
638 * be used as a secret shared with qemu to share sensitive data.
639 *
640 * Returns: 0 on success, -1 w/ error message on failure
641 */
642 int
qemuDomainMasterKeyCreate(virDomainObj * vm)643 qemuDomainMasterKeyCreate(virDomainObj *vm)
644 {
645 qemuDomainObjPrivate *priv = vm->privateData;
646 g_autofree uint8_t *key = NULL;
647
648 key = g_new0(uint8_t, QEMU_DOMAIN_MASTER_KEY_LEN);
649
650 if (virRandomBytes(key, QEMU_DOMAIN_MASTER_KEY_LEN) < 0)
651 return -1;
652
653 priv->masterKey = g_steal_pointer(&key);
654 priv->masterKeyLen = QEMU_DOMAIN_MASTER_KEY_LEN;
655
656 return 0;
657 }
658
659
660 static void
qemuDomainSecretInfoClear(qemuDomainSecretInfo * secinfo,bool keepAlias)661 qemuDomainSecretInfoClear(qemuDomainSecretInfo *secinfo,
662 bool keepAlias)
663 {
664 if (!secinfo)
665 return;
666
667 if (!keepAlias)
668 VIR_FREE(secinfo->alias);
669
670 VIR_FREE(secinfo->username);
671 VIR_FREE(secinfo->iv);
672 VIR_FREE(secinfo->ciphertext);
673 }
674
675
676 void
qemuDomainSecretInfoFree(qemuDomainSecretInfo * secinfo)677 qemuDomainSecretInfoFree(qemuDomainSecretInfo *secinfo)
678 {
679 qemuDomainSecretInfoClear(secinfo, false);
680 g_free(secinfo);
681 }
682
683
684 /**
685 * qemuDomainSecretInfoDestroy:
686 * @secinfo: object to destroy
687 *
688 * Removes any data unnecessary for further use, but keeps alias allocated.
689 */
690 void
qemuDomainSecretInfoDestroy(qemuDomainSecretInfo * secinfo)691 qemuDomainSecretInfoDestroy(qemuDomainSecretInfo *secinfo)
692 {
693 qemuDomainSecretInfoClear(secinfo, true);
694 }
695
696
697 static virClass *qemuDomainDiskPrivateClass;
698 static void qemuDomainDiskPrivateDispose(void *obj);
699
700 static int
qemuDomainDiskPrivateOnceInit(void)701 qemuDomainDiskPrivateOnceInit(void)
702 {
703 if (!VIR_CLASS_NEW(qemuDomainDiskPrivate, virClassForObject()))
704 return -1;
705
706 return 0;
707 }
708
709 VIR_ONCE_GLOBAL_INIT(qemuDomainDiskPrivate);
710
711 static virObject *
qemuDomainDiskPrivateNew(void)712 qemuDomainDiskPrivateNew(void)
713 {
714 qemuDomainDiskPrivate *priv;
715
716 if (qemuDomainDiskPrivateInitialize() < 0)
717 return NULL;
718
719 if (!(priv = virObjectNew(qemuDomainDiskPrivateClass)))
720 return NULL;
721
722 return (virObject *) priv;
723 }
724
725 static void
qemuDomainDiskPrivateDispose(void * obj)726 qemuDomainDiskPrivateDispose(void *obj)
727 {
728 qemuDomainDiskPrivate *priv = obj;
729
730 virObjectUnref(priv->migrSource);
731 g_free(priv->qomName);
732 g_free(priv->nodeCopyOnRead);
733 virObjectUnref(priv->blockjob);
734 }
735
736 static virClass *qemuDomainStorageSourcePrivateClass;
737 static void qemuDomainStorageSourcePrivateDispose(void *obj);
738
739 static int
qemuDomainStorageSourcePrivateOnceInit(void)740 qemuDomainStorageSourcePrivateOnceInit(void)
741 {
742 if (!VIR_CLASS_NEW(qemuDomainStorageSourcePrivate, virClassForObject()))
743 return -1;
744
745 return 0;
746 }
747
748 VIR_ONCE_GLOBAL_INIT(qemuDomainStorageSourcePrivate);
749
750 virObject *
qemuDomainStorageSourcePrivateNew(void)751 qemuDomainStorageSourcePrivateNew(void)
752 {
753 qemuDomainStorageSourcePrivate *priv;
754
755 if (qemuDomainStorageSourcePrivateInitialize() < 0)
756 return NULL;
757
758 if (!(priv = virObjectNew(qemuDomainStorageSourcePrivateClass)))
759 return NULL;
760
761 return (virObject *) priv;
762 }
763
764
765 static void
qemuDomainStorageSourcePrivateDispose(void * obj)766 qemuDomainStorageSourcePrivateDispose(void *obj)
767 {
768 qemuDomainStorageSourcePrivate *priv = obj;
769
770 g_clear_pointer(&priv->secinfo, qemuDomainSecretInfoFree);
771 g_clear_pointer(&priv->encinfo, qemuDomainSecretInfoFree);
772 g_clear_pointer(&priv->httpcookie, qemuDomainSecretInfoFree);
773 g_clear_pointer(&priv->tlsKeySecret, qemuDomainSecretInfoFree);
774 }
775
776
777 qemuDomainStorageSourcePrivate *
qemuDomainStorageSourcePrivateFetch(virStorageSource * src)778 qemuDomainStorageSourcePrivateFetch(virStorageSource *src)
779 {
780 if (!src->privateData)
781 src->privateData = qemuDomainStorageSourcePrivateNew();
782
783 return QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src);
784 }
785
786
787 static virClass *qemuDomainVcpuPrivateClass;
788 static void qemuDomainVcpuPrivateDispose(void *obj);
789
790 static int
qemuDomainVcpuPrivateOnceInit(void)791 qemuDomainVcpuPrivateOnceInit(void)
792 {
793 if (!VIR_CLASS_NEW(qemuDomainVcpuPrivate, virClassForObject()))
794 return -1;
795
796 return 0;
797 }
798
799 VIR_ONCE_GLOBAL_INIT(qemuDomainVcpuPrivate);
800
801 static virObject *
qemuDomainVcpuPrivateNew(void)802 qemuDomainVcpuPrivateNew(void)
803 {
804 qemuDomainVcpuPrivate *priv;
805
806 if (qemuDomainVcpuPrivateInitialize() < 0)
807 return NULL;
808
809 if (!(priv = virObjectNew(qemuDomainVcpuPrivateClass)))
810 return NULL;
811
812 return (virObject *) priv;
813 }
814
815
816 static void
qemuDomainVcpuPrivateDispose(void * obj)817 qemuDomainVcpuPrivateDispose(void *obj)
818 {
819 qemuDomainVcpuPrivate *priv = obj;
820
821 g_free(priv->type);
822 g_free(priv->alias);
823 virJSONValueFree(priv->props);
824 return;
825 }
826
827
828 static virClass *qemuDomainChrSourcePrivateClass;
829 static void qemuDomainChrSourcePrivateDispose(void *obj);
830
831 static int
qemuDomainChrSourcePrivateOnceInit(void)832 qemuDomainChrSourcePrivateOnceInit(void)
833 {
834 if (!VIR_CLASS_NEW(qemuDomainChrSourcePrivate, virClassForObject()))
835 return -1;
836
837 return 0;
838 }
839
840 VIR_ONCE_GLOBAL_INIT(qemuDomainChrSourcePrivate);
841
842 static virObject *
qemuDomainChrSourcePrivateNew(void)843 qemuDomainChrSourcePrivateNew(void)
844 {
845 qemuDomainChrSourcePrivate *priv;
846
847 if (qemuDomainChrSourcePrivateInitialize() < 0)
848 return NULL;
849
850 if (!(priv = virObjectNew(qemuDomainChrSourcePrivateClass)))
851 return NULL;
852
853 return (virObject *) priv;
854 }
855
856
857 static void
qemuDomainChrSourcePrivateDispose(void * obj)858 qemuDomainChrSourcePrivateDispose(void *obj)
859 {
860 qemuDomainChrSourcePrivate *priv = obj;
861
862 g_clear_pointer(&priv->secinfo, qemuDomainSecretInfoFree);
863 }
864
865
866 static virClass *qemuDomainVsockPrivateClass;
867 static void qemuDomainVsockPrivateDispose(void *obj);
868
869 static int
qemuDomainVsockPrivateOnceInit(void)870 qemuDomainVsockPrivateOnceInit(void)
871 {
872 if (!VIR_CLASS_NEW(qemuDomainVsockPrivate, virClassForObject()))
873 return -1;
874
875 return 0;
876 }
877
878 VIR_ONCE_GLOBAL_INIT(qemuDomainVsockPrivate);
879
880 static virObject *
qemuDomainVsockPrivateNew(void)881 qemuDomainVsockPrivateNew(void)
882 {
883 qemuDomainVsockPrivate *priv;
884
885 if (qemuDomainVsockPrivateInitialize() < 0)
886 return NULL;
887
888 if (!(priv = virObjectNew(qemuDomainVsockPrivateClass)))
889 return NULL;
890
891 priv->vhostfd = -1;
892
893 return (virObject *) priv;
894 }
895
896
897 static void
qemuDomainVsockPrivateDispose(void * obj G_GNUC_UNUSED)898 qemuDomainVsockPrivateDispose(void *obj G_GNUC_UNUSED)
899 {
900 qemuDomainVsockPrivate *priv = obj;
901
902 VIR_FORCE_CLOSE(priv->vhostfd);
903 }
904
905
906 static virClass *qemuDomainGraphicsPrivateClass;
907 static void qemuDomainGraphicsPrivateDispose(void *obj);
908
909 static int
qemuDomainGraphicsPrivateOnceInit(void)910 qemuDomainGraphicsPrivateOnceInit(void)
911 {
912 if (!VIR_CLASS_NEW(qemuDomainGraphicsPrivate, virClassForObject()))
913 return -1;
914
915 return 0;
916 }
917
918 VIR_ONCE_GLOBAL_INIT(qemuDomainGraphicsPrivate);
919
920 static virObject *
qemuDomainGraphicsPrivateNew(void)921 qemuDomainGraphicsPrivateNew(void)
922 {
923 qemuDomainGraphicsPrivate *priv;
924
925 if (qemuDomainGraphicsPrivateInitialize() < 0)
926 return NULL;
927
928 if (!(priv = virObjectNew(qemuDomainGraphicsPrivateClass)))
929 return NULL;
930
931 return (virObject *) priv;
932 }
933
934
935 static void
qemuDomainGraphicsPrivateDispose(void * obj)936 qemuDomainGraphicsPrivateDispose(void *obj)
937 {
938 qemuDomainGraphicsPrivate *priv = obj;
939
940 g_free(priv->tlsAlias);
941 g_clear_pointer(&priv->secinfo, qemuDomainSecretInfoFree);
942 }
943
944
945 static virClass *qemuDomainNetworkPrivateClass;
946 static void qemuDomainNetworkPrivateDispose(void *obj);
947
948
949 static int
qemuDomainNetworkPrivateOnceInit(void)950 qemuDomainNetworkPrivateOnceInit(void)
951 {
952 if (!VIR_CLASS_NEW(qemuDomainNetworkPrivate, virClassForObject()))
953 return -1;
954
955 return 0;
956 }
957
958
959 VIR_ONCE_GLOBAL_INIT(qemuDomainNetworkPrivate);
960
961
962 static virObject *
qemuDomainNetworkPrivateNew(void)963 qemuDomainNetworkPrivateNew(void)
964 {
965 qemuDomainNetworkPrivate *priv;
966
967 if (qemuDomainNetworkPrivateInitialize() < 0)
968 return NULL;
969
970 if (!(priv = virObjectNew(qemuDomainNetworkPrivateClass)))
971 return NULL;
972
973 return (virObject *) priv;
974 }
975
976
977 static void
qemuDomainNetworkPrivateDispose(void * obj G_GNUC_UNUSED)978 qemuDomainNetworkPrivateDispose(void *obj G_GNUC_UNUSED)
979 {
980 qemuDomainNetworkPrivate *priv = obj;
981
982 qemuSlirpFree(priv->slirp);
983 }
984
985
986 static virClass *qemuDomainVideoPrivateClass;
987 static void qemuDomainVideoPrivateDispose(void *obj);
988
989
990 static int
qemuDomainVideoPrivateOnceInit(void)991 qemuDomainVideoPrivateOnceInit(void)
992 {
993 if (!VIR_CLASS_NEW(qemuDomainVideoPrivate, virClassForObject()))
994 return -1;
995
996 return 0;
997 }
998
999 VIR_ONCE_GLOBAL_INIT(qemuDomainVideoPrivate);
1000
1001
1002 static virObject *
qemuDomainVideoPrivateNew(void)1003 qemuDomainVideoPrivateNew(void)
1004 {
1005 qemuDomainVideoPrivate *priv;
1006
1007 if (qemuDomainVideoPrivateInitialize() < 0)
1008 return NULL;
1009
1010 if (!(priv = virObjectNew(qemuDomainVideoPrivateClass)))
1011 return NULL;
1012
1013 priv->vhost_user_fd = -1;
1014
1015 return (virObject *) priv;
1016 }
1017
1018
1019 static void
qemuDomainVideoPrivateDispose(void * obj)1020 qemuDomainVideoPrivateDispose(void *obj)
1021 {
1022 qemuDomainVideoPrivate *priv = obj;
1023
1024 VIR_FORCE_CLOSE(priv->vhost_user_fd);
1025 }
1026
1027
1028 /* qemuDomainSecretInfoSetup:
1029 * @priv: pointer to domain private object
1030 * @alias: alias of the secret
1031 * @username: username to use (may be NULL)
1032 * @secret: secret data
1033 * @secretlen: length of @secret
1034 *
1035 * Encrypts @secret for use with qemu.
1036 *
1037 * Returns qemuDomainSecretInfo *filled with the necessary information.
1038 */
1039 static qemuDomainSecretInfo *
qemuDomainSecretInfoSetup(qemuDomainObjPrivate * priv,const char * alias,const char * username,uint8_t * secret,size_t secretlen)1040 qemuDomainSecretInfoSetup(qemuDomainObjPrivate *priv,
1041 const char *alias,
1042 const char *username,
1043 uint8_t *secret,
1044 size_t secretlen)
1045 {
1046 g_autoptr(qemuDomainSecretInfo) secinfo = NULL;
1047 g_autofree uint8_t *raw_iv = NULL;
1048 size_t ivlen = QEMU_DOMAIN_AES_IV_LEN;
1049 g_autofree uint8_t *ciphertext = NULL;
1050 size_t ciphertextlen = 0;
1051
1052 secinfo = g_new0(qemuDomainSecretInfo, 1);
1053
1054 secinfo->alias = g_strdup(alias);
1055 secinfo->username = g_strdup(username);
1056
1057 raw_iv = g_new0(uint8_t, ivlen);
1058
1059 /* Create a random initialization vector */
1060 if (virRandomBytes(raw_iv, ivlen) < 0)
1061 return NULL;
1062
1063 /* Encode the IV and save that since qemu will need it */
1064 secinfo->iv = g_base64_encode(raw_iv, ivlen);
1065
1066 if (virCryptoEncryptData(VIR_CRYPTO_CIPHER_AES256CBC,
1067 priv->masterKey, QEMU_DOMAIN_MASTER_KEY_LEN,
1068 raw_iv, ivlen, secret, secretlen,
1069 &ciphertext, &ciphertextlen) < 0)
1070 return NULL;
1071
1072 /* Now encode the ciphertext and store to be passed to qemu */
1073 secinfo->ciphertext = g_base64_encode(ciphertext, ciphertextlen);
1074
1075 return g_steal_pointer(&secinfo);
1076 }
1077
1078
1079 /**
1080 * qemuDomainSecretInfoSetupFromSecret:
1081 * @priv: pointer to domain private object
1082 * @srcalias: Alias of the disk/hostdev used to generate the secret alias
1083 * @secretuse: specific usage for the secret (may be NULL if main object is using it)
1084 * @usageType: The virSecretUsageType
1085 * @username: username to use for authentication (may be NULL)
1086 * @seclookupdef: Pointer to seclookupdef data
1087 *
1088 * Looks up a secret in the secret driver based on @usageType and @seclookupdef
1089 * and builds qemuDomainSecretInfo *from it. @use describes the usage of the
1090 * secret in case if @srcalias requires more secrets for various usage cases.
1091 */
1092 static qemuDomainSecretInfo *
qemuDomainSecretInfoSetupFromSecret(qemuDomainObjPrivate * priv,const char * srcalias,const char * secretuse,virSecretUsageType usageType,const char * username,virSecretLookupTypeDef * seclookupdef)1093 qemuDomainSecretInfoSetupFromSecret(qemuDomainObjPrivate *priv,
1094 const char *srcalias,
1095 const char *secretuse,
1096 virSecretUsageType usageType,
1097 const char *username,
1098 virSecretLookupTypeDef *seclookupdef)
1099 {
1100 qemuDomainSecretInfo *secinfo;
1101 g_autofree char *alias = qemuAliasForSecret(srcalias, secretuse);
1102 g_autofree uint8_t *secret = NULL;
1103 size_t secretlen = 0;
1104 VIR_IDENTITY_AUTORESTORE virIdentity *oldident = virIdentityElevateCurrent();
1105 g_autoptr(virConnect) conn = virGetConnectSecret();
1106
1107 if (!oldident)
1108 return NULL;
1109
1110 if (!conn)
1111 return NULL;
1112
1113 if (virSecretGetSecretString(conn, seclookupdef, usageType,
1114 &secret, &secretlen) < 0)
1115 return NULL;
1116
1117 secinfo = qemuDomainSecretInfoSetup(priv, alias, username, secret, secretlen);
1118
1119 virSecureErase(secret, secretlen);
1120
1121 return secinfo;
1122 }
1123
1124
1125 /**
1126 * qemuDomainSecretInfoTLSNew:
1127 * @priv: pointer to domain private object
1128 * @srcAlias: Alias base to use for TLS object
1129 * @secretUUID: Provide a secretUUID value to look up/create the secretInfo
1130 *
1131 * Using the passed @secretUUID, generate a seclookupdef that can be used
1132 * to generate the returned qemuDomainSecretInfo *for a TLS based secret.
1133 *
1134 * Returns qemuDomainSecretInfo *or NULL on error.
1135 */
1136 qemuDomainSecretInfo *
qemuDomainSecretInfoTLSNew(qemuDomainObjPrivate * priv,const char * srcAlias,const char * secretUUID)1137 qemuDomainSecretInfoTLSNew(qemuDomainObjPrivate *priv,
1138 const char *srcAlias,
1139 const char *secretUUID)
1140 {
1141 virSecretLookupTypeDef seclookupdef = {0};
1142
1143 if (virUUIDParse(secretUUID, seclookupdef.u.uuid) < 0) {
1144 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
1145 _("malformed TLS secret uuid '%s' provided"),
1146 secretUUID);
1147 return NULL;
1148 }
1149 seclookupdef.type = VIR_SECRET_LOOKUP_TYPE_UUID;
1150
1151 return qemuDomainSecretInfoSetupFromSecret(priv, srcAlias, NULL,
1152 VIR_SECRET_USAGE_TYPE_TLS,
1153 NULL, &seclookupdef);
1154 }
1155
1156
1157 void
qemuDomainSecretDiskDestroy(virDomainDiskDef * disk)1158 qemuDomainSecretDiskDestroy(virDomainDiskDef *disk)
1159 {
1160 qemuDomainStorageSourcePrivate *srcPriv;
1161 virStorageSource *n;
1162
1163 for (n = disk->src; virStorageSourceIsBacking(n); n = n->backingStore) {
1164 if ((srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(n))) {
1165 qemuDomainSecretInfoDestroy(srcPriv->secinfo);
1166 qemuDomainSecretInfoDestroy(srcPriv->encinfo);
1167 qemuDomainSecretInfoDestroy(srcPriv->tlsKeySecret);
1168 }
1169 }
1170 }
1171
1172
1173 bool
qemuDomainStorageSourceHasAuth(virStorageSource * src)1174 qemuDomainStorageSourceHasAuth(virStorageSource *src)
1175 {
1176 if (!virStorageSourceIsEmpty(src) &&
1177 virStorageSourceGetActualType(src) == VIR_STORAGE_TYPE_NETWORK &&
1178 src->auth &&
1179 (src->protocol == VIR_STORAGE_NET_PROTOCOL_ISCSI ||
1180 src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD))
1181 return true;
1182
1183 return false;
1184 }
1185
1186
1187 static bool
qemuDomainDiskHasEncryptionSecret(virStorageSource * src)1188 qemuDomainDiskHasEncryptionSecret(virStorageSource *src)
1189 {
1190 if (!virStorageSourceIsEmpty(src) && src->encryption &&
1191 (src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS ||
1192 src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2) &&
1193 src->encryption->nsecrets > 0)
1194 return true;
1195
1196 return false;
1197 }
1198
1199
1200 static qemuDomainSecretInfo *
qemuDomainSecretStorageSourcePrepareCookies(qemuDomainObjPrivate * priv,virStorageSource * src,const char * aliasprotocol)1201 qemuDomainSecretStorageSourcePrepareCookies(qemuDomainObjPrivate *priv,
1202 virStorageSource *src,
1203 const char *aliasprotocol)
1204 {
1205 g_autofree char *secretalias = qemuAliasForSecret(aliasprotocol, "httpcookie");
1206 g_autofree char *cookies = qemuBlockStorageSourceGetCookieString(src);
1207
1208 return qemuDomainSecretInfoSetup(priv, secretalias, NULL,
1209 (uint8_t *) cookies, strlen(cookies));
1210 }
1211
1212
1213 /**
1214 * qemuDomainSecretStorageSourcePrepare:
1215 * @priv: domain private object
1216 * @src: storage source struct to setup
1217 * @authalias: prefix of the alias for secret holding authentication data
1218 * @encalias: prefix of the alias for secret holding encryption password
1219 *
1220 * Prepares data necessary for encryption and authentication of @src. The two
1221 * alias prefixes are provided since in the backing chain authentication belongs
1222 * to the storage protocol data whereas encryption is relevant to the format
1223 * driver in qemu. The two will have different node names.
1224 *
1225 * Returns 0 on success; -1 on error while reporting an libvirt error.
1226 */
1227 static int
qemuDomainSecretStorageSourcePrepare(qemuDomainObjPrivate * priv,virStorageSource * src,const char * aliasprotocol,const char * aliasformat)1228 qemuDomainSecretStorageSourcePrepare(qemuDomainObjPrivate *priv,
1229 virStorageSource *src,
1230 const char *aliasprotocol,
1231 const char *aliasformat)
1232 {
1233 qemuDomainStorageSourcePrivate *srcPriv;
1234 bool hasAuth = qemuDomainStorageSourceHasAuth(src);
1235 bool hasEnc = qemuDomainDiskHasEncryptionSecret(src);
1236
1237 if (!hasAuth && !hasEnc && src->ncookies == 0)
1238 return 0;
1239
1240 if (!(src->privateData = qemuDomainStorageSourcePrivateNew()))
1241 return -1;
1242
1243 srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src);
1244
1245 if (hasAuth) {
1246 virSecretUsageType usageType = VIR_SECRET_USAGE_TYPE_ISCSI;
1247
1248 if (src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD)
1249 usageType = VIR_SECRET_USAGE_TYPE_CEPH;
1250
1251 if (!(srcPriv->secinfo = qemuDomainSecretInfoSetupFromSecret(priv, aliasprotocol,
1252 "auth",
1253 usageType,
1254 src->auth->username,
1255 &src->auth->seclookupdef)))
1256 return -1;
1257 }
1258
1259 if (hasEnc) {
1260 if (!(srcPriv->encinfo = qemuDomainSecretInfoSetupFromSecret(priv, aliasformat,
1261 "encryption",
1262 VIR_SECRET_USAGE_TYPE_VOLUME,
1263 NULL,
1264 &src->encryption->secrets[0]->seclookupdef)))
1265 return -1;
1266 }
1267
1268 if (src->ncookies &&
1269 virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV) &&
1270 !(srcPriv->httpcookie = qemuDomainSecretStorageSourcePrepareCookies(priv,
1271 src,
1272 aliasprotocol)))
1273 return -1;
1274
1275 return 0;
1276 }
1277
1278
1279 void
qemuDomainSecretHostdevDestroy(virDomainHostdevDef * hostdev)1280 qemuDomainSecretHostdevDestroy(virDomainHostdevDef *hostdev)
1281 {
1282 qemuDomainStorageSourcePrivate *srcPriv;
1283
1284 if (virHostdevIsSCSIDevice(hostdev)) {
1285 virDomainHostdevSubsysSCSI *scsisrc = &hostdev->source.subsys.u.scsi;
1286 virDomainHostdevSubsysSCSIiSCSI *iscsisrc = &scsisrc->u.iscsi;
1287
1288 if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI) {
1289 srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(iscsisrc->src);
1290 if (srcPriv)
1291 qemuDomainSecretInfoDestroy(srcPriv->secinfo);
1292 }
1293 }
1294 }
1295
1296
1297 void
qemuDomainSecretChardevDestroy(virDomainChrSourceDef * dev)1298 qemuDomainSecretChardevDestroy(virDomainChrSourceDef *dev)
1299 {
1300 qemuDomainChrSourcePrivate *chrSourcePriv =
1301 QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev);
1302
1303 if (!chrSourcePriv || !chrSourcePriv->secinfo)
1304 return;
1305
1306 g_clear_pointer(&chrSourcePriv->secinfo, qemuDomainSecretInfoFree);
1307 }
1308
1309
1310 /* qemuDomainSecretChardevPrepare:
1311 * @cfg: Pointer to driver config object
1312 * @priv: pointer to domain private object
1313 * @chrAlias: Alias of the chr device
1314 * @dev: Pointer to a char source definition
1315 *
1316 * For a TCP character device, generate a qemuDomainSecretInfo to be used
1317 * by the command line code to generate the secret for the tls-creds to use.
1318 *
1319 * Returns 0 on success, -1 on failure
1320 */
1321 int
qemuDomainSecretChardevPrepare(virQEMUDriverConfig * cfg,qemuDomainObjPrivate * priv,const char * chrAlias,virDomainChrSourceDef * dev)1322 qemuDomainSecretChardevPrepare(virQEMUDriverConfig *cfg,
1323 qemuDomainObjPrivate *priv,
1324 const char *chrAlias,
1325 virDomainChrSourceDef *dev)
1326 {
1327 g_autofree char *charAlias = NULL;
1328
1329 if (dev->type != VIR_DOMAIN_CHR_TYPE_TCP)
1330 return 0;
1331
1332 if (dev->data.tcp.haveTLS == VIR_TRISTATE_BOOL_YES &&
1333 cfg->chardevTLSx509secretUUID) {
1334 qemuDomainChrSourcePrivate *chrSourcePriv =
1335 QEMU_DOMAIN_CHR_SOURCE_PRIVATE(dev);
1336
1337 if (!(charAlias = qemuAliasChardevFromDevAlias(chrAlias)))
1338 return -1;
1339
1340 chrSourcePriv->secinfo =
1341 qemuDomainSecretInfoTLSNew(priv, charAlias,
1342 cfg->chardevTLSx509secretUUID);
1343
1344 if (!chrSourcePriv->secinfo)
1345 return -1;
1346 }
1347
1348 return 0;
1349 }
1350
1351
1352 static void
qemuDomainSecretGraphicsDestroy(virDomainGraphicsDef * graphics)1353 qemuDomainSecretGraphicsDestroy(virDomainGraphicsDef *graphics)
1354 {
1355 qemuDomainGraphicsPrivate *gfxPriv = QEMU_DOMAIN_GRAPHICS_PRIVATE(graphics);
1356
1357 if (!gfxPriv)
1358 return;
1359
1360 VIR_FREE(gfxPriv->tlsAlias);
1361 g_clear_pointer(&gfxPriv->secinfo, qemuDomainSecretInfoFree);
1362 }
1363
1364
1365 static int
qemuDomainSecretGraphicsPrepare(virQEMUDriverConfig * cfg,qemuDomainObjPrivate * priv,virDomainGraphicsDef * graphics)1366 qemuDomainSecretGraphicsPrepare(virQEMUDriverConfig *cfg,
1367 qemuDomainObjPrivate *priv,
1368 virDomainGraphicsDef *graphics)
1369 {
1370 qemuDomainGraphicsPrivate *gfxPriv = QEMU_DOMAIN_GRAPHICS_PRIVATE(graphics);
1371
1372 if (graphics->type != VIR_DOMAIN_GRAPHICS_TYPE_VNC)
1373 return 0;
1374
1375 if (!cfg->vncTLS)
1376 return 0;
1377
1378 gfxPriv->tlsAlias = g_strdup("vnc-tls-creds0");
1379
1380 if (cfg->vncTLSx509secretUUID) {
1381 gfxPriv->secinfo = qemuDomainSecretInfoTLSNew(priv, gfxPriv->tlsAlias,
1382 cfg->vncTLSx509secretUUID);
1383 if (!gfxPriv->secinfo)
1384 return -1;
1385 }
1386
1387 return 0;
1388 }
1389
1390
1391 /* qemuDomainSecretDestroy:
1392 * @vm: Domain object
1393 *
1394 * Removes all unnecessary data which was needed to generate 'secret' objects.
1395 */
1396 void
qemuDomainSecretDestroy(virDomainObj * vm)1397 qemuDomainSecretDestroy(virDomainObj *vm)
1398 {
1399 size_t i;
1400
1401 for (i = 0; i < vm->def->ndisks; i++)
1402 qemuDomainSecretDiskDestroy(vm->def->disks[i]);
1403
1404 for (i = 0; i < vm->def->nhostdevs; i++)
1405 qemuDomainSecretHostdevDestroy(vm->def->hostdevs[i]);
1406
1407 for (i = 0; i < vm->def->nserials; i++)
1408 qemuDomainSecretChardevDestroy(vm->def->serials[i]->source);
1409
1410 for (i = 0; i < vm->def->nparallels; i++)
1411 qemuDomainSecretChardevDestroy(vm->def->parallels[i]->source);
1412
1413 for (i = 0; i < vm->def->nchannels; i++)
1414 qemuDomainSecretChardevDestroy(vm->def->channels[i]->source);
1415
1416 for (i = 0; i < vm->def->nconsoles; i++)
1417 qemuDomainSecretChardevDestroy(vm->def->consoles[i]->source);
1418
1419 for (i = 0; i < vm->def->nsmartcards; i++) {
1420 if (vm->def->smartcards[i]->type ==
1421 VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH)
1422 qemuDomainSecretChardevDestroy(vm->def->smartcards[i]->data.passthru);
1423 }
1424
1425 for (i = 0; i < vm->def->nrngs; i++) {
1426 if (vm->def->rngs[i]->backend == VIR_DOMAIN_RNG_BACKEND_EGD)
1427 qemuDomainSecretChardevDestroy(vm->def->rngs[i]->source.chardev);
1428 }
1429
1430 for (i = 0; i < vm->def->nredirdevs; i++)
1431 qemuDomainSecretChardevDestroy(vm->def->redirdevs[i]->source);
1432
1433 for (i = 0; i < vm->def->ngraphics; i++)
1434 qemuDomainSecretGraphicsDestroy(vm->def->graphics[i]);
1435 }
1436
1437
1438 /* qemuDomainSecretPrepare:
1439 * @driver: Pointer to driver object
1440 * @vm: Domain object
1441 *
1442 * For any objects that may require an auth/secret setup, create a
1443 * qemuDomainSecretInfo and save it in the appropriate place within
1444 * the private structures. This will be used by command line build
1445 * code in order to pass the secret along to qemu in order to provide
1446 * the necessary authentication data.
1447 *
1448 * Returns 0 on success, -1 on failure with error message set
1449 */
1450 int
qemuDomainSecretPrepare(virQEMUDriver * driver,virDomainObj * vm)1451 qemuDomainSecretPrepare(virQEMUDriver *driver,
1452 virDomainObj *vm)
1453 {
1454 qemuDomainObjPrivate *priv = vm->privateData;
1455 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
1456 size_t i;
1457
1458 /* disk and hostdev secrets are prepared when preparing internal data */
1459
1460 for (i = 0; i < vm->def->nserials; i++) {
1461 if (qemuDomainSecretChardevPrepare(cfg, priv,
1462 vm->def->serials[i]->info.alias,
1463 vm->def->serials[i]->source) < 0)
1464 return -1;
1465 }
1466
1467 for (i = 0; i < vm->def->nparallels; i++) {
1468 if (qemuDomainSecretChardevPrepare(cfg, priv,
1469 vm->def->parallels[i]->info.alias,
1470 vm->def->parallels[i]->source) < 0)
1471 return -1;
1472 }
1473
1474 for (i = 0; i < vm->def->nchannels; i++) {
1475 if (qemuDomainSecretChardevPrepare(cfg, priv,
1476 vm->def->channels[i]->info.alias,
1477 vm->def->channels[i]->source) < 0)
1478 return -1;
1479 }
1480
1481 for (i = 0; i < vm->def->nconsoles; i++) {
1482 if (qemuDomainSecretChardevPrepare(cfg, priv,
1483 vm->def->consoles[i]->info.alias,
1484 vm->def->consoles[i]->source) < 0)
1485 return -1;
1486 }
1487
1488 for (i = 0; i < vm->def->nsmartcards; i++)
1489 if (vm->def->smartcards[i]->type ==
1490 VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH &&
1491 qemuDomainSecretChardevPrepare(cfg, priv,
1492 vm->def->smartcards[i]->info.alias,
1493 vm->def->smartcards[i]->data.passthru) < 0)
1494 return -1;
1495
1496 for (i = 0; i < vm->def->nrngs; i++) {
1497 if (vm->def->rngs[i]->backend == VIR_DOMAIN_RNG_BACKEND_EGD &&
1498 qemuDomainSecretChardevPrepare(cfg, priv,
1499 vm->def->rngs[i]->info.alias,
1500 vm->def->rngs[i]->source.chardev) < 0)
1501 return -1;
1502 }
1503
1504 for (i = 0; i < vm->def->nredirdevs; i++) {
1505 if (qemuDomainSecretChardevPrepare(cfg, priv,
1506 vm->def->redirdevs[i]->info.alias,
1507 vm->def->redirdevs[i]->source) < 0)
1508 return -1;
1509 }
1510
1511 for (i = 0; i < vm->def->ngraphics; i++) {
1512 if (qemuDomainSecretGraphicsPrepare(cfg, priv, vm->def->graphics[i]) < 0)
1513 return -1;
1514 }
1515
1516 return 0;
1517 }
1518
1519
1520 /* This is the old way of setting up per-domain directories */
1521 static void
qemuDomainSetPrivatePathsOld(virQEMUDriver * driver,virDomainObj * vm)1522 qemuDomainSetPrivatePathsOld(virQEMUDriver *driver,
1523 virDomainObj *vm)
1524 {
1525 qemuDomainObjPrivate *priv = vm->privateData;
1526 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
1527
1528 if (!priv->libDir)
1529 priv->libDir = g_strdup_printf("%s/domain-%s", cfg->libDir, vm->def->name);
1530
1531 if (!priv->channelTargetDir)
1532 priv->channelTargetDir = g_strdup_printf("%s/domain-%s",
1533 cfg->channelTargetDir, vm->def->name);
1534 }
1535
1536
1537 int
qemuDomainSetPrivatePaths(virQEMUDriver * driver,virDomainObj * vm)1538 qemuDomainSetPrivatePaths(virQEMUDriver *driver,
1539 virDomainObj *vm)
1540 {
1541 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
1542 qemuDomainObjPrivate *priv = vm->privateData;
1543 g_autofree char *domname = virDomainDefGetShortName(vm->def);
1544
1545 if (!domname)
1546 return -1;
1547
1548 if (!priv->libDir)
1549 priv->libDir = g_strdup_printf("%s/domain-%s", cfg->libDir, domname);
1550
1551 if (!priv->channelTargetDir)
1552 priv->channelTargetDir = g_strdup_printf("%s/domain-%s",
1553 cfg->channelTargetDir, domname);
1554
1555 return 0;
1556 }
1557
1558
1559 int
qemuDomainObjStartWorker(virDomainObj * dom)1560 qemuDomainObjStartWorker(virDomainObj *dom)
1561 {
1562 qemuDomainObjPrivate *priv = dom->privateData;
1563
1564 if (!priv->eventThread) {
1565 g_autofree char *threadName = g_strdup_printf("vm-%s", dom->def->name);
1566 if (!(priv->eventThread = virEventThreadNew(threadName)))
1567 return -1;
1568 }
1569
1570 return 0;
1571 }
1572
1573
1574 void
qemuDomainObjStopWorker(virDomainObj * dom)1575 qemuDomainObjStopWorker(virDomainObj *dom)
1576 {
1577 qemuDomainObjPrivate *priv = dom->privateData;
1578 virEventThread *eventThread;
1579
1580 if (!priv->eventThread)
1581 return;
1582
1583 /*
1584 * We are dropping the only reference here so that the event loop thread
1585 * is going to be exited synchronously. In order to avoid deadlocks we
1586 * need to unlock the VM so that any handler being called can finish
1587 * execution and thus even loop thread be finished too.
1588 */
1589 eventThread = g_steal_pointer(&priv->eventThread);
1590 virObjectUnlock(dom);
1591 g_object_unref(eventThread);
1592 virObjectLock(dom);
1593 }
1594
1595
1596 /**
1597 * qemuDomainObjPrivateDataClear:
1598 * @priv: domain private data
1599 *
1600 * Clears private data entries, which are not necessary or stale if the VM is
1601 * not running.
1602 */
1603 void
qemuDomainObjPrivateDataClear(qemuDomainObjPrivate * priv)1604 qemuDomainObjPrivateDataClear(qemuDomainObjPrivate *priv)
1605 {
1606 g_strfreev(priv->qemuDevices);
1607 priv->qemuDevices = NULL;
1608
1609 virCgroupFree(priv->cgroup);
1610 priv->cgroup = NULL;
1611
1612 virPerfFree(priv->perf);
1613 priv->perf = NULL;
1614
1615 VIR_FREE(priv->machineName);
1616
1617 virObjectUnref(priv->qemuCaps);
1618 priv->qemuCaps = NULL;
1619
1620 VIR_FREE(priv->pidfile);
1621
1622 VIR_FREE(priv->libDir);
1623 VIR_FREE(priv->channelTargetDir);
1624
1625 priv->memPrealloc = false;
1626
1627 /* remove automatic pinning data */
1628 virBitmapFree(priv->autoNodeset);
1629 priv->autoNodeset = NULL;
1630 virBitmapFree(priv->autoCpuset);
1631 priv->autoCpuset = NULL;
1632
1633 /* remove address data */
1634 virDomainPCIAddressSetFree(priv->pciaddrs);
1635 priv->pciaddrs = NULL;
1636 virDomainUSBAddressSetFree(priv->usbaddrs);
1637 priv->usbaddrs = NULL;
1638
1639 virCPUDefFree(priv->origCPU);
1640 priv->origCPU = NULL;
1641
1642 /* clear previously used namespaces */
1643 virBitmapFree(priv->namespaces);
1644 priv->namespaces = NULL;
1645
1646 priv->rememberOwner = false;
1647
1648 priv->reconnectBlockjobs = VIR_TRISTATE_BOOL_ABSENT;
1649 priv->allowReboot = VIR_TRISTATE_BOOL_ABSENT;
1650
1651 virBitmapFree(priv->migrationCaps);
1652 priv->migrationCaps = NULL;
1653
1654 virHashRemoveAll(priv->blockjobs);
1655
1656 virObjectUnref(priv->pflash0);
1657 priv->pflash0 = NULL;
1658 virObjectUnref(priv->pflash1);
1659 priv->pflash1 = NULL;
1660
1661 virDomainBackupDefFree(priv->backup);
1662 priv->backup = NULL;
1663
1664 /* reset node name allocator */
1665 qemuDomainStorageIdReset(priv);
1666
1667 priv->dbusDaemonRunning = false;
1668
1669 if (priv->dbusVMStateIds)
1670 g_slist_free_full(g_steal_pointer(&priv->dbusVMStateIds), g_free);
1671
1672 priv->dbusVMState = false;
1673 }
1674
1675
1676 static void
qemuDomainObjPrivateFree(void * data)1677 qemuDomainObjPrivateFree(void *data)
1678 {
1679 qemuDomainObjPrivate *priv = data;
1680
1681 qemuDomainObjPrivateDataClear(priv);
1682
1683 virObjectUnref(priv->monConfig);
1684 qemuDomainObjClearJob(&priv->job);
1685 g_free(priv->lockState);
1686 g_free(priv->origname);
1687
1688 virChrdevFree(priv->devs);
1689
1690 /* This should never be non-NULL if we get here, but just in case... */
1691 if (priv->mon) {
1692 VIR_ERROR(_("Unexpected QEMU monitor still active during domain deletion"));
1693 qemuMonitorClose(priv->mon);
1694 }
1695 if (priv->agent) {
1696 VIR_ERROR(_("Unexpected QEMU agent still active during domain deletion"));
1697 qemuAgentClose(priv->agent);
1698 }
1699 g_free(priv->cleanupCallbacks);
1700
1701 g_clear_pointer(&priv->migSecinfo, qemuDomainSecretInfoFree);
1702 qemuDomainMasterKeyFree(priv);
1703
1704 virHashFree(priv->blockjobs);
1705
1706 /* This should never be non-NULL if we get here, but just in case... */
1707 if (priv->eventThread) {
1708 VIR_ERROR(_("Unexpected event thread still active during domain deletion"));
1709 g_object_unref(priv->eventThread);
1710 }
1711
1712 g_free(priv);
1713 }
1714
1715 G_DEFINE_AUTOPTR_CLEANUP_FUNC(qemuDomainObjPrivate, qemuDomainObjPrivateFree);
1716
1717
1718 static void *
qemuDomainObjPrivateAlloc(void * opaque)1719 qemuDomainObjPrivateAlloc(void *opaque)
1720 {
1721 g_autoptr(qemuDomainObjPrivate) priv = g_new0(qemuDomainObjPrivate, 1);
1722
1723 if (qemuDomainObjInitJob(&priv->job, &qemuPrivateJobCallbacks) < 0) {
1724 virReportSystemError(errno, "%s",
1725 _("Unable to init qemu driver mutexes"));
1726 return NULL;
1727 }
1728
1729 if (!(priv->devs = virChrdevAlloc()))
1730 return NULL;
1731
1732 priv->blockjobs = virHashNew(virObjectFreeHashData);
1733
1734 /* agent commands block by default, user can choose different behavior */
1735 priv->agentTimeout = VIR_DOMAIN_AGENT_RESPONSE_TIMEOUT_BLOCK;
1736 priv->migMaxBandwidth = QEMU_DOMAIN_MIG_BANDWIDTH_MAX;
1737 priv->driver = opaque;
1738
1739 return g_steal_pointer(&priv);
1740 }
1741
1742
1743 static int
qemuStorageSourcePrivateDataAssignSecinfo(qemuDomainSecretInfo ** secinfo,char ** alias)1744 qemuStorageSourcePrivateDataAssignSecinfo(qemuDomainSecretInfo **secinfo,
1745 char **alias)
1746 {
1747 if (!*alias)
1748 return 0;
1749
1750 if (!*secinfo) {
1751 *secinfo = g_new0(qemuDomainSecretInfo, 1);
1752 }
1753
1754 (*secinfo)->alias = g_steal_pointer(&*alias);
1755
1756 return 0;
1757 }
1758
1759
1760 static int
qemuStorageSourcePrivateDataParse(xmlXPathContextPtr ctxt,virStorageSource * src)1761 qemuStorageSourcePrivateDataParse(xmlXPathContextPtr ctxt,
1762 virStorageSource *src)
1763 {
1764 qemuDomainStorageSourcePrivate *priv;
1765 g_autofree char *authalias = NULL;
1766 g_autofree char *encalias = NULL;
1767 g_autofree char *httpcookiealias = NULL;
1768 g_autofree char *tlskeyalias = NULL;
1769 g_autofree char *thresholdEventWithIndex = NULL;
1770
1771 src->nodestorage = virXPathString("string(./nodenames/nodename[@type='storage']/@name)", ctxt);
1772 src->nodeformat = virXPathString("string(./nodenames/nodename[@type='format']/@name)", ctxt);
1773 src->tlsAlias = virXPathString("string(./objects/TLSx509/@alias)", ctxt);
1774
1775 if (src->sliceStorage)
1776 src->sliceStorage->nodename = virXPathString("string(./nodenames/nodename[@type='slice-storage']/@name)", ctxt);
1777
1778 if (src->pr)
1779 src->pr->mgralias = virXPathString("string(./reservations/@mgralias)", ctxt);
1780
1781 authalias = virXPathString("string(./objects/secret[@type='auth']/@alias)", ctxt);
1782 encalias = virXPathString("string(./objects/secret[@type='encryption']/@alias)", ctxt);
1783 httpcookiealias = virXPathString("string(./objects/secret[@type='httpcookie']/@alias)", ctxt);
1784 tlskeyalias = virXPathString("string(./objects/secret[@type='tlskey']/@alias)", ctxt);
1785
1786 if (authalias || encalias || httpcookiealias || tlskeyalias) {
1787 if (!src->privateData &&
1788 !(src->privateData = qemuDomainStorageSourcePrivateNew()))
1789 return -1;
1790
1791 priv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src);
1792
1793 if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->secinfo, &authalias) < 0)
1794 return -1;
1795
1796 if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->encinfo, &encalias) < 0)
1797 return -1;
1798
1799 if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->httpcookie, &httpcookiealias) < 0)
1800 return -1;
1801
1802 if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->tlsKeySecret, &tlskeyalias) < 0)
1803 return -1;
1804 }
1805
1806 if (virStorageSourcePrivateDataParseRelPath(ctxt, src) < 0)
1807 return -1;
1808
1809 if ((thresholdEventWithIndex = virXPathString("string(./thresholdEvent/@indexUsed)", ctxt)) &&
1810 virTristateBoolTypeFromString(thresholdEventWithIndex) == VIR_TRISTATE_BOOL_YES)
1811 src->thresholdEventWithIndex = true;
1812
1813 return 0;
1814 }
1815
1816
1817 static void
qemuStorageSourcePrivateDataFormatSecinfo(virBuffer * buf,qemuDomainSecretInfo * secinfo,const char * type)1818 qemuStorageSourcePrivateDataFormatSecinfo(virBuffer *buf,
1819 qemuDomainSecretInfo *secinfo,
1820 const char *type)
1821 {
1822 if (!secinfo || !secinfo->alias)
1823 return;
1824
1825 virBufferAsprintf(buf, "<secret type='%s' alias='%s'/>\n",
1826 type, secinfo->alias);
1827 }
1828
1829
1830 static int
qemuStorageSourcePrivateDataFormat(virStorageSource * src,virBuffer * buf)1831 qemuStorageSourcePrivateDataFormat(virStorageSource *src,
1832 virBuffer *buf)
1833 {
1834 g_auto(virBuffer) tmp = VIR_BUFFER_INIT_CHILD(buf);
1835 qemuDomainStorageSourcePrivate *srcPriv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(src);
1836 g_auto(virBuffer) nodenamesChildBuf = VIR_BUFFER_INIT_CHILD(buf);
1837
1838 virBufferEscapeString(&nodenamesChildBuf, "<nodename type='storage' name='%s'/>\n", src->nodestorage);
1839 virBufferEscapeString(&nodenamesChildBuf, "<nodename type='format' name='%s'/>\n", src->nodeformat);
1840
1841 if (src->sliceStorage)
1842 virBufferEscapeString(&nodenamesChildBuf, "<nodename type='slice-storage' name='%s'/>\n",
1843 src->sliceStorage->nodename);
1844
1845 virXMLFormatElement(buf, "nodenames", NULL, &nodenamesChildBuf);
1846
1847 if (src->pr)
1848 virBufferAsprintf(buf, "<reservations mgralias='%s'/>\n", src->pr->mgralias);
1849
1850 if (virStorageSourcePrivateDataFormatRelPath(src, buf) < 0)
1851 return -1;
1852
1853 if (srcPriv) {
1854 qemuStorageSourcePrivateDataFormatSecinfo(&tmp, srcPriv->secinfo, "auth");
1855 qemuStorageSourcePrivateDataFormatSecinfo(&tmp, srcPriv->encinfo, "encryption");
1856 qemuStorageSourcePrivateDataFormatSecinfo(&tmp, srcPriv->httpcookie, "httpcookie");
1857 qemuStorageSourcePrivateDataFormatSecinfo(&tmp, srcPriv->tlsKeySecret, "tlskey");
1858 }
1859
1860 if (src->tlsAlias)
1861 virBufferAsprintf(&tmp, "<TLSx509 alias='%s'/>\n", src->tlsAlias);
1862
1863 virXMLFormatElement(buf, "objects", NULL, &tmp);
1864
1865 if (src->thresholdEventWithIndex)
1866 virBufferAddLit(buf, "<thresholdEvent indexUsed='yes'/>\n");
1867
1868 return 0;
1869 }
1870
1871
1872 static int
qemuDomainDiskPrivateParse(xmlXPathContextPtr ctxt,virDomainDiskDef * disk)1873 qemuDomainDiskPrivateParse(xmlXPathContextPtr ctxt,
1874 virDomainDiskDef *disk)
1875 {
1876 qemuDomainDiskPrivate *priv = QEMU_DOMAIN_DISK_PRIVATE(disk);
1877
1878 priv->qomName = virXPathString("string(./qom/@name)", ctxt);
1879 priv->nodeCopyOnRead = virXPathString("string(./nodenames/nodename[@type='copyOnRead']/@name)", ctxt);
1880
1881 return 0;
1882 }
1883
1884
1885 static int
qemuDomainDiskPrivateFormat(virDomainDiskDef * disk,virBuffer * buf)1886 qemuDomainDiskPrivateFormat(virDomainDiskDef *disk,
1887 virBuffer *buf)
1888 {
1889 qemuDomainDiskPrivate *priv = QEMU_DOMAIN_DISK_PRIVATE(disk);
1890
1891 virBufferEscapeString(buf, "<qom name='%s'/>\n", priv->qomName);
1892
1893 if (priv->nodeCopyOnRead) {
1894 virBufferAddLit(buf, "<nodenames>\n");
1895 virBufferAdjustIndent(buf, 2);
1896 virBufferEscapeString(buf, "<nodename type='copyOnRead' name='%s'/>\n",
1897 priv->nodeCopyOnRead);
1898 virBufferAdjustIndent(buf, -2);
1899 virBufferAddLit(buf, "</nodenames>\n");
1900 }
1901
1902 return 0;
1903 }
1904
1905
1906 static void
qemuDomainObjPrivateXMLFormatVcpus(virBuffer * buf,virDomainDef * def)1907 qemuDomainObjPrivateXMLFormatVcpus(virBuffer *buf,
1908 virDomainDef *def)
1909 {
1910 size_t i;
1911 size_t maxvcpus = virDomainDefGetVcpusMax(def);
1912 virDomainVcpuDef *vcpu;
1913 pid_t tid;
1914
1915 virBufferAddLit(buf, "<vcpus>\n");
1916 virBufferAdjustIndent(buf, 2);
1917
1918 for (i = 0; i < maxvcpus; i++) {
1919 vcpu = virDomainDefGetVcpu(def, i);
1920 tid = QEMU_DOMAIN_VCPU_PRIVATE(vcpu)->tid;
1921
1922 if (!vcpu->online || tid == 0)
1923 continue;
1924
1925 virBufferAsprintf(buf, "<vcpu id='%zu' pid='%d'/>\n", i, tid);
1926 }
1927
1928 virBufferAdjustIndent(buf, -2);
1929 virBufferAddLit(buf, "</vcpus>\n");
1930 }
1931
1932
1933 static int
qemuDomainObjPrivateXMLFormatAutomaticPlacement(virBuffer * buf,qemuDomainObjPrivate * priv)1934 qemuDomainObjPrivateXMLFormatAutomaticPlacement(virBuffer *buf,
1935 qemuDomainObjPrivate *priv)
1936 {
1937 g_autofree char *nodeset = NULL;
1938 g_autofree char *cpuset = NULL;
1939
1940 if (!priv->autoNodeset && !priv->autoCpuset)
1941 return 0;
1942
1943 if (priv->autoNodeset &&
1944 !((nodeset = virBitmapFormat(priv->autoNodeset))))
1945 return -1;
1946
1947 if (priv->autoCpuset &&
1948 !((cpuset = virBitmapFormat(priv->autoCpuset))))
1949 return -1;
1950
1951 virBufferAddLit(buf, "<numad");
1952 virBufferEscapeString(buf, " nodeset='%s'", nodeset);
1953 virBufferEscapeString(buf, " cpuset='%s'", cpuset);
1954 virBufferAddLit(buf, "/>\n");
1955
1956 return 0;
1957 }
1958
1959
1960 typedef struct qemuDomainPrivateBlockJobFormatData {
1961 virDomainXMLOption *xmlopt;
1962 virBuffer *buf;
1963 } qemuDomainPrivateBlockJobFormatData;
1964
1965
1966 static int
qemuDomainObjPrivateXMLFormatBlockjobFormatSource(virBuffer * buf,const char * element,virStorageSource * src,virDomainXMLOption * xmlopt,bool chain)1967 qemuDomainObjPrivateXMLFormatBlockjobFormatSource(virBuffer *buf,
1968 const char *element,
1969 virStorageSource *src,
1970 virDomainXMLOption *xmlopt,
1971 bool chain)
1972 {
1973 g_auto(virBuffer) attrBuf = VIR_BUFFER_INITIALIZER;
1974 g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf);
1975 unsigned int xmlflags = VIR_DOMAIN_DEF_FORMAT_STATUS;
1976
1977 virBufferAsprintf(&attrBuf, " type='%s' format='%s'",
1978 virStorageTypeToString(src->type),
1979 virStorageFileFormatTypeToString(src->format));
1980
1981 if (virDomainDiskSourceFormat(&childBuf, src, "source", 0, true, xmlflags,
1982 false, false, xmlopt) < 0)
1983 return -1;
1984
1985 if (chain &&
1986 virDomainDiskBackingStoreFormat(&childBuf, src, xmlopt, xmlflags) < 0)
1987 return -1;
1988
1989 virXMLFormatElement(buf, element, &attrBuf, &childBuf);
1990
1991 return 0;
1992 }
1993
1994
1995 static void
qemuDomainPrivateBlockJobFormatCommit(qemuBlockJobData * job,virBuffer * buf)1996 qemuDomainPrivateBlockJobFormatCommit(qemuBlockJobData *job,
1997 virBuffer *buf)
1998 {
1999 g_auto(virBuffer) disabledBitmapsBuf = VIR_BUFFER_INIT_CHILD(buf);
2000
2001 if (job->data.commit.base)
2002 virBufferAsprintf(buf, "<base node='%s'/>\n", job->data.commit.base->nodeformat);
2003
2004 if (job->data.commit.top)
2005 virBufferAsprintf(buf, "<top node='%s'/>\n", job->data.commit.top->nodeformat);
2006
2007 if (job->data.commit.topparent)
2008 virBufferAsprintf(buf, "<topparent node='%s'/>\n", job->data.commit.topparent->nodeformat);
2009
2010 if (job->data.commit.deleteCommittedImages)
2011 virBufferAddLit(buf, "<deleteCommittedImages/>\n");
2012
2013 virXMLFormatElement(buf, "disabledBaseBitmaps", NULL, &disabledBitmapsBuf);
2014 }
2015
2016
2017 static int
qemuDomainObjPrivateXMLFormatBlockjobIterator(void * payload,const char * name G_GNUC_UNUSED,void * opaque)2018 qemuDomainObjPrivateXMLFormatBlockjobIterator(void *payload,
2019 const char *name G_GNUC_UNUSED,
2020 void *opaque)
2021 {
2022 struct qemuDomainPrivateBlockJobFormatData *data = opaque;
2023 g_auto(virBuffer) attrBuf = VIR_BUFFER_INITIALIZER;
2024 g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(data->buf);
2025 g_auto(virBuffer) chainsBuf = VIR_BUFFER_INIT_CHILD(&childBuf);
2026 qemuBlockJobData *job = payload;
2027 const char *state = qemuBlockjobStateTypeToString(job->state);
2028 const char *newstate = NULL;
2029
2030 if (job->newstate != -1)
2031 newstate = qemuBlockjobStateTypeToString(job->newstate);
2032
2033 virBufferEscapeString(&attrBuf, " name='%s'", job->name);
2034 virBufferEscapeString(&attrBuf, " type='%s'", qemuBlockjobTypeToString(job->type));
2035 virBufferEscapeString(&attrBuf, " state='%s'", state);
2036 virBufferEscapeString(&attrBuf, " newstate='%s'", newstate);
2037 if (job->brokentype != QEMU_BLOCKJOB_TYPE_NONE)
2038 virBufferEscapeString(&attrBuf, " brokentype='%s'", qemuBlockjobTypeToString(job->brokentype));
2039 if (!job->jobflagsmissing)
2040 virBufferAsprintf(&attrBuf, " jobflags='0x%x'", job->jobflags);
2041 virBufferEscapeString(&childBuf, "<errmsg>%s</errmsg>", job->errmsg);
2042
2043 if (job->disk) {
2044 virBufferEscapeString(&childBuf, "<disk dst='%s'", job->disk->dst);
2045 if (job->mirrorChain)
2046 virBufferAddLit(&childBuf, " mirror='yes'");
2047 virBufferAddLit(&childBuf, "/>\n");
2048 } else {
2049 if (job->chain &&
2050 qemuDomainObjPrivateXMLFormatBlockjobFormatSource(&chainsBuf,
2051 "disk",
2052 job->chain,
2053 data->xmlopt,
2054 true) < 0)
2055 return -1;
2056
2057 if (job->mirrorChain &&
2058 qemuDomainObjPrivateXMLFormatBlockjobFormatSource(&chainsBuf,
2059 "mirror",
2060 job->mirrorChain,
2061 data->xmlopt,
2062 true) < 0)
2063 return -1;
2064
2065 virXMLFormatElement(&childBuf, "chains", NULL, &chainsBuf);
2066 }
2067
2068 switch ((qemuBlockJobType) job->type) {
2069 case QEMU_BLOCKJOB_TYPE_PULL:
2070 if (job->data.pull.base)
2071 virBufferAsprintf(&childBuf, "<base node='%s'/>\n", job->data.pull.base->nodeformat);
2072 break;
2073
2074 case QEMU_BLOCKJOB_TYPE_COMMIT:
2075 case QEMU_BLOCKJOB_TYPE_ACTIVE_COMMIT:
2076 qemuDomainPrivateBlockJobFormatCommit(job, &childBuf);
2077 break;
2078
2079 case QEMU_BLOCKJOB_TYPE_CREATE:
2080 if (job->data.create.storage)
2081 virBufferAddLit(&childBuf, "<create mode='storage'/>\n");
2082
2083 if (job->data.create.src &&
2084 qemuDomainObjPrivateXMLFormatBlockjobFormatSource(&childBuf,
2085 "src",
2086 job->data.create.src,
2087 data->xmlopt,
2088 false) < 0)
2089 return -1;
2090 break;
2091
2092 case QEMU_BLOCKJOB_TYPE_COPY:
2093 if (job->data.copy.shallownew)
2094 virBufferAddLit(&attrBuf, " shallownew='yes'");
2095 break;
2096
2097 case QEMU_BLOCKJOB_TYPE_BACKUP:
2098 virBufferEscapeString(&childBuf, "<bitmap name='%s'/>\n", job->data.backup.bitmap);
2099 if (job->data.backup.store) {
2100 if (qemuDomainObjPrivateXMLFormatBlockjobFormatSource(&childBuf,
2101 "store",
2102 job->data.backup.store,
2103 data->xmlopt,
2104 false) < 0)
2105 return -1;
2106 }
2107 break;
2108
2109 case QEMU_BLOCKJOB_TYPE_BROKEN:
2110 case QEMU_BLOCKJOB_TYPE_NONE:
2111 case QEMU_BLOCKJOB_TYPE_INTERNAL:
2112 case QEMU_BLOCKJOB_TYPE_LAST:
2113 break;
2114 }
2115
2116 virXMLFormatElement(data->buf, "blockjob", &attrBuf, &childBuf);
2117 return 0;
2118 }
2119
2120
2121 static int
qemuDomainObjPrivateXMLFormatBlockjobs(virBuffer * buf,virDomainObj * vm)2122 qemuDomainObjPrivateXMLFormatBlockjobs(virBuffer *buf,
2123 virDomainObj *vm)
2124 {
2125 qemuDomainObjPrivate *priv = vm->privateData;
2126 g_auto(virBuffer) attrBuf = VIR_BUFFER_INITIALIZER;
2127 g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf);
2128 bool bj = qemuDomainHasBlockjob(vm, false);
2129 struct qemuDomainPrivateBlockJobFormatData iterdata = { priv->driver->xmlopt,
2130 &childBuf };
2131
2132 virBufferAsprintf(&attrBuf, " active='%s'",
2133 virTristateBoolTypeToString(virTristateBoolFromBool(bj)));
2134
2135 if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV) &&
2136 virHashForEachSorted(priv->blockjobs,
2137 qemuDomainObjPrivateXMLFormatBlockjobIterator,
2138 &iterdata) < 0)
2139 return -1;
2140
2141 virXMLFormatElement(buf, "blockjobs", &attrBuf, &childBuf);
2142 return 0;
2143 }
2144
2145
2146 static int
qemuDomainObjPrivateXMLFormatBackups(virBuffer * buf,virDomainObj * vm)2147 qemuDomainObjPrivateXMLFormatBackups(virBuffer *buf,
2148 virDomainObj *vm)
2149 {
2150 qemuDomainObjPrivate *priv = vm->privateData;
2151 g_auto(virBuffer) attrBuf = VIR_BUFFER_INITIALIZER;
2152 g_auto(virBuffer) childBuf = VIR_BUFFER_INIT_CHILD(buf);
2153
2154 if (priv->backup &&
2155 virDomainBackupDefFormat(&childBuf, priv->backup, true, priv->driver->xmlopt) < 0)
2156 return -1;
2157
2158 virXMLFormatElement(buf, "backups", &attrBuf, &childBuf);
2159 return 0;
2160 }
2161
2162
2163 void
qemuDomainObjPrivateXMLFormatAllowReboot(virBuffer * buf,virTristateBool allowReboot)2164 qemuDomainObjPrivateXMLFormatAllowReboot(virBuffer *buf,
2165 virTristateBool allowReboot)
2166 {
2167 virBufferAsprintf(buf, "<allowReboot value='%s'/>\n",
2168 virTristateBoolTypeToString(allowReboot));
2169
2170 }
2171
2172
2173 static void
qemuDomainObjPrivateXMLFormatPR(virBuffer * buf,qemuDomainObjPrivate * priv)2174 qemuDomainObjPrivateXMLFormatPR(virBuffer *buf,
2175 qemuDomainObjPrivate *priv)
2176 {
2177 if (priv->prDaemonRunning)
2178 virBufferAddLit(buf, "<prDaemon/>\n");
2179 }
2180
2181
2182 static bool
qemuDomainHasSlirp(virDomainObj * vm)2183 qemuDomainHasSlirp(virDomainObj *vm)
2184 {
2185 size_t i;
2186
2187 for (i = 0; i < vm->def->nnets; i++) {
2188 virDomainNetDef *net = vm->def->nets[i];
2189
2190 if (QEMU_DOMAIN_NETWORK_PRIVATE(net)->slirp)
2191 return true;
2192 }
2193
2194 return false;
2195 }
2196
2197
2198 static bool
qemuDomainGetSlirpHelperOk(virDomainObj * vm)2199 qemuDomainGetSlirpHelperOk(virDomainObj *vm)
2200 {
2201 size_t i;
2202
2203 for (i = 0; i < vm->def->nnets; i++) {
2204 virDomainNetDef *net = vm->def->nets[i];
2205
2206 /* if there is a builtin slirp, prevent slirp-helper */
2207 if (net->type == VIR_DOMAIN_NET_TYPE_USER &&
2208 !QEMU_DOMAIN_NETWORK_PRIVATE(net)->slirp)
2209 return false;
2210 }
2211
2212 return true;
2213 }
2214
2215
2216 static int
qemuDomainObjPrivateXMLFormatSlirp(virBuffer * buf,virDomainObj * vm)2217 qemuDomainObjPrivateXMLFormatSlirp(virBuffer *buf,
2218 virDomainObj *vm)
2219 {
2220 size_t i;
2221
2222 if (!qemuDomainHasSlirp(vm))
2223 return 0;
2224
2225 virBufferAddLit(buf, "<slirp>\n");
2226 virBufferAdjustIndent(buf, 2);
2227
2228 for (i = 0; i < vm->def->nnets; i++) {
2229 virDomainNetDef *net = vm->def->nets[i];
2230 qemuSlirp *slirp = QEMU_DOMAIN_NETWORK_PRIVATE(net)->slirp;
2231 size_t j;
2232
2233 if (!slirp)
2234 continue;
2235
2236 virBufferAsprintf(buf, "<helper alias='%s' pid='%d'>\n",
2237 net->info.alias, slirp->pid);
2238
2239 virBufferAdjustIndent(buf, 2);
2240 for (j = 0; j < QEMU_SLIRP_FEATURE_LAST; j++) {
2241 if (qemuSlirpHasFeature(slirp, j)) {
2242 virBufferAsprintf(buf, "<feature name='%s'/>\n",
2243 qemuSlirpFeatureTypeToString(j));
2244 }
2245 }
2246 virBufferAdjustIndent(buf, -2);
2247 virBufferAddLit(buf, "</helper>\n");
2248 }
2249
2250 virBufferAdjustIndent(buf, -2);
2251 virBufferAddLit(buf, "</slirp>\n");
2252
2253
2254 return 0;
2255 }
2256
2257 static int
qemuDomainObjPrivateXMLFormat(virBuffer * buf,virDomainObj * vm)2258 qemuDomainObjPrivateXMLFormat(virBuffer *buf,
2259 virDomainObj *vm)
2260 {
2261 qemuDomainObjPrivate *priv = vm->privateData;
2262 const char *monitorpath;
2263
2264 /* priv->monitor_chr is set only for qemu */
2265 if (priv->monConfig) {
2266 switch (priv->monConfig->type) {
2267 case VIR_DOMAIN_CHR_TYPE_UNIX:
2268 monitorpath = priv->monConfig->data.nix.path;
2269 break;
2270 default:
2271 case VIR_DOMAIN_CHR_TYPE_PTY:
2272 monitorpath = priv->monConfig->data.file.path;
2273 break;
2274 }
2275
2276 virBufferEscapeString(buf, "<monitor path='%s'", monitorpath);
2277 virBufferAsprintf(buf, " type='%s'/>\n",
2278 virDomainChrTypeToString(priv->monConfig->type));
2279 }
2280
2281 if (priv->dbusDaemonRunning)
2282 virBufferAddLit(buf, "<dbusDaemon/>\n");
2283
2284 if (priv->dbusVMState)
2285 virBufferAddLit(buf, "<dbusVMState/>\n");
2286
2287 if (priv->namespaces) {
2288 ssize_t ns = -1;
2289
2290 virBufferAddLit(buf, "<namespaces>\n");
2291 virBufferAdjustIndent(buf, 2);
2292 while ((ns = virBitmapNextSetBit(priv->namespaces, ns)) >= 0)
2293 virBufferAsprintf(buf, "<%s/>\n", qemuDomainNamespaceTypeToString(ns));
2294 virBufferAdjustIndent(buf, -2);
2295 virBufferAddLit(buf, "</namespaces>\n");
2296 }
2297
2298 qemuDomainObjPrivateXMLFormatVcpus(buf, vm->def);
2299
2300 if (priv->qemuCaps) {
2301 size_t i;
2302 virBufferAddLit(buf, "<qemuCaps>\n");
2303 virBufferAdjustIndent(buf, 2);
2304 for (i = 0; i < QEMU_CAPS_LAST; i++) {
2305 if (virQEMUCapsGet(priv->qemuCaps, i)) {
2306 virBufferAsprintf(buf, "<flag name='%s'/>\n",
2307 virQEMUCapsTypeToString(i));
2308 }
2309 }
2310 virBufferAdjustIndent(buf, -2);
2311 virBufferAddLit(buf, "</qemuCaps>\n");
2312 }
2313
2314 if (priv->lockState)
2315 virBufferAsprintf(buf, "<lockstate>%s</lockstate>\n", priv->lockState);
2316
2317 if (qemuDomainObjPrivateXMLFormatJob(buf, vm) < 0)
2318 return -1;
2319
2320 if (priv->fakeReboot)
2321 virBufferAddLit(buf, "<fakereboot/>\n");
2322
2323 if (priv->qemuDevices && *priv->qemuDevices) {
2324 char **tmp = priv->qemuDevices;
2325 virBufferAddLit(buf, "<devices>\n");
2326 virBufferAdjustIndent(buf, 2);
2327 while (*tmp) {
2328 virBufferAsprintf(buf, "<device alias='%s'/>\n", *tmp);
2329 tmp++;
2330 }
2331 virBufferAdjustIndent(buf, -2);
2332 virBufferAddLit(buf, "</devices>\n");
2333 }
2334
2335 if (qemuDomainObjPrivateXMLFormatAutomaticPlacement(buf, priv) < 0)
2336 return -1;
2337
2338 /* Various per-domain paths */
2339 virBufferEscapeString(buf, "<libDir path='%s'/>\n", priv->libDir);
2340 virBufferEscapeString(buf, "<channelTargetDir path='%s'/>\n",
2341 priv->channelTargetDir);
2342
2343 virCPUDefFormatBufFull(buf, priv->origCPU, NULL);
2344
2345 if (priv->chardevStdioLogd)
2346 virBufferAddLit(buf, "<chardevStdioLogd/>\n");
2347
2348 if (priv->rememberOwner)
2349 virBufferAddLit(buf, "<rememberOwner/>\n");
2350
2351 qemuDomainObjPrivateXMLFormatAllowReboot(buf, priv->allowReboot);
2352
2353 qemuDomainObjPrivateXMLFormatPR(buf, priv);
2354
2355 if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV))
2356 virBufferAsprintf(buf, "<nodename index='%llu'/>\n", priv->nodenameindex);
2357
2358 if (priv->memPrealloc)
2359 virBufferAddLit(buf, "<memPrealloc/>\n");
2360
2361 if (qemuDomainObjPrivateXMLFormatBlockjobs(buf, vm) < 0)
2362 return -1;
2363
2364 if (qemuDomainObjPrivateXMLFormatSlirp(buf, vm) < 0)
2365 return -1;
2366
2367 virBufferAsprintf(buf, "<agentTimeout>%i</agentTimeout>\n", priv->agentTimeout);
2368
2369 if (qemuDomainObjPrivateXMLFormatBackups(buf, vm) < 0)
2370 return -1;
2371
2372 return 0;
2373 }
2374
2375
2376 static int
qemuDomainObjPrivateXMLParseVcpu(xmlNodePtr node,unsigned int idx,virDomainDef * def)2377 qemuDomainObjPrivateXMLParseVcpu(xmlNodePtr node,
2378 unsigned int idx,
2379 virDomainDef *def)
2380 {
2381 virDomainVcpuDef *vcpu;
2382 g_autofree char *idstr = NULL;
2383 g_autofree char *pidstr = NULL;
2384 unsigned int tmp;
2385
2386 idstr = virXMLPropString(node, "id");
2387
2388 if (idstr &&
2389 (virStrToLong_uip(idstr, NULL, 10, &idx) < 0)) {
2390 virReportError(VIR_ERR_INTERNAL_ERROR,
2391 _("cannot parse vcpu index '%s'"), idstr);
2392 return -1;
2393 }
2394 if (!(vcpu = virDomainDefGetVcpu(def, idx))) {
2395 virReportError(VIR_ERR_INTERNAL_ERROR,
2396 _("invalid vcpu index '%u'"), idx);
2397 return -1;
2398 }
2399
2400 if (!(pidstr = virXMLPropString(node, "pid")))
2401 return -1;
2402
2403 if (virStrToLong_uip(pidstr, NULL, 10, &tmp) < 0)
2404 return -1;
2405
2406 QEMU_DOMAIN_VCPU_PRIVATE(vcpu)->tid = tmp;
2407
2408 return 0;
2409 }
2410
2411
2412 static int
qemuDomainObjPrivateXMLParseAutomaticPlacement(xmlXPathContextPtr ctxt,qemuDomainObjPrivate * priv)2413 qemuDomainObjPrivateXMLParseAutomaticPlacement(xmlXPathContextPtr ctxt,
2414 qemuDomainObjPrivate *priv)
2415 {
2416 g_autoptr(virCapsHostNUMA) caps = NULL;
2417 g_autofree char *nodeset = NULL;
2418 g_autofree char *cpuset = NULL;
2419 int nodesetSize = 0;
2420 size_t i;
2421
2422 nodeset = virXPathString("string(./numad/@nodeset)", ctxt);
2423 cpuset = virXPathString("string(./numad/@cpuset)", ctxt);
2424
2425 if (!nodeset && !cpuset)
2426 return 0;
2427
2428 if (!(caps = virCapabilitiesHostNUMANewHost()))
2429 return -1;
2430
2431 /* Figure out how big the nodeset bitmap needs to be.
2432 * This is necessary because NUMA node IDs are not guaranteed to
2433 * start from 0 or be densely allocated */
2434 for (i = 0; i < caps->cells->len; i++) {
2435 virCapsHostNUMACell *cell =
2436 g_ptr_array_index(caps->cells, i);
2437 nodesetSize = MAX(nodesetSize, cell->num + 1);
2438 }
2439
2440 if (nodeset &&
2441 virBitmapParse(nodeset, &priv->autoNodeset, nodesetSize) < 0)
2442 return -1;
2443
2444 if (cpuset) {
2445 if (virBitmapParse(cpuset, &priv->autoCpuset, VIR_DOMAIN_CPUMASK_LEN) < 0)
2446 return -1;
2447 } else {
2448 /* autoNodeset is present in this case, since otherwise we wouldn't
2449 * reach this code */
2450 if (!(priv->autoCpuset = virCapabilitiesHostNUMAGetCpus(caps,
2451 priv->autoNodeset)))
2452 return -1;
2453 }
2454
2455 return 0;
2456 }
2457
2458
2459 static virStorageSource *
qemuDomainObjPrivateXMLParseBlockjobChain(xmlNodePtr node,xmlXPathContextPtr ctxt,virDomainXMLOption * xmlopt)2460 qemuDomainObjPrivateXMLParseBlockjobChain(xmlNodePtr node,
2461 xmlXPathContextPtr ctxt,
2462 virDomainXMLOption *xmlopt)
2463
2464 {
2465 VIR_XPATH_NODE_AUTORESTORE(ctxt)
2466 g_autofree char *format = NULL;
2467 g_autofree char *type = NULL;
2468 g_autofree char *index = NULL;
2469 g_autoptr(virStorageSource) src = NULL;
2470 xmlNodePtr sourceNode;
2471 unsigned int xmlflags = VIR_DOMAIN_DEF_PARSE_STATUS;
2472
2473 ctxt->node = node;
2474
2475 if (!(type = virXMLPropString(ctxt->node, "type")) ||
2476 !(format = virXMLPropString(ctxt->node, "format")) ||
2477 !(index = virXPathString("string(./source/@index)", ctxt)) ||
2478 !(sourceNode = virXPathNode("./source", ctxt))) {
2479 virReportError(VIR_ERR_XML_ERROR, "%s",
2480 _("missing job chain data"));
2481 return NULL;
2482 }
2483
2484 if (!(src = virDomainStorageSourceParseBase(type, format, index)))
2485 return NULL;
2486
2487 if (virDomainStorageSourceParse(sourceNode, ctxt, src, xmlflags, xmlopt) < 0)
2488 return NULL;
2489
2490 if (virDomainDiskBackingStoreParse(ctxt, src, xmlflags, xmlopt) < 0)
2491 return NULL;
2492
2493 return g_steal_pointer(&src);
2494 }
2495
2496
2497 /**
2498 * qemuDomainVirStorageSourceFindByNodeName:
2499 * @top: backing chain top
2500 * @nodeName: node name to find in backing chain
2501 *
2502 * Looks up the given storage source in the backing chain and returns the
2503 * pointer to it.
2504 * On failure NULL is returned and no error is reported.
2505 */
2506 static virStorageSource *
qemuDomainVirStorageSourceFindByNodeName(virStorageSource * top,const char * nodeName)2507 qemuDomainVirStorageSourceFindByNodeName(virStorageSource *top,
2508 const char *nodeName)
2509 {
2510 virStorageSource *tmp;
2511
2512 for (tmp = top; virStorageSourceIsBacking(tmp); tmp = tmp->backingStore) {
2513 if ((tmp->nodeformat && STREQ(tmp->nodeformat, nodeName)) ||
2514 (tmp->nodestorage && STREQ(tmp->nodestorage, nodeName)))
2515 return tmp;
2516 }
2517
2518 return NULL;
2519 }
2520
2521
2522
2523 static void
qemuDomainObjPrivateXMLParseBlockjobNodename(qemuBlockJobData * job,const char * xpath,virStorageSource ** src,xmlXPathContextPtr ctxt)2524 qemuDomainObjPrivateXMLParseBlockjobNodename(qemuBlockJobData *job,
2525 const char *xpath,
2526 virStorageSource **src,
2527 xmlXPathContextPtr ctxt)
2528 {
2529 g_autofree char *nodename = NULL;
2530
2531 *src = NULL;
2532
2533 if (!(nodename = virXPathString(xpath, ctxt)))
2534 return;
2535
2536 if (job->disk &&
2537 (*src = qemuDomainVirStorageSourceFindByNodeName(job->disk->src, nodename)))
2538 return;
2539
2540 if (job->chain &&
2541 (*src = qemuDomainVirStorageSourceFindByNodeName(job->chain, nodename)))
2542 return;
2543
2544 if (job->mirrorChain &&
2545 (*src = qemuDomainVirStorageSourceFindByNodeName(job->mirrorChain, nodename)))
2546 return;
2547
2548 /* the node was in the XML but was not found in the job definitions */
2549 VIR_DEBUG("marking block job '%s' as invalid: node name '%s' missing",
2550 job->name, nodename);
2551 job->invalidData = true;
2552 }
2553
2554
2555 static int
qemuDomainObjPrivateXMLParseBlockjobDataCommit(qemuBlockJobData * job,xmlXPathContextPtr ctxt)2556 qemuDomainObjPrivateXMLParseBlockjobDataCommit(qemuBlockJobData *job,
2557 xmlXPathContextPtr ctxt)
2558 {
2559 if (job->type == QEMU_BLOCKJOB_TYPE_COMMIT) {
2560 qemuDomainObjPrivateXMLParseBlockjobNodename(job,
2561 "string(./topparent/@node)",
2562 &job->data.commit.topparent,
2563 ctxt);
2564
2565 if (!job->data.commit.topparent)
2566 return -1;
2567 }
2568
2569 qemuDomainObjPrivateXMLParseBlockjobNodename(job,
2570 "string(./top/@node)",
2571 &job->data.commit.top,
2572 ctxt);
2573 qemuDomainObjPrivateXMLParseBlockjobNodename(job,
2574 "string(./base/@node)",
2575 &job->data.commit.base,
2576 ctxt);
2577
2578 if (virXPathNode("./deleteCommittedImages", ctxt))
2579 job->data.commit.deleteCommittedImages = true;
2580
2581 if (!job->data.commit.top ||
2582 !job->data.commit.base)
2583 return -1;
2584
2585 return 0;
2586 }
2587
2588
2589 static void
qemuDomainObjPrivateXMLParseBlockjobDataSpecific(qemuBlockJobData * job,xmlXPathContextPtr ctxt,virDomainXMLOption * xmlopt)2590 qemuDomainObjPrivateXMLParseBlockjobDataSpecific(qemuBlockJobData *job,
2591 xmlXPathContextPtr ctxt,
2592 virDomainXMLOption *xmlopt)
2593 {
2594 g_autofree char *createmode = NULL;
2595 g_autofree char *shallownew = NULL;
2596 xmlNodePtr tmp;
2597
2598 switch ((qemuBlockJobType) job->type) {
2599 case QEMU_BLOCKJOB_TYPE_PULL:
2600 qemuDomainObjPrivateXMLParseBlockjobNodename(job,
2601 "string(./base/@node)",
2602 &job->data.pull.base,
2603 ctxt);
2604 /* base is not present if pulling everything */
2605 break;
2606
2607 case QEMU_BLOCKJOB_TYPE_COMMIT:
2608 case QEMU_BLOCKJOB_TYPE_ACTIVE_COMMIT:
2609 if (qemuDomainObjPrivateXMLParseBlockjobDataCommit(job, ctxt) < 0)
2610 goto broken;
2611
2612 break;
2613
2614 case QEMU_BLOCKJOB_TYPE_CREATE:
2615 if (!(tmp = virXPathNode("./src", ctxt)) ||
2616 !(job->data.create.src = qemuDomainObjPrivateXMLParseBlockjobChain(tmp, ctxt, xmlopt)))
2617 goto broken;
2618
2619 if ((createmode = virXPathString("string(./create/@mode)", ctxt))) {
2620 if (STRNEQ(createmode, "storage"))
2621 goto broken;
2622
2623 job->data.create.storage = true;
2624 }
2625 break;
2626
2627 case QEMU_BLOCKJOB_TYPE_COPY:
2628 if ((shallownew = virXPathString("string(./@shallownew)", ctxt))) {
2629 if (STRNEQ(shallownew, "yes"))
2630 goto broken;
2631
2632 job->data.copy.shallownew = true;
2633 }
2634 break;
2635
2636 case QEMU_BLOCKJOB_TYPE_BACKUP:
2637 job->data.backup.bitmap = virXPathString("string(./bitmap/@name)", ctxt);
2638
2639 if (!(tmp = virXPathNode("./store", ctxt)) ||
2640 !(job->data.backup.store = qemuDomainObjPrivateXMLParseBlockjobChain(tmp, ctxt, xmlopt)))
2641 goto broken;
2642 break;
2643
2644 case QEMU_BLOCKJOB_TYPE_BROKEN:
2645 case QEMU_BLOCKJOB_TYPE_NONE:
2646 case QEMU_BLOCKJOB_TYPE_INTERNAL:
2647 case QEMU_BLOCKJOB_TYPE_LAST:
2648 break;
2649 }
2650
2651 return;
2652
2653 broken:
2654 VIR_DEBUG("marking block job '%s' as invalid: malformed job data", job->name);
2655 job->invalidData = true;
2656 }
2657
2658
2659 static int
qemuDomainObjPrivateXMLParseBlockjobData(virDomainObj * vm,xmlNodePtr node,xmlXPathContextPtr ctxt,virDomainXMLOption * xmlopt)2660 qemuDomainObjPrivateXMLParseBlockjobData(virDomainObj *vm,
2661 xmlNodePtr node,
2662 xmlXPathContextPtr ctxt,
2663 virDomainXMLOption *xmlopt)
2664 {
2665 VIR_XPATH_NODE_AUTORESTORE(ctxt)
2666 virDomainDiskDef *disk = NULL;
2667 g_autoptr(qemuBlockJobData) job = NULL;
2668 g_autofree char *name = NULL;
2669 g_autofree char *typestr = NULL;
2670 g_autofree char *brokentypestr = NULL;
2671 int type;
2672 g_autofree char *statestr = NULL;
2673 int state = QEMU_BLOCKJOB_STATE_FAILED;
2674 g_autofree char *diskdst = NULL;
2675 g_autofree char *newstatestr = NULL;
2676 g_autofree char *mirror = NULL;
2677 int newstate = -1;
2678 bool invalidData = false;
2679 xmlNodePtr tmp;
2680 unsigned long jobflags = 0;
2681
2682 ctxt->node = node;
2683
2684 if (!(name = virXPathString("string(./@name)", ctxt))) {
2685 VIR_WARN("malformed block job data for vm '%s'", vm->def->name);
2686 return 0;
2687 }
2688
2689 /* if the job name is known we need to register such a job so that we can
2690 * clean it up */
2691 if (!(typestr = virXPathString("string(./@type)", ctxt)) ||
2692 (type = qemuBlockjobTypeFromString(typestr)) < 0) {
2693 type = QEMU_BLOCKJOB_TYPE_BROKEN;
2694 invalidData = true;
2695 }
2696
2697 if (!(job = qemuBlockJobDataNew(type, name)))
2698 return -1;
2699
2700 if ((brokentypestr = virXPathString("string(./@brokentype)", ctxt)) &&
2701 (job->brokentype = qemuBlockjobTypeFromString(brokentypestr)) < 0)
2702 job->brokentype = QEMU_BLOCKJOB_TYPE_NONE;
2703
2704 if (!(statestr = virXPathString("string(./@state)", ctxt)) ||
2705 (state = qemuBlockjobStateTypeFromString(statestr)) < 0)
2706 invalidData = true;
2707
2708 if ((newstatestr = virXPathString("string(./@newstate)", ctxt)) &&
2709 (newstate = qemuBlockjobStateTypeFromString(newstatestr)) < 0)
2710 invalidData = true;
2711
2712 if ((diskdst = virXPathString("string(./disk/@dst)", ctxt)) &&
2713 !(disk = virDomainDiskByTarget(vm->def, diskdst)))
2714 invalidData = true;
2715
2716 if ((mirror = virXPathString("string(./disk/@mirror)", ctxt)) &&
2717 STRNEQ(mirror, "yes"))
2718 invalidData = true;
2719
2720 if (virXPathULongHex("string(./@jobflags)", ctxt, &jobflags) != 0)
2721 job->jobflagsmissing = true;
2722
2723 if (!disk && !invalidData) {
2724 if ((tmp = virXPathNode("./chains/disk", ctxt)) &&
2725 !(job->chain = qemuDomainObjPrivateXMLParseBlockjobChain(tmp, ctxt, xmlopt)))
2726 invalidData = true;
2727
2728 if ((tmp = virXPathNode("./chains/mirror", ctxt)) &&
2729 !(job->mirrorChain = qemuDomainObjPrivateXMLParseBlockjobChain(tmp, ctxt, xmlopt)))
2730 invalidData = true;
2731 }
2732
2733 if (mirror) {
2734 if (disk)
2735 job->mirrorChain = virObjectRef(disk->mirror);
2736 else
2737 invalidData = true;
2738 }
2739
2740 job->state = state;
2741 job->newstate = newstate;
2742 job->jobflags = jobflags;
2743 job->errmsg = virXPathString("string(./errmsg)", ctxt);
2744 job->invalidData = invalidData;
2745 job->disk = disk;
2746
2747 qemuDomainObjPrivateXMLParseBlockjobDataSpecific(job, ctxt, xmlopt);
2748
2749 if (qemuBlockJobRegister(job, vm, disk, false) < 0)
2750 return -1;
2751
2752 return 0;
2753 }
2754
2755
2756 static int
qemuDomainObjPrivateXMLParseBlockjobs(virDomainObj * vm,qemuDomainObjPrivate * priv,xmlXPathContextPtr ctxt)2757 qemuDomainObjPrivateXMLParseBlockjobs(virDomainObj *vm,
2758 qemuDomainObjPrivate *priv,
2759 xmlXPathContextPtr ctxt)
2760 {
2761 g_autofree xmlNodePtr *nodes = NULL;
2762 ssize_t nnodes = 0;
2763 g_autofree char *active = NULL;
2764 int tmp;
2765 size_t i;
2766
2767 if ((active = virXPathString("string(./blockjobs/@active)", ctxt)) &&
2768 (tmp = virTristateBoolTypeFromString(active)) > 0)
2769 priv->reconnectBlockjobs = tmp;
2770
2771 if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV)) {
2772 if ((nnodes = virXPathNodeSet("./blockjobs/blockjob", ctxt, &nodes)) < 0)
2773 return -1;
2774
2775 for (i = 0; i < nnodes; i++) {
2776 if (qemuDomainObjPrivateXMLParseBlockjobData(vm, nodes[i], ctxt,
2777 priv->driver->xmlopt) < 0)
2778 return -1;
2779 }
2780 }
2781
2782 return 0;
2783 }
2784
2785
2786 static int
qemuDomainObjPrivateXMLParseBackups(qemuDomainObjPrivate * priv,xmlXPathContextPtr ctxt)2787 qemuDomainObjPrivateXMLParseBackups(qemuDomainObjPrivate *priv,
2788 xmlXPathContextPtr ctxt)
2789 {
2790 g_autofree xmlNodePtr *nodes = NULL;
2791 ssize_t nnodes = 0;
2792
2793 if ((nnodes = virXPathNodeSet("./backups/domainbackup", ctxt, &nodes)) < 0)
2794 return -1;
2795
2796 if (nnodes > 1) {
2797 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
2798 _("only one backup job is supported"));
2799 return -1;
2800 }
2801
2802 if (nnodes == 0)
2803 return 0;
2804
2805 if (!(priv->backup = virDomainBackupDefParseNode(ctxt->doc, nodes[0],
2806 priv->driver->xmlopt,
2807 VIR_DOMAIN_BACKUP_PARSE_INTERNAL)))
2808 return -1;
2809
2810 return 0;
2811 }
2812
2813
2814 int
qemuDomainObjPrivateXMLParseAllowReboot(xmlXPathContextPtr ctxt,virTristateBool * allowReboot)2815 qemuDomainObjPrivateXMLParseAllowReboot(xmlXPathContextPtr ctxt,
2816 virTristateBool *allowReboot)
2817 {
2818 int val;
2819 g_autofree char *valStr = NULL;
2820
2821 if ((valStr = virXPathString("string(./allowReboot/@value)", ctxt))) {
2822 if ((val = virTristateBoolTypeFromString(valStr)) < 0) {
2823 virReportError(VIR_ERR_INTERNAL_ERROR,
2824 _("invalid allowReboot value '%s'"), valStr);
2825 return -1;
2826 }
2827 *allowReboot = val;
2828 }
2829
2830 return 0;
2831 }
2832
2833
2834 static void
qemuDomainObjPrivateXMLParsePR(xmlXPathContextPtr ctxt,bool * prDaemonRunning)2835 qemuDomainObjPrivateXMLParsePR(xmlXPathContextPtr ctxt,
2836 bool *prDaemonRunning)
2837 {
2838 *prDaemonRunning = virXPathBoolean("boolean(./prDaemon)", ctxt) > 0;
2839 }
2840
2841
2842 static int
qemuDomainObjPrivateXMLParseSlirpFeatures(xmlNodePtr featuresNode,xmlXPathContextPtr ctxt,qemuSlirp * slirp)2843 qemuDomainObjPrivateXMLParseSlirpFeatures(xmlNodePtr featuresNode,
2844 xmlXPathContextPtr ctxt,
2845 qemuSlirp *slirp)
2846 {
2847 VIR_XPATH_NODE_AUTORESTORE(ctxt)
2848 g_autofree xmlNodePtr *nodes = NULL;
2849 size_t i;
2850 int n;
2851
2852 ctxt->node = featuresNode;
2853
2854 if ((n = virXPathNodeSet("./feature", ctxt, &nodes)) < 0) {
2855 virReportError(VIR_ERR_INTERNAL_ERROR,
2856 "%s", _("failed to parse slirp-helper features"));
2857 return -1;
2858 }
2859
2860 for (i = 0; i < n; i++) {
2861 g_autofree char *str = virXMLPropString(nodes[i], "name");
2862 int feature;
2863
2864 if (!str)
2865 continue;
2866
2867 feature = qemuSlirpFeatureTypeFromString(str);
2868 if (feature < 0) {
2869 virReportError(VIR_ERR_INTERNAL_ERROR,
2870 _("Unknown slirp feature %s"), str);
2871 return -1;
2872 }
2873
2874 qemuSlirpSetFeature(slirp, feature);
2875 }
2876
2877 return 0;
2878 }
2879
2880
2881 static int
qemuDomainObjPrivateXMLParse(xmlXPathContextPtr ctxt,virDomainObj * vm,virDomainDefParserConfig * config)2882 qemuDomainObjPrivateXMLParse(xmlXPathContextPtr ctxt,
2883 virDomainObj *vm,
2884 virDomainDefParserConfig *config)
2885 {
2886 qemuDomainObjPrivate *priv = vm->privateData;
2887 virQEMUDriver *driver = config->priv;
2888 char *monitorpath;
2889 g_autofree char *tmp = NULL;
2890 int n;
2891 size_t i;
2892 g_autofree xmlNodePtr *nodes = NULL;
2893 xmlNodePtr node = NULL;
2894 g_autoptr(virQEMUCaps) qemuCaps = NULL;
2895
2896 if (!(priv->monConfig = virDomainChrSourceDefNew(NULL)))
2897 goto error;
2898
2899 if (!(monitorpath =
2900 virXPathString("string(./monitor[1]/@path)", ctxt))) {
2901 virReportError(VIR_ERR_INTERNAL_ERROR,
2902 "%s", _("no monitor path"));
2903 goto error;
2904 }
2905
2906 tmp = virXPathString("string(./monitor[1]/@type)", ctxt);
2907 if (tmp)
2908 priv->monConfig->type = virDomainChrTypeFromString(tmp);
2909 else
2910 priv->monConfig->type = VIR_DOMAIN_CHR_TYPE_PTY;
2911 VIR_FREE(tmp);
2912
2913 switch (priv->monConfig->type) {
2914 case VIR_DOMAIN_CHR_TYPE_PTY:
2915 priv->monConfig->data.file.path = monitorpath;
2916 break;
2917 case VIR_DOMAIN_CHR_TYPE_UNIX:
2918 priv->monConfig->data.nix.path = monitorpath;
2919 break;
2920 default:
2921 VIR_FREE(monitorpath);
2922 virReportError(VIR_ERR_INTERNAL_ERROR,
2923 _("unsupported monitor type '%s'"),
2924 virDomainChrTypeToString(priv->monConfig->type));
2925 goto error;
2926 }
2927
2928 if (virXPathInt("string(./agentTimeout)", ctxt, &priv->agentTimeout) == -2) {
2929 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
2930 _("failed to parse agent timeout"));
2931 goto error;
2932 }
2933
2934 priv->dbusDaemonRunning = virXPathBoolean("boolean(./dbusDaemon)", ctxt) > 0;
2935
2936 priv->dbusVMState = virXPathBoolean("boolean(./dbusVMState)", ctxt) > 0;
2937
2938 if ((node = virXPathNode("./namespaces", ctxt))) {
2939 xmlNodePtr next;
2940
2941 for (next = node->children; next; next = next->next) {
2942 int ns = qemuDomainNamespaceTypeFromString((const char *)next->name);
2943
2944 if (ns < 0) {
2945 virReportError(VIR_ERR_INTERNAL_ERROR,
2946 _("malformed namespace name: %s"),
2947 next->name);
2948 goto error;
2949 }
2950
2951 if (qemuDomainEnableNamespace(vm, ns) < 0)
2952 goto error;
2953 }
2954 }
2955
2956 if (priv->namespaces &&
2957 virBitmapIsAllClear(priv->namespaces)) {
2958 virBitmapFree(priv->namespaces);
2959 priv->namespaces = NULL;
2960 }
2961
2962 priv->rememberOwner = virXPathBoolean("count(./rememberOwner) > 0", ctxt);
2963
2964 if ((n = virXPathNodeSet("./vcpus/vcpu", ctxt, &nodes)) < 0)
2965 goto error;
2966
2967 for (i = 0; i < n; i++) {
2968 if (qemuDomainObjPrivateXMLParseVcpu(nodes[i], i, vm->def) < 0)
2969 goto error;
2970 }
2971 VIR_FREE(nodes);
2972
2973 if ((n = virXPathNodeSet("./qemuCaps/flag", ctxt, &nodes)) < 0) {
2974 virReportError(VIR_ERR_INTERNAL_ERROR,
2975 "%s", _("failed to parse qemu capabilities flags"));
2976 goto error;
2977 }
2978 if (n > 0) {
2979 if (!(qemuCaps = virQEMUCapsNew()))
2980 goto error;
2981
2982 for (i = 0; i < n; i++) {
2983 g_autofree char *str = virXMLPropString(nodes[i], "name");
2984 if (str) {
2985 int flag = virQEMUCapsTypeFromString(str);
2986 if (flag < 0) {
2987 virReportError(VIR_ERR_INTERNAL_ERROR,
2988 _("Unknown qemu capabilities flag %s"), str);
2989 goto error;
2990 }
2991 virQEMUCapsSet(qemuCaps, flag);
2992 }
2993 }
2994
2995 priv->qemuCaps = g_steal_pointer(&qemuCaps);
2996 }
2997 VIR_FREE(nodes);
2998
2999 priv->lockState = virXPathString("string(./lockstate)", ctxt);
3000
3001 if (qemuDomainObjPrivateXMLParseJob(vm, ctxt) < 0)
3002 goto error;
3003
3004 priv->fakeReboot = virXPathBoolean("boolean(./fakereboot)", ctxt) == 1;
3005
3006 if ((n = virXPathNodeSet("./devices/device", ctxt, &nodes)) < 0) {
3007 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3008 _("failed to parse qemu device list"));
3009 goto error;
3010 }
3011 if (n > 0) {
3012 /* NULL-terminated list */
3013 priv->qemuDevices = g_new0(char *, n + 1);
3014
3015 for (i = 0; i < n; i++) {
3016 priv->qemuDevices[i] = virXMLPropString(nodes[i], "alias");
3017 if (!priv->qemuDevices[i]) {
3018 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3019 _("failed to parse qemu device list"));
3020 goto error;
3021 }
3022 }
3023 }
3024 VIR_FREE(nodes);
3025
3026 if ((n = virXPathNodeSet("./slirp/helper", ctxt, &nodes)) < 0) {
3027 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3028 _("failed to parse slirp helper list"));
3029 goto error;
3030 }
3031 for (i = 0; i < n; i++) {
3032 g_autofree char *alias = virXMLPropString(nodes[i], "alias");
3033 g_autofree char *pid = virXMLPropString(nodes[i], "pid");
3034 g_autoptr(qemuSlirp) slirp = qemuSlirpNew();
3035 virDomainDeviceDef dev;
3036
3037 if (!alias || !pid || !slirp ||
3038 virStrToLong_i(pid, NULL, 10, &slirp->pid) < 0) {
3039 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3040 _("failed to parse slirp helper list"));
3041 goto error;
3042 }
3043
3044 if (virDomainDefFindDevice(vm->def, alias, &dev, true) < 0 ||
3045 dev.type != VIR_DOMAIN_DEVICE_NET)
3046 goto error;
3047
3048 if (qemuDomainObjPrivateXMLParseSlirpFeatures(nodes[i], ctxt, slirp) < 0)
3049 goto error;
3050
3051 QEMU_DOMAIN_NETWORK_PRIVATE(dev.data.net)->slirp = g_steal_pointer(&slirp);
3052 }
3053 VIR_FREE(nodes);
3054
3055 if (qemuDomainObjPrivateXMLParseAutomaticPlacement(ctxt, priv) < 0)
3056 goto error;
3057
3058 if ((tmp = virXPathString("string(./libDir/@path)", ctxt)))
3059 priv->libDir = tmp;
3060 if ((tmp = virXPathString("string(./channelTargetDir/@path)", ctxt)))
3061 priv->channelTargetDir = tmp;
3062 tmp = NULL;
3063
3064 qemuDomainSetPrivatePathsOld(driver, vm);
3065
3066 if (virCPUDefParseXML(ctxt, "./cpu", VIR_CPU_TYPE_GUEST, &priv->origCPU,
3067 false) < 0)
3068 goto error;
3069
3070 priv->chardevStdioLogd = virXPathBoolean("boolean(./chardevStdioLogd)",
3071 ctxt) == 1;
3072
3073 qemuDomainObjPrivateXMLParseAllowReboot(ctxt, &priv->allowReboot);
3074
3075 qemuDomainObjPrivateXMLParsePR(ctxt, &priv->prDaemonRunning);
3076
3077 if (qemuDomainObjPrivateXMLParseBlockjobs(vm, priv, ctxt) < 0)
3078 goto error;
3079
3080 if (qemuDomainObjPrivateXMLParseBackups(priv, ctxt) < 0)
3081 goto error;
3082
3083 qemuDomainStorageIdReset(priv);
3084 if (virXPathULongLong("string(./nodename/@index)", ctxt,
3085 &priv->nodenameindex) == -2) {
3086 virReportError(VIR_ERR_XML_ERROR, "%s",
3087 _("failed to parse node name index"));
3088 goto error;
3089 }
3090
3091 priv->memPrealloc = virXPathBoolean("boolean(./memPrealloc)", ctxt) == 1;
3092
3093 return 0;
3094
3095 error:
3096 virBitmapFree(priv->namespaces);
3097 priv->namespaces = NULL;
3098 virObjectUnref(priv->monConfig);
3099 priv->monConfig = NULL;
3100 g_strfreev(priv->qemuDevices);
3101 priv->qemuDevices = NULL;
3102 return -1;
3103 }
3104
3105
3106 static void *
qemuDomainObjPrivateXMLGetParseOpaque(virDomainObj * vm)3107 qemuDomainObjPrivateXMLGetParseOpaque(virDomainObj *vm)
3108 {
3109 qemuDomainObjPrivate *priv = vm->privateData;
3110
3111 return priv->qemuCaps;
3112 }
3113
3114
3115 virDomainXMLPrivateDataCallbacks virQEMUDriverPrivateDataCallbacks = {
3116 .alloc = qemuDomainObjPrivateAlloc,
3117 .free = qemuDomainObjPrivateFree,
3118 .diskNew = qemuDomainDiskPrivateNew,
3119 .diskParse = qemuDomainDiskPrivateParse,
3120 .diskFormat = qemuDomainDiskPrivateFormat,
3121 .vcpuNew = qemuDomainVcpuPrivateNew,
3122 .chrSourceNew = qemuDomainChrSourcePrivateNew,
3123 .vsockNew = qemuDomainVsockPrivateNew,
3124 .graphicsNew = qemuDomainGraphicsPrivateNew,
3125 .networkNew = qemuDomainNetworkPrivateNew,
3126 .videoNew = qemuDomainVideoPrivateNew,
3127 .parse = qemuDomainObjPrivateXMLParse,
3128 .format = qemuDomainObjPrivateXMLFormat,
3129 .getParseOpaque = qemuDomainObjPrivateXMLGetParseOpaque,
3130 .storageParse = qemuStorageSourcePrivateDataParse,
3131 .storageFormat = qemuStorageSourcePrivateDataFormat,
3132 };
3133
3134
3135 static void
qemuDomainXmlNsDefFree(qemuDomainXmlNsDef * def)3136 qemuDomainXmlNsDefFree(qemuDomainXmlNsDef *def)
3137 {
3138 size_t i;
3139
3140 if (!def)
3141 return;
3142
3143 for (i = 0; i < def->num_env; i++) {
3144 g_free(def->env[i].name);
3145 g_free(def->env[i].value);
3146 }
3147 g_free(def->env);
3148
3149 g_strfreev(def->args);
3150 g_strfreev(def->capsadd);
3151 g_strfreev(def->capsdel);
3152
3153 g_free(def->deprecationBehavior);
3154
3155 g_free(def);
3156 }
3157
3158
3159 static void
qemuDomainDefNamespaceFree(void * nsdata)3160 qemuDomainDefNamespaceFree(void *nsdata)
3161 {
3162 qemuDomainXmlNsDef *cmd = nsdata;
3163
3164 qemuDomainXmlNsDefFree(cmd);
3165 }
3166
3167
3168 static int
qemuDomainDefNamespaceParseCommandlineArgs(qemuDomainXmlNsDef * nsdef,xmlXPathContextPtr ctxt)3169 qemuDomainDefNamespaceParseCommandlineArgs(qemuDomainXmlNsDef *nsdef,
3170 xmlXPathContextPtr ctxt)
3171 {
3172 g_autofree xmlNodePtr *nodes = NULL;
3173 ssize_t nnodes;
3174 size_t i;
3175
3176 if ((nnodes = virXPathNodeSet("./qemu:commandline/qemu:arg", ctxt, &nodes)) < 0)
3177 return -1;
3178
3179 if (nnodes == 0)
3180 return 0;
3181
3182 nsdef->args = g_new0(char *, nnodes + 1);
3183
3184 for (i = 0; i < nnodes; i++) {
3185 if (!(nsdef->args[i] = virXMLPropString(nodes[i], "value"))) {
3186 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3187 _("No qemu command-line argument specified"));
3188 return -1;
3189 }
3190 }
3191
3192 return 0;
3193 }
3194
3195
3196 static int
qemuDomainDefNamespaceParseCommandlineEnvValidate(qemuDomainXmlNsEnvTuple * env)3197 qemuDomainDefNamespaceParseCommandlineEnvValidate(qemuDomainXmlNsEnvTuple *env)
3198 {
3199 if (!env->name) {
3200 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3201 _("No qemu environment name specified"));
3202 return -1;
3203 }
3204
3205 if (!g_ascii_isalpha(env->name[0]) && env->name[0] != '_') {
3206 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3207 _("Invalid environment name, it must begin with a letter or underscore"));
3208 return -1;
3209 }
3210
3211 if (strspn(env->name, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_") != strlen(env->name)) {
3212 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3213 _("Invalid environment name, it must contain only alphanumerics and underscore"));
3214 return -1;
3215 }
3216
3217 return 0;
3218 }
3219
3220
3221 static int
qemuDomainDefNamespaceParseCommandlineEnv(qemuDomainXmlNsDef * nsdef,xmlXPathContextPtr ctxt)3222 qemuDomainDefNamespaceParseCommandlineEnv(qemuDomainXmlNsDef *nsdef,
3223 xmlXPathContextPtr ctxt)
3224 {
3225 g_autofree xmlNodePtr *nodes = NULL;
3226 ssize_t nnodes;
3227 size_t i;
3228
3229 if ((nnodes = virXPathNodeSet("./qemu:commandline/qemu:env", ctxt, &nodes)) < 0)
3230 return -1;
3231
3232 if (nnodes == 0)
3233 return 0;
3234
3235 nsdef->env = g_new0(qemuDomainXmlNsEnvTuple, nnodes);
3236
3237 for (i = 0; i < nnodes; i++) {
3238 qemuDomainXmlNsEnvTuple *env = nsdef->env + i;
3239
3240 env->name = virXMLPropString(nodes[i], "name");
3241 env->value = virXMLPropString(nodes[i], "value");
3242 nsdef->num_env++;
3243
3244 if (qemuDomainDefNamespaceParseCommandlineEnvValidate(env) < 0)
3245 return -1;
3246 }
3247
3248 return 0;
3249 }
3250
3251
3252 static int
qemuDomainDefNamespaceParseCaps(qemuDomainXmlNsDef * nsdef,xmlXPathContextPtr ctxt)3253 qemuDomainDefNamespaceParseCaps(qemuDomainXmlNsDef *nsdef,
3254 xmlXPathContextPtr ctxt)
3255 {
3256 g_autofree xmlNodePtr *nodesadd = NULL;
3257 ssize_t nnodesadd;
3258 g_autofree xmlNodePtr *nodesdel = NULL;
3259 ssize_t nnodesdel;
3260 size_t i;
3261
3262 if ((nnodesadd = virXPathNodeSet("./qemu:capabilities/qemu:add", ctxt, &nodesadd)) < 0 ||
3263 (nnodesdel = virXPathNodeSet("./qemu:capabilities/qemu:del", ctxt, &nodesdel)) < 0)
3264 return -1;
3265
3266 if (nnodesadd > 0) {
3267 nsdef->capsadd = g_new0(char *, nnodesadd + 1);
3268
3269 for (i = 0; i < nnodesadd; i++) {
3270 if (!(nsdef->capsadd[i] = virXMLPropString(nodesadd[i], "capability"))) {
3271 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3272 _("missing capability name"));
3273 return -1;
3274 }
3275 }
3276 }
3277
3278 if (nnodesdel > 0) {
3279 nsdef->capsdel = g_new0(char *, nnodesdel + 1);
3280
3281 for (i = 0; i < nnodesdel; i++) {
3282 if (!(nsdef->capsdel[i] = virXMLPropString(nodesdel[i], "capability"))) {
3283 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
3284 _("missing capability name"));
3285 return -1;
3286 }
3287 }
3288 }
3289
3290 return 0;
3291 }
3292
3293
3294 static int
qemuDomainDefNamespaceParse(xmlXPathContextPtr ctxt,void ** data)3295 qemuDomainDefNamespaceParse(xmlXPathContextPtr ctxt,
3296 void **data)
3297 {
3298 qemuDomainXmlNsDef *nsdata = NULL;
3299 int ret = -1;
3300
3301 nsdata = g_new0(qemuDomainXmlNsDef, 1);
3302
3303 if (qemuDomainDefNamespaceParseCommandlineArgs(nsdata, ctxt) < 0 ||
3304 qemuDomainDefNamespaceParseCommandlineEnv(nsdata, ctxt) < 0 ||
3305 qemuDomainDefNamespaceParseCaps(nsdata, ctxt) < 0)
3306 goto cleanup;
3307
3308 nsdata->deprecationBehavior = virXPathString("string(./qemu:deprecation/@behavior)", ctxt);
3309
3310 if (nsdata->args || nsdata->num_env > 0 ||
3311 nsdata->capsadd || nsdata->capsdel ||
3312 nsdata->deprecationBehavior)
3313 *data = g_steal_pointer(&nsdata);
3314
3315 ret = 0;
3316
3317 cleanup:
3318 qemuDomainDefNamespaceFree(nsdata);
3319 return ret;
3320 }
3321
3322
3323 static void
qemuDomainDefNamespaceFormatXMLCommandline(virBuffer * buf,qemuDomainXmlNsDef * cmd)3324 qemuDomainDefNamespaceFormatXMLCommandline(virBuffer *buf,
3325 qemuDomainXmlNsDef *cmd)
3326 {
3327 GStrv n;
3328 size_t i;
3329
3330 if (!cmd->args && !cmd->num_env)
3331 return;
3332
3333 virBufferAddLit(buf, "<qemu:commandline>\n");
3334 virBufferAdjustIndent(buf, 2);
3335
3336 for (n = cmd->args; n && *n; n++)
3337 virBufferEscapeString(buf, "<qemu:arg value='%s'/>\n", *n);
3338 for (i = 0; i < cmd->num_env; i++) {
3339 virBufferAsprintf(buf, "<qemu:env name='%s'", cmd->env[i].name);
3340 virBufferEscapeString(buf, " value='%s'", cmd->env[i].value);
3341 virBufferAddLit(buf, "/>\n");
3342 }
3343
3344 virBufferAdjustIndent(buf, -2);
3345 virBufferAddLit(buf, "</qemu:commandline>\n");
3346 }
3347
3348
3349 static void
qemuDomainDefNamespaceFormatXMLCaps(virBuffer * buf,qemuDomainXmlNsDef * xmlns)3350 qemuDomainDefNamespaceFormatXMLCaps(virBuffer *buf,
3351 qemuDomainXmlNsDef *xmlns)
3352 {
3353 GStrv n;
3354
3355 if (!xmlns->capsadd && !xmlns->capsdel)
3356 return;
3357
3358 virBufferAddLit(buf, "<qemu:capabilities>\n");
3359 virBufferAdjustIndent(buf, 2);
3360
3361 for (n = xmlns->capsadd; n && *n; n++)
3362 virBufferEscapeString(buf, "<qemu:add capability='%s'/>\n", *n);
3363
3364 for (n = xmlns->capsdel; n && *n; n++)
3365 virBufferEscapeString(buf, "<qemu:del capability='%s'/>\n", *n);
3366
3367 virBufferAdjustIndent(buf, -2);
3368 virBufferAddLit(buf, "</qemu:capabilities>\n");
3369 }
3370
3371
3372 static int
qemuDomainDefNamespaceFormatXML(virBuffer * buf,void * nsdata)3373 qemuDomainDefNamespaceFormatXML(virBuffer *buf,
3374 void *nsdata)
3375 {
3376 qemuDomainXmlNsDef *cmd = nsdata;
3377
3378 qemuDomainDefNamespaceFormatXMLCommandline(buf, cmd);
3379 qemuDomainDefNamespaceFormatXMLCaps(buf, cmd);
3380
3381 virBufferEscapeString(buf, "<qemu:deprecation behavior='%s'/>\n",
3382 cmd->deprecationBehavior);
3383
3384 return 0;
3385 }
3386
3387
3388 virXMLNamespace virQEMUDriverDomainXMLNamespace = {
3389 .parse = qemuDomainDefNamespaceParse,
3390 .free = qemuDomainDefNamespaceFree,
3391 .format = qemuDomainDefNamespaceFormatXML,
3392 .prefix = "qemu",
3393 .uri = "http://libvirt.org/schemas/domain/qemu/1.0",
3394 };
3395
3396
3397 static int
qemuDomainDefAddImplicitInputDevice(virDomainDef * def)3398 qemuDomainDefAddImplicitInputDevice(virDomainDef *def)
3399 {
3400 if (ARCH_IS_X86(def->os.arch)) {
3401 if (virDomainDefMaybeAddInput(def,
3402 VIR_DOMAIN_INPUT_TYPE_MOUSE,
3403 VIR_DOMAIN_INPUT_BUS_PS2) < 0)
3404 return -1;
3405
3406 if (virDomainDefMaybeAddInput(def,
3407 VIR_DOMAIN_INPUT_TYPE_KBD,
3408 VIR_DOMAIN_INPUT_BUS_PS2) < 0)
3409 return -1;
3410 }
3411
3412 return 0;
3413 }
3414
3415 static int
qemuDomainDefSuggestDefaultAudioBackend(virQEMUDriver * driver,virDomainDef * def,bool * addAudio,int * audioBackend,int * audioSDLDriver)3416 qemuDomainDefSuggestDefaultAudioBackend(virQEMUDriver *driver,
3417 virDomainDef *def,
3418 bool *addAudio,
3419 int *audioBackend,
3420 int *audioSDLDriver)
3421 {
3422 size_t i;
3423 bool audioPassthrough = false;
3424 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
3425
3426 *addAudio = false;
3427 *audioBackend = VIR_DOMAIN_AUDIO_TYPE_NONE;
3428 *audioSDLDriver = VIR_DOMAIN_AUDIO_SDL_DRIVER_DEFAULT;
3429
3430 for (i = 0; i < def->ngraphics; i++) {
3431 virDomainGraphicsDef *graph = def->graphics[i];
3432
3433 switch ((virDomainGraphicsType)graph->type) {
3434 case VIR_DOMAIN_GRAPHICS_TYPE_VNC:
3435 if (cfg->vncAllowHostAudio) {
3436 audioPassthrough = true;
3437 } else {
3438 audioPassthrough = false;
3439 *audioBackend = VIR_DOMAIN_AUDIO_TYPE_NONE;
3440 }
3441 *addAudio = true;
3442 break;
3443 case VIR_DOMAIN_GRAPHICS_TYPE_SPICE:
3444 audioPassthrough = false;
3445 *audioBackend = VIR_DOMAIN_AUDIO_TYPE_SPICE;
3446 *addAudio = true;
3447 break;
3448 case VIR_DOMAIN_GRAPHICS_TYPE_SDL:
3449 audioPassthrough = true;
3450 *addAudio = true;
3451 break;
3452
3453 case VIR_DOMAIN_GRAPHICS_TYPE_RDP:
3454 case VIR_DOMAIN_GRAPHICS_TYPE_DESKTOP:
3455 case VIR_DOMAIN_GRAPHICS_TYPE_EGL_HEADLESS:
3456 break;
3457 case VIR_DOMAIN_GRAPHICS_TYPE_LAST:
3458 default:
3459 virReportEnumRangeError(virDomainGraphicsType, graph->type);
3460 return -1;
3461 }
3462 }
3463
3464 if (!def->ngraphics) {
3465 if (cfg->nogfxAllowHostAudio) {
3466 audioPassthrough = true;
3467 } else {
3468 audioPassthrough = false;
3469 *audioBackend = VIR_DOMAIN_AUDIO_TYPE_NONE;
3470 }
3471 *addAudio = true;
3472 }
3473
3474 if (*addAudio && audioPassthrough) {
3475 const char *audioenv = g_getenv("QEMU_AUDIO_DRV");
3476 if (audioenv == NULL) {
3477 *addAudio = false;
3478 } else {
3479 /*
3480 * QEMU audio driver names are mostly the same as
3481 * libvirt XML audio backend names
3482 */
3483 if (STREQ(audioenv, "pa")) {
3484 *audioBackend = VIR_DOMAIN_AUDIO_TYPE_PULSEAUDIO;
3485 } else {
3486 if (((*audioBackend) = virDomainAudioTypeTypeFromString(audioenv)) < 0) {
3487 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
3488 _("unknown QEMU_AUDIO_DRV setting %s"), audioenv);
3489 return -1;
3490 }
3491 }
3492 }
3493 }
3494
3495 if (*addAudio && *audioBackend == VIR_DOMAIN_AUDIO_TYPE_SDL) {
3496 const char *sdldriver = g_getenv("SDL_AUDIODRIVER");
3497 if (sdldriver != NULL &&
3498 (((*audioSDLDriver) =
3499 virDomainAudioSDLDriverTypeFromString(sdldriver)) <= 0)) {
3500 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
3501 _("unknown SDL_AUDIODRIVER setting %s"), sdldriver);
3502 return -1;
3503 }
3504 }
3505
3506 return 0;
3507 }
3508
3509 static int
qemuDomainDefClearDefaultAudioBackend(virQEMUDriver * driver,virDomainDef * def)3510 qemuDomainDefClearDefaultAudioBackend(virQEMUDriver *driver,
3511 virDomainDef *def)
3512 {
3513 bool addAudio;
3514 int audioBackend;
3515 int audioSDLDriver;
3516 virDomainAudioDef *audio;
3517
3518 if (def->naudios != 1) {
3519 return 0;
3520 }
3521
3522 if (qemuDomainDefSuggestDefaultAudioBackend(driver,
3523 def,
3524 &addAudio,
3525 &audioBackend,
3526 &audioSDLDriver) < 0)
3527 return -1;
3528
3529 if (!addAudio)
3530 return 0;
3531
3532 audio = def->audios[0];
3533 if (audio->type != audioBackend)
3534 return 0;
3535
3536 if (audio->type == VIR_DOMAIN_AUDIO_TYPE_SDL &&
3537 audio->backend.sdl.driver != audioSDLDriver)
3538 return 0;
3539
3540 virDomainAudioDefFree(audio);
3541 g_free(def->audios);
3542 def->naudios = 0;
3543 def->audios = NULL;
3544
3545 return 0;
3546 }
3547
3548 static int
qemuDomainDefAddDefaultAudioBackend(virQEMUDriver * driver,virDomainDef * def)3549 qemuDomainDefAddDefaultAudioBackend(virQEMUDriver *driver,
3550 virDomainDef *def)
3551 {
3552 bool addAudio;
3553 int audioBackend;
3554 int audioSDLDriver;
3555
3556 if (def->naudios > 0) {
3557 return 0;
3558 }
3559
3560 if (qemuDomainDefSuggestDefaultAudioBackend(driver,
3561 def,
3562 &addAudio,
3563 &audioBackend,
3564 &audioSDLDriver) < 0)
3565 return -1;
3566
3567 if (addAudio) {
3568 virDomainAudioDef *audio = g_new0(virDomainAudioDef, 1);
3569
3570 audio->type = audioBackend;
3571 audio->id = 1;
3572
3573 def->naudios = 1;
3574 def->audios = g_new0(virDomainAudioDef *, def->naudios);
3575 def->audios[0] = audio;
3576
3577 if (audioBackend == VIR_DOMAIN_AUDIO_TYPE_SDL)
3578 audio->backend.sdl.driver = audioSDLDriver;
3579 }
3580
3581 return 0;
3582 }
3583
3584 static int
qemuDomainDefAddDefaultDevices(virQEMUDriver * driver,virDomainDef * def,virQEMUCaps * qemuCaps)3585 qemuDomainDefAddDefaultDevices(virQEMUDriver *driver,
3586 virDomainDef *def,
3587 virQEMUCaps *qemuCaps)
3588 {
3589 bool addDefaultUSB = true;
3590 int usbModel = -1; /* "default for machinetype" */
3591 int pciRoot; /* index within def->controllers */
3592 bool addImplicitSATA = false;
3593 bool addPCIRoot = false;
3594 bool addPCIeRoot = false;
3595 bool addDefaultMemballoon = true;
3596 bool addDefaultUSBKBD = false;
3597 bool addDefaultUSBMouse = false;
3598 bool addPanicDevice = false;
3599
3600 /* add implicit input devices */
3601 if (qemuDomainDefAddImplicitInputDevice(def) < 0)
3602 return -1;
3603
3604 /* Add implicit PCI root controller if the machine has one */
3605 switch (def->os.arch) {
3606 case VIR_ARCH_I686:
3607 case VIR_ARCH_X86_64:
3608 if (STREQ(def->os.machine, "isapc")) {
3609 addDefaultUSB = false;
3610 break;
3611 }
3612 if (qemuDomainIsQ35(def)) {
3613 addPCIeRoot = true;
3614 addImplicitSATA = true;
3615
3616 /* Prefer adding a USB3 controller if supported, fall back
3617 * to USB2 if there is no USB3 available, and if that's
3618 * unavailable don't add anything.
3619 */
3620 if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_QEMU_XHCI))
3621 usbModel = VIR_DOMAIN_CONTROLLER_MODEL_USB_QEMU_XHCI;
3622 else if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_NEC_USB_XHCI))
3623 usbModel = VIR_DOMAIN_CONTROLLER_MODEL_USB_NEC_XHCI;
3624 else if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_ICH9_USB_EHCI1))
3625 usbModel = VIR_DOMAIN_CONTROLLER_MODEL_USB_ICH9_EHCI1;
3626 else
3627 addDefaultUSB = false;
3628 break;
3629 }
3630 if (qemuDomainIsI440FX(def))
3631 addPCIRoot = true;
3632 break;
3633
3634 case VIR_ARCH_ARMV6L:
3635 addDefaultUSB = false;
3636 addDefaultMemballoon = false;
3637 if (STREQ(def->os.machine, "versatilepb"))
3638 addPCIRoot = true;
3639 break;
3640
3641 case VIR_ARCH_ARMV7L:
3642 case VIR_ARCH_AARCH64:
3643 addDefaultUSB = false;
3644 addDefaultMemballoon = false;
3645 if (qemuDomainIsARMVirt(def))
3646 addPCIeRoot = virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_GPEX);
3647 break;
3648
3649 case VIR_ARCH_PPC64:
3650 case VIR_ARCH_PPC64LE:
3651 addPCIRoot = true;
3652 addDefaultUSBKBD = true;
3653 addDefaultUSBMouse = true;
3654 /* For pSeries guests, the firmware provides the same
3655 * functionality as the pvpanic device, so automatically
3656 * add the definition if not already present */
3657 if (qemuDomainIsPSeries(def))
3658 addPanicDevice = true;
3659 break;
3660
3661 case VIR_ARCH_ALPHA:
3662 case VIR_ARCH_PPC:
3663 case VIR_ARCH_PPCEMB:
3664 case VIR_ARCH_SH4:
3665 case VIR_ARCH_SH4EB:
3666 addPCIRoot = true;
3667 break;
3668
3669 case VIR_ARCH_RISCV32:
3670 case VIR_ARCH_RISCV64:
3671 addDefaultUSB = false;
3672 if (qemuDomainIsRISCVVirt(def))
3673 addPCIeRoot = virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_GPEX);
3674 break;
3675
3676 case VIR_ARCH_S390:
3677 case VIR_ARCH_S390X:
3678 addDefaultUSB = false;
3679 addPanicDevice = true;
3680 addPCIRoot = virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_ZPCI);
3681 break;
3682
3683 case VIR_ARCH_SPARC:
3684 addDefaultUSB = false;
3685 addDefaultMemballoon = false;
3686 break;
3687
3688 case VIR_ARCH_SPARC64:
3689 addPCIRoot = true;
3690 break;
3691
3692 case VIR_ARCH_ARMV7B:
3693 case VIR_ARCH_CRIS:
3694 case VIR_ARCH_ITANIUM:
3695 case VIR_ARCH_LM32:
3696 case VIR_ARCH_M68K:
3697 case VIR_ARCH_MICROBLAZE:
3698 case VIR_ARCH_MICROBLAZEEL:
3699 case VIR_ARCH_MIPS:
3700 case VIR_ARCH_MIPSEL:
3701 case VIR_ARCH_MIPS64:
3702 case VIR_ARCH_MIPS64EL:
3703 case VIR_ARCH_OR32:
3704 case VIR_ARCH_PARISC:
3705 case VIR_ARCH_PARISC64:
3706 case VIR_ARCH_PPCLE:
3707 case VIR_ARCH_UNICORE32:
3708 case VIR_ARCH_XTENSA:
3709 case VIR_ARCH_XTENSAEB:
3710 case VIR_ARCH_NONE:
3711 case VIR_ARCH_LAST:
3712 default:
3713 break;
3714 }
3715
3716 if (addDefaultUSB &&
3717 virDomainControllerFind(def, VIR_DOMAIN_CONTROLLER_TYPE_USB, 0) < 0 &&
3718 virDomainDefAddUSBController(def, 0, usbModel) < 0)
3719 return -1;
3720
3721 if (addImplicitSATA &&
3722 virDomainDefMaybeAddController(
3723 def, VIR_DOMAIN_CONTROLLER_TYPE_SATA, 0, -1) < 0)
3724 return -1;
3725
3726 pciRoot = virDomainControllerFind(def, VIR_DOMAIN_CONTROLLER_TYPE_PCI, 0);
3727
3728 /* NB: any machine that sets addPCIRoot to true must also return
3729 * true from the function qemuDomainSupportsPCI().
3730 */
3731 if (addPCIRoot) {
3732 if (pciRoot >= 0) {
3733 if (def->controllers[pciRoot]->model != VIR_DOMAIN_CONTROLLER_MODEL_PCI_ROOT) {
3734 virReportError(VIR_ERR_XML_ERROR,
3735 _("The PCI controller with index='0' must be "
3736 "model='pci-root' for this machine type, "
3737 "but model='%s' was found instead"),
3738 virDomainControllerModelPCITypeToString(def->controllers[pciRoot]->model));
3739 return -1;
3740 }
3741 } else if (!virDomainDefAddController(def, VIR_DOMAIN_CONTROLLER_TYPE_PCI, 0,
3742 VIR_DOMAIN_CONTROLLER_MODEL_PCI_ROOT)) {
3743 return -1;
3744 }
3745 }
3746
3747 /* When a machine has a pcie-root, make sure that there is always
3748 * a dmi-to-pci-bridge controller added as bus 1, and a pci-bridge
3749 * as bus 2, so that standard PCI devices can be connected
3750 *
3751 * NB: any machine that sets addPCIeRoot to true must also return
3752 * true from the function qemuDomainSupportsPCI().
3753 */
3754 if (addPCIeRoot) {
3755 if (pciRoot >= 0) {
3756 if (def->controllers[pciRoot]->model != VIR_DOMAIN_CONTROLLER_MODEL_PCIE_ROOT) {
3757 virReportError(VIR_ERR_XML_ERROR,
3758 _("The PCI controller with index='0' must be "
3759 "model='pcie-root' for this machine type, "
3760 "but model='%s' was found instead"),
3761 virDomainControllerModelPCITypeToString(def->controllers[pciRoot]->model));
3762 return -1;
3763 }
3764 } else if (!virDomainDefAddController(def, VIR_DOMAIN_CONTROLLER_TYPE_PCI, 0,
3765 VIR_DOMAIN_CONTROLLER_MODEL_PCIE_ROOT)) {
3766 return -1;
3767 }
3768 }
3769
3770 if (addDefaultMemballoon && !def->memballoon) {
3771 virDomainMemballoonDef *memballoon;
3772 memballoon = g_new0(virDomainMemballoonDef, 1);
3773
3774 memballoon->model = VIR_DOMAIN_MEMBALLOON_MODEL_VIRTIO;
3775 def->memballoon = memballoon;
3776 }
3777
3778 if (addDefaultUSBMouse) {
3779 bool hasUSBTablet = false;
3780 size_t j;
3781
3782 for (j = 0; j < def->ninputs; j++) {
3783 if (def->inputs[j]->type == VIR_DOMAIN_INPUT_TYPE_TABLET &&
3784 def->inputs[j]->bus == VIR_DOMAIN_INPUT_BUS_USB) {
3785 hasUSBTablet = true;
3786 break;
3787 }
3788 }
3789
3790 /* Historically, we have automatically added USB keyboard and
3791 * mouse to some guests. While the former device is generally
3792 * safe to have, adding the latter is undesiderable if a USB
3793 * tablet is already present in the guest */
3794 if (hasUSBTablet)
3795 addDefaultUSBMouse = false;
3796 }
3797
3798 if (addDefaultUSBKBD &&
3799 def->ngraphics > 0 &&
3800 virDomainDefMaybeAddInput(def,
3801 VIR_DOMAIN_INPUT_TYPE_KBD,
3802 VIR_DOMAIN_INPUT_BUS_USB) < 0)
3803 return -1;
3804
3805 if (addDefaultUSBMouse &&
3806 def->ngraphics > 0 &&
3807 virDomainDefMaybeAddInput(def,
3808 VIR_DOMAIN_INPUT_TYPE_MOUSE,
3809 VIR_DOMAIN_INPUT_BUS_USB) < 0)
3810 return -1;
3811
3812 if (addPanicDevice) {
3813 size_t j;
3814 for (j = 0; j < def->npanics; j++) {
3815 if (def->panics[j]->model == VIR_DOMAIN_PANIC_MODEL_DEFAULT ||
3816 (ARCH_IS_PPC64(def->os.arch) &&
3817 def->panics[j]->model == VIR_DOMAIN_PANIC_MODEL_PSERIES) ||
3818 (ARCH_IS_S390(def->os.arch) &&
3819 def->panics[j]->model == VIR_DOMAIN_PANIC_MODEL_S390))
3820 break;
3821 }
3822
3823 if (j == def->npanics) {
3824 virDomainPanicDef *panic = g_new0(virDomainPanicDef, 1);
3825
3826 VIR_APPEND_ELEMENT_COPY(def->panics, def->npanics, panic);
3827 }
3828 }
3829
3830 if (qemuDomainDefAddDefaultAudioBackend(driver, def) < 0)
3831 return -1;
3832
3833 return 0;
3834 }
3835
3836
3837 /**
3838 * qemuDomainDefEnableDefaultFeatures:
3839 * @def: domain definition
3840 * @qemuCaps: QEMU capabilities
3841 *
3842 * Make sure that features that should be enabled by default are actually
3843 * enabled and configure default values related to those features.
3844 */
3845 static void
qemuDomainDefEnableDefaultFeatures(virDomainDef * def,virQEMUCaps * qemuCaps)3846 qemuDomainDefEnableDefaultFeatures(virDomainDef *def,
3847 virQEMUCaps *qemuCaps)
3848 {
3849 /* The virt machine type always uses GIC: if the relevant information
3850 * was not included in the domain XML, we need to choose a suitable
3851 * GIC version ourselves */
3852 if ((def->features[VIR_DOMAIN_FEATURE_GIC] == VIR_TRISTATE_SWITCH_ABSENT &&
3853 qemuDomainIsARMVirt(def)) ||
3854 (def->features[VIR_DOMAIN_FEATURE_GIC] == VIR_TRISTATE_SWITCH_ON &&
3855 def->gic_version == VIR_GIC_VERSION_NONE)) {
3856 virGICVersion version;
3857
3858 VIR_DEBUG("Looking for usable GIC version in domain capabilities");
3859 for (version = VIR_GIC_VERSION_LAST - 1;
3860 version > VIR_GIC_VERSION_NONE;
3861 version--) {
3862
3863 /* We want to use the highest available GIC version for guests;
3864 * however, the emulated GICv3 is currently lacking a MSI controller,
3865 * making it unsuitable for the pure PCIe topology we aim for.
3866 *
3867 * For that reason, we skip this step entirely for TCG guests,
3868 * and rely on the code below to pick the default version, GICv2,
3869 * which supports all the features we need.
3870 *
3871 * See https://bugzilla.redhat.com/show_bug.cgi?id=1414081 */
3872 if (version == VIR_GIC_VERSION_3 &&
3873 def->virtType == VIR_DOMAIN_VIRT_QEMU) {
3874 continue;
3875 }
3876
3877 if (virQEMUCapsSupportsGICVersion(qemuCaps,
3878 def->virtType,
3879 version)) {
3880 VIR_DEBUG("Using GIC version %s",
3881 virGICVersionTypeToString(version));
3882 def->gic_version = version;
3883 break;
3884 }
3885 }
3886
3887 /* Use the default GIC version (GICv2) as a last-ditch attempt
3888 * if no match could be found above */
3889 if (def->gic_version == VIR_GIC_VERSION_NONE) {
3890 VIR_DEBUG("Using GIC version 2 (default)");
3891 def->gic_version = VIR_GIC_VERSION_2;
3892 }
3893
3894 /* Even if we haven't found a usable GIC version in the domain
3895 * capabilities, we still want to enable this */
3896 def->features[VIR_DOMAIN_FEATURE_GIC] = VIR_TRISTATE_SWITCH_ON;
3897 }
3898 }
3899
3900
3901 static int
qemuCanonicalizeMachine(virDomainDef * def,virQEMUCaps * qemuCaps)3902 qemuCanonicalizeMachine(virDomainDef *def, virQEMUCaps *qemuCaps)
3903 {
3904 const char *canon;
3905
3906 if (!(canon = virQEMUCapsGetCanonicalMachine(qemuCaps, def->virtType,
3907 def->os.machine)))
3908 return 0;
3909
3910 if (STRNEQ(canon, def->os.machine)) {
3911 char *tmp;
3912 tmp = g_strdup(canon);
3913 VIR_FREE(def->os.machine);
3914 def->os.machine = tmp;
3915 }
3916
3917 return 0;
3918 }
3919
3920
3921 static int
qemuDomainRecheckInternalPaths(virDomainDef * def,virQEMUDriverConfig * cfg,unsigned int flags)3922 qemuDomainRecheckInternalPaths(virDomainDef *def,
3923 virQEMUDriverConfig *cfg,
3924 unsigned int flags)
3925 {
3926 size_t i = 0;
3927 size_t j = 0;
3928
3929 for (i = 0; i < def->ngraphics; ++i) {
3930 virDomainGraphicsDef *graphics = def->graphics[i];
3931
3932 for (j = 0; j < graphics->nListens; ++j) {
3933 virDomainGraphicsListenDef *glisten = &graphics->listens[j];
3934
3935 /* This will happen only if we parse XML from old libvirts where
3936 * unix socket was available only for VNC graphics. In this
3937 * particular case we should follow the behavior and if we remove
3938 * the auto-generated socket based on config option from qemu.conf
3939 * we need to change the listen type to address. */
3940 if (graphics->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
3941 glisten->type == VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_SOCKET &&
3942 glisten->socket &&
3943 !glisten->autoGenerated &&
3944 STRPREFIX(glisten->socket, cfg->libDir)) {
3945 if (flags & VIR_DOMAIN_DEF_PARSE_INACTIVE) {
3946 VIR_FREE(glisten->socket);
3947 glisten->type = VIR_DOMAIN_GRAPHICS_LISTEN_TYPE_ADDRESS;
3948 } else {
3949 glisten->fromConfig = true;
3950 }
3951 }
3952 }
3953 }
3954
3955 return 0;
3956 }
3957
3958
3959 static int
qemuDomainDefVcpusPostParse(virDomainDef * def)3960 qemuDomainDefVcpusPostParse(virDomainDef *def)
3961 {
3962 unsigned int maxvcpus = virDomainDefGetVcpusMax(def);
3963 virDomainVcpuDef *vcpu;
3964 virDomainVcpuDef *prevvcpu;
3965 size_t i;
3966 bool has_order = false;
3967
3968 /* vcpu 0 needs to be present, first, and non-hotpluggable */
3969 vcpu = virDomainDefGetVcpu(def, 0);
3970 if (!vcpu->online) {
3971 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
3972 _("vcpu 0 can't be offline"));
3973 return -1;
3974 }
3975 if (vcpu->hotpluggable == VIR_TRISTATE_BOOL_YES) {
3976 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
3977 _("vcpu0 can't be hotpluggable"));
3978 return -1;
3979 }
3980 if (vcpu->order != 0 && vcpu->order != 1) {
3981 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
3982 _("vcpu0 must be enabled first"));
3983 return -1;
3984 }
3985
3986 if (vcpu->order != 0)
3987 has_order = true;
3988
3989 prevvcpu = vcpu;
3990
3991 /* all online vcpus or non online vcpu need to have order set */
3992 for (i = 1; i < maxvcpus; i++) {
3993 vcpu = virDomainDefGetVcpu(def, i);
3994
3995 if (vcpu->online &&
3996 (vcpu->order != 0) != has_order) {
3997 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
3998 _("all vcpus must have either set or unset order"));
3999 return -1;
4000 }
4001
4002 /* few conditions for non-hotpluggable (thus online) vcpus */
4003 if (vcpu->hotpluggable == VIR_TRISTATE_BOOL_NO) {
4004 /* they can be ordered only at the beginning */
4005 if (prevvcpu->hotpluggable == VIR_TRISTATE_BOOL_YES) {
4006 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4007 _("online non-hotpluggable vcpus need to be "
4008 "ordered prior to hotplugable vcpus"));
4009 return -1;
4010 }
4011
4012 /* they need to be in order (qemu doesn't support any order yet).
4013 * Also note that multiple vcpus may share order on some platforms */
4014 if (prevvcpu->order > vcpu->order) {
4015 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4016 _("online non-hotpluggable vcpus must be ordered "
4017 "in ascending order"));
4018 return -1;
4019 }
4020 }
4021
4022 prevvcpu = vcpu;
4023 }
4024
4025 return 0;
4026 }
4027
4028
4029 static int
qemuDomainDefSetDefaultCPU(virDomainDef * def,virArch hostarch,virQEMUCaps * qemuCaps)4030 qemuDomainDefSetDefaultCPU(virDomainDef *def,
4031 virArch hostarch,
4032 virQEMUCaps *qemuCaps)
4033 {
4034 const char *model;
4035
4036 if (def->cpu &&
4037 (def->cpu->mode != VIR_CPU_MODE_CUSTOM ||
4038 def->cpu->model))
4039 return 0;
4040
4041 if (!virCPUArchIsSupported(def->os.arch))
4042 return 0;
4043
4044 /* Default CPU model info from QEMU is usable for TCG only except for
4045 * x86, s390, and ppc64. */
4046 if (!ARCH_IS_X86(def->os.arch) &&
4047 !ARCH_IS_S390(def->os.arch) &&
4048 !ARCH_IS_PPC64(def->os.arch) &&
4049 def->virtType != VIR_DOMAIN_VIRT_QEMU)
4050 return 0;
4051
4052 model = virQEMUCapsGetMachineDefaultCPU(qemuCaps, def->os.machine, def->virtType);
4053 if (!model) {
4054 VIR_DEBUG("Unknown default CPU model for domain '%s'", def->name);
4055 return 0;
4056 }
4057
4058 if (STREQ(model, "host") && def->virtType != VIR_DOMAIN_VIRT_KVM) {
4059 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
4060 _("QEMU reports invalid default CPU model \"host\" "
4061 "for non-kvm domain virt type"));
4062 return -1;
4063 }
4064
4065 if (!def->cpu)
4066 def->cpu = virCPUDefNew();
4067
4068 def->cpu->type = VIR_CPU_TYPE_GUEST;
4069
4070 if (STREQ(model, "host")) {
4071 if (ARCH_IS_S390(def->os.arch) &&
4072 virQEMUCapsIsCPUModeSupported(qemuCaps, hostarch, def->virtType,
4073 VIR_CPU_MODE_HOST_MODEL,
4074 def->os.machine)) {
4075 def->cpu->mode = VIR_CPU_MODE_HOST_MODEL;
4076 } else {
4077 def->cpu->mode = VIR_CPU_MODE_HOST_PASSTHROUGH;
4078 }
4079
4080 VIR_DEBUG("Setting default CPU mode for domain '%s' to %s",
4081 def->name, virCPUModeTypeToString(def->cpu->mode));
4082 } else {
4083 /* We need to turn off all CPU checks when the domain is started
4084 * because the default CPU (e.g., qemu64) may not be runnable on any
4085 * host. QEMU will just disable the unavailable features and we will
4086 * update the CPU definition accordingly and set check to FULL when
4087 * starting the domain. */
4088 def->cpu->check = VIR_CPU_CHECK_NONE;
4089 def->cpu->mode = VIR_CPU_MODE_CUSTOM;
4090 def->cpu->match = VIR_CPU_MATCH_EXACT;
4091 def->cpu->fallback = VIR_CPU_FALLBACK_FORBID;
4092 def->cpu->model = g_strdup(model);
4093
4094 VIR_DEBUG("Setting default CPU model for domain '%s' to %s",
4095 def->name, model);
4096 }
4097
4098 return 0;
4099 }
4100
4101
4102 static int
qemuDomainDefCPUPostParse(virDomainDef * def,virQEMUCaps * qemuCaps)4103 qemuDomainDefCPUPostParse(virDomainDef *def,
4104 virQEMUCaps *qemuCaps)
4105 {
4106 virCPUFeatureDef *sveFeature = NULL;
4107 bool sveVectorLengthsProvided = false;
4108 size_t i;
4109
4110 if (!def->cpu)
4111 return 0;
4112
4113 if (def->cpu->cache) {
4114 virCPUCacheDef *cache = def->cpu->cache;
4115
4116 if (!ARCH_IS_X86(def->os.arch)) {
4117 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4118 _("CPU cache specification is not supported "
4119 "for '%s' architecture"),
4120 virArchToString(def->os.arch));
4121 return -1;
4122 }
4123
4124 switch (cache->mode) {
4125 case VIR_CPU_CACHE_MODE_EMULATE:
4126 if (cache->level != 3) {
4127 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4128 _("CPU cache mode '%s' can only be used with "
4129 "level='3'"),
4130 virCPUCacheModeTypeToString(cache->mode));
4131 return -1;
4132 }
4133 break;
4134
4135 case VIR_CPU_CACHE_MODE_PASSTHROUGH:
4136 if (def->cpu->mode != VIR_CPU_MODE_HOST_PASSTHROUGH &&
4137 def->cpu->mode != VIR_CPU_MODE_MAXIMUM) {
4138 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4139 _("CPU cache mode '%s' can only be used with "
4140 "'%s' / '%s' CPUs"),
4141 virCPUCacheModeTypeToString(cache->mode),
4142 virCPUModeTypeToString(VIR_CPU_MODE_HOST_PASSTHROUGH),
4143 virCPUModeTypeToString(VIR_CPU_MODE_MAXIMUM));
4144 return -1;
4145 }
4146
4147 if (cache->level != -1) {
4148 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4149 _("unsupported CPU cache level for mode '%s'"),
4150 virCPUCacheModeTypeToString(cache->mode));
4151 return -1;
4152 }
4153 break;
4154
4155 case VIR_CPU_CACHE_MODE_DISABLE:
4156 if (cache->level != -1) {
4157 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4158 _("unsupported CPU cache level for mode '%s'"),
4159 virCPUCacheModeTypeToString(cache->mode));
4160 return -1;
4161 }
4162 break;
4163
4164 case VIR_CPU_CACHE_MODE_LAST:
4165 break;
4166 }
4167 }
4168
4169 for (i = 0; i < def->cpu->nfeatures; i++) {
4170 virCPUFeatureDef *feature = &def->cpu->features[i];
4171
4172 if (STREQ(feature->name, "sve")) {
4173 sveFeature = feature;
4174 } else if (STRPREFIX(feature->name, "sve")) {
4175 sveVectorLengthsProvided = true;
4176 }
4177 }
4178
4179 if (sveVectorLengthsProvided) {
4180 if (sveFeature) {
4181 if (sveFeature->policy == VIR_CPU_FEATURE_DISABLE ||
4182 sveFeature->policy == VIR_CPU_FEATURE_FORBID) {
4183 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4184 _("SVE disabled, but SVE vector lengths provided"));
4185 return -1;
4186 } else {
4187 sveFeature->policy = VIR_CPU_FEATURE_REQUIRE;
4188 }
4189 } else {
4190 VIR_RESIZE_N(def->cpu->features, def->cpu->nfeatures_max,
4191 def->cpu->nfeatures, 1);
4192
4193 def->cpu->features[def->cpu->nfeatures].name = g_strdup("sve");
4194 def->cpu->features[def->cpu->nfeatures].policy = VIR_CPU_FEATURE_REQUIRE;
4195
4196 def->cpu->nfeatures++;
4197 }
4198 }
4199
4200 /* Running domains were either started before QEMU_CAPS_CPU_MIGRATABLE was
4201 * introduced and thus we can't rely on it or they already have the
4202 * migratable default set. */
4203 if (def->id == -1 &&
4204 qemuCaps &&
4205 def->cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH &&
4206 def->cpu->migratable == VIR_TRISTATE_SWITCH_ABSENT) {
4207 if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_CPU_MIGRATABLE))
4208 def->cpu->migratable = VIR_TRISTATE_SWITCH_ON;
4209 else if (ARCH_IS_X86(def->os.arch))
4210 def->cpu->migratable = VIR_TRISTATE_SWITCH_OFF;
4211 }
4212
4213 /* Nothing to be done if only CPU topology is specified. */
4214 if (def->cpu->mode == VIR_CPU_MODE_CUSTOM &&
4215 !def->cpu->model)
4216 return 0;
4217
4218 if (def->cpu->check != VIR_CPU_CHECK_DEFAULT)
4219 return 0;
4220
4221 switch ((virCPUMode) def->cpu->mode) {
4222 case VIR_CPU_MODE_HOST_PASSTHROUGH:
4223 case VIR_CPU_MODE_MAXIMUM:
4224 def->cpu->check = VIR_CPU_CHECK_NONE;
4225 break;
4226
4227 case VIR_CPU_MODE_HOST_MODEL:
4228 def->cpu->check = VIR_CPU_CHECK_PARTIAL;
4229 break;
4230
4231 case VIR_CPU_MODE_CUSTOM:
4232 /* Custom CPUs in TCG mode are not compared to host CPU by default. */
4233 if (def->virtType == VIR_DOMAIN_VIRT_QEMU)
4234 def->cpu->check = VIR_CPU_CHECK_NONE;
4235 else
4236 def->cpu->check = VIR_CPU_CHECK_PARTIAL;
4237 break;
4238
4239 case VIR_CPU_MODE_LAST:
4240 break;
4241 }
4242
4243 return 0;
4244 }
4245
4246
4247 static int
qemuDomainDefTsegPostParse(virDomainDef * def,virQEMUCaps * qemuCaps)4248 qemuDomainDefTsegPostParse(virDomainDef *def,
4249 virQEMUCaps *qemuCaps)
4250 {
4251 if (def->features[VIR_DOMAIN_FEATURE_SMM] != VIR_TRISTATE_SWITCH_ON)
4252 return 0;
4253
4254 if (!def->tseg_specified)
4255 return 0;
4256
4257 if (!qemuDomainIsQ35(def)) {
4258 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4259 _("SMM TSEG is only supported with q35 machine type"));
4260 return -1;
4261 }
4262
4263 if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MCH_EXTENDED_TSEG_MBYTES)) {
4264 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4265 _("Setting TSEG size is not supported with this QEMU binary"));
4266 return -1;
4267 }
4268
4269 if (def->tseg_size & ((1 << 20) - 1)) {
4270 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4271 _("SMM TSEG size must be divisible by 1 MiB"));
4272 return -1;
4273 }
4274
4275 return 0;
4276 }
4277
4278
4279 /**
4280 * qemuDomainDefNumaCPUsRectify:
4281 * @numa: pointer to numa definition
4282 * @maxCpus: number of CPUs this numa is supposed to have
4283 *
4284 * This function emulates the (to be deprecated) behavior of filling
4285 * up in node0 with the remaining CPUs, in case of an incomplete NUMA
4286 * setup, up to getVcpusMax.
4287 *
4288 * Returns: 0 on success, -1 on error
4289 */
4290 int
qemuDomainDefNumaCPUsRectify(virDomainDef * def,virQEMUCaps * qemuCaps)4291 qemuDomainDefNumaCPUsRectify(virDomainDef *def, virQEMUCaps *qemuCaps)
4292 {
4293 unsigned int vcpusMax, numacpus;
4294
4295 /* QEMU_CAPS_NUMA tells us if QEMU is able to handle disjointed
4296 * NUMA CPU ranges. The filling process will create a disjointed
4297 * setup in node0 most of the time. Do not proceed if QEMU
4298 * can't handle it.*/
4299 if (virDomainNumaGetNodeCount(def->numa) == 0 ||
4300 !virQEMUCapsGet(qemuCaps, QEMU_CAPS_NUMA))
4301 return 0;
4302
4303 vcpusMax = virDomainDefGetVcpusMax(def);
4304 numacpus = virDomainNumaGetCPUCountTotal(def->numa);
4305
4306 if (numacpus < vcpusMax) {
4307 if (virDomainNumaFillCPUsInNode(def->numa, 0, vcpusMax) < 0)
4308 return -1;
4309 }
4310
4311 return 0;
4312 }
4313
4314
4315 static int
qemuDomainDefNumaCPUsPostParse(virDomainDef * def,virQEMUCaps * qemuCaps)4316 qemuDomainDefNumaCPUsPostParse(virDomainDef *def,
4317 virQEMUCaps *qemuCaps)
4318 {
4319 return qemuDomainDefNumaCPUsRectify(def, qemuCaps);
4320 }
4321
4322
4323 static int
qemuDomainDefTPMsPostParse(virDomainDef * def)4324 qemuDomainDefTPMsPostParse(virDomainDef *def)
4325 {
4326 virDomainTPMDef *proxyTPM = NULL;
4327 virDomainTPMDef *regularTPM = NULL;
4328 size_t i;
4329
4330 for (i = 0; i < def->ntpms; i++) {
4331 virDomainTPMDef *tpm = def->tpms[i];
4332
4333 /* TPM 1.2 and 2 are not compatible, so we choose a specific version here */
4334 if (tpm->version == VIR_DOMAIN_TPM_VERSION_DEFAULT) {
4335 if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR ||
4336 tpm->model == VIR_DOMAIN_TPM_MODEL_CRB ||
4337 qemuDomainIsARMVirt(def))
4338 tpm->version = VIR_DOMAIN_TPM_VERSION_2_0;
4339 else
4340 tpm->version = VIR_DOMAIN_TPM_VERSION_1_2;
4341 }
4342
4343 if (tpm->model == VIR_DOMAIN_TPM_MODEL_SPAPR_PROXY) {
4344 if (proxyTPM) {
4345 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4346 _("only a single TPM Proxy device is supported"));
4347 return -1;
4348 } else {
4349 proxyTPM = tpm;
4350 }
4351 } else if (regularTPM) {
4352 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4353 _("only a single TPM non-proxy device is supported"));
4354 return -1;
4355 } else {
4356 regularTPM = tpm;
4357 }
4358 }
4359
4360 return 0;
4361 }
4362
4363
4364 static int
qemuDomainDefPostParseBasic(virDomainDef * def,void * opaque G_GNUC_UNUSED)4365 qemuDomainDefPostParseBasic(virDomainDef *def,
4366 void *opaque G_GNUC_UNUSED)
4367 {
4368 virQEMUDriver *driver = opaque;
4369
4370 /* check for emulator and create a default one if needed */
4371 if (!def->emulator) {
4372 if (!(def->emulator = virQEMUCapsGetDefaultEmulator(
4373 driver->hostarch, def->os.arch))) {
4374 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4375 _("No emulator found for arch '%s'"),
4376 virArchToString(def->os.arch));
4377 return 1;
4378 }
4379 }
4380
4381 return 0;
4382 }
4383
4384
4385 static int
qemuDomainDefPostParse(virDomainDef * def,unsigned int parseFlags,void * opaque,void * parseOpaque)4386 qemuDomainDefPostParse(virDomainDef *def,
4387 unsigned int parseFlags,
4388 void *opaque,
4389 void *parseOpaque)
4390 {
4391 virQEMUDriver *driver = opaque;
4392 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
4393 virQEMUCaps *qemuCaps = parseOpaque;
4394
4395 /* Note that qemuCaps may be NULL when this function is called. This
4396 * function shall not fail in that case. It will be re-run on VM startup
4397 * with the capabilities populated.
4398 */
4399 if (!qemuCaps)
4400 return 1;
4401
4402 if (def->os.bootloader || def->os.bootloaderArgs) {
4403 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4404 _("bootloader is not supported by QEMU"));
4405 return -1;
4406 }
4407
4408 if (!def->os.machine) {
4409 const char *machine = virQEMUCapsGetPreferredMachine(qemuCaps,
4410 def->virtType);
4411 if (!machine) {
4412 virReportError(VIR_ERR_INVALID_ARG,
4413 _("could not get preferred machine for %s type=%s"),
4414 def->emulator,
4415 virDomainVirtTypeToString(def->virtType));
4416 return -1;
4417 }
4418
4419 def->os.machine = g_strdup(machine);
4420 }
4421
4422 qemuDomainNVRAMPathGenerate(cfg, def);
4423
4424 if (qemuDomainDefAddDefaultDevices(driver, def, qemuCaps) < 0)
4425 return -1;
4426
4427 if (qemuCanonicalizeMachine(def, qemuCaps) < 0)
4428 return -1;
4429
4430 if (qemuDomainDefSetDefaultCPU(def, driver->hostarch, qemuCaps) < 0)
4431 return -1;
4432
4433 qemuDomainDefEnableDefaultFeatures(def, qemuCaps);
4434
4435 if (qemuDomainRecheckInternalPaths(def, cfg, parseFlags) < 0)
4436 return -1;
4437
4438 if (qemuSecurityVerify(driver->securityManager, def) < 0)
4439 return -1;
4440
4441 if (qemuDomainDefVcpusPostParse(def) < 0)
4442 return -1;
4443
4444 if (qemuDomainDefCPUPostParse(def, qemuCaps) < 0)
4445 return -1;
4446
4447 if (qemuDomainDefTsegPostParse(def, qemuCaps) < 0)
4448 return -1;
4449
4450 if (qemuDomainDefNumaCPUsPostParse(def, qemuCaps) < 0)
4451 return -1;
4452
4453 if (qemuDomainDefTPMsPostParse(def) < 0)
4454 return -1;
4455
4456 return 0;
4457 }
4458
4459
4460 int
qemuDomainValidateActualNetDef(const virDomainNetDef * net,virQEMUCaps * qemuCaps G_GNUC_UNUSED)4461 qemuDomainValidateActualNetDef(const virDomainNetDef *net,
4462 virQEMUCaps *qemuCaps G_GNUC_UNUSED)
4463 {
4464 /*
4465 * Validations that can only be properly checked at runtime (after
4466 * an <interface type='network'> has been resolved to its actual
4467 * type.
4468 *
4469 * (In its current form this function can still be called before
4470 * the actual type has been resolved (e.g. at domain definition
4471 * time), but only if the validations would SUCCEED for
4472 * type='network'.)
4473 */
4474 char macstr[VIR_MAC_STRING_BUFLEN];
4475 virDomainNetType actualType = virDomainNetGetActualType(net);
4476
4477 virMacAddrFormat(&net->mac, macstr);
4478
4479 /* hypervisor-agnostic validation */
4480 if (virDomainActualNetDefValidate(net) < 0)
4481 return -1;
4482
4483 /* QEMU-specific validation */
4484
4485 /* Only tap/macvtap devices support multiqueue. */
4486 if (net->driver.virtio.queues > 0) {
4487
4488 if (!(actualType == VIR_DOMAIN_NET_TYPE_NETWORK ||
4489 actualType == VIR_DOMAIN_NET_TYPE_BRIDGE ||
4490 actualType == VIR_DOMAIN_NET_TYPE_DIRECT ||
4491 actualType == VIR_DOMAIN_NET_TYPE_ETHERNET ||
4492 actualType == VIR_DOMAIN_NET_TYPE_VHOSTUSER)) {
4493 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4494 _("interface %s - multiqueue is not supported for network interfaces of type %s"),
4495 macstr, virDomainNetTypeToString(actualType));
4496 return -1;
4497 }
4498 }
4499
4500 /*
4501 * Only standard tap devices support nwfilter rules, and even then only
4502 * when *not* connected to an OVS bridge or midonet (indicated by having
4503 * a <virtualport> element in the config)
4504 */
4505 if (net->filter) {
4506 const virNetDevVPortProfile *vport = virDomainNetGetActualVirtPortProfile(net);
4507
4508 if (!(actualType == VIR_DOMAIN_NET_TYPE_NETWORK ||
4509 actualType == VIR_DOMAIN_NET_TYPE_BRIDGE ||
4510 actualType == VIR_DOMAIN_NET_TYPE_ETHERNET)) {
4511 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4512 _("interface %s - filterref is not supported for network interfaces of type %s"),
4513 macstr, virDomainNetTypeToString(actualType));
4514 return -1;
4515 }
4516 if (vport && vport->virtPortType != VIR_NETDEV_VPORT_PROFILE_NONE) {
4517 /* currently none of the defined virtualport types support iptables */
4518 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4519 _("interface %s - filterref is not supported for network interfaces with virtualport type %s"),
4520 macstr, virNetDevVPortTypeToString(vport->virtPortType));
4521 return -1;
4522 }
4523 }
4524
4525 if (net->backend.tap &&
4526 !(actualType == VIR_DOMAIN_NET_TYPE_NETWORK ||
4527 actualType == VIR_DOMAIN_NET_TYPE_BRIDGE ||
4528 actualType == VIR_DOMAIN_NET_TYPE_ETHERNET)) {
4529 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4530 _("interface %s - custom tap device path is not supported for network interfaces of type %s"),
4531 macstr, virDomainNetTypeToString(actualType));
4532 return -1;
4533 }
4534
4535 if (net->teaming && net->teaming->type == VIR_DOMAIN_NET_TEAMING_TYPE_TRANSIENT &&
4536 actualType != VIR_DOMAIN_NET_TYPE_HOSTDEV) {
4537 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4538 _("interface %s - teaming transient device must be type='hostdev', not '%s'"),
4539 macstr, virDomainNetTypeToString(actualType));
4540 return -1;
4541 }
4542 return 0;
4543 }
4544
4545
4546 int
qemuDomainValidateStorageSource(virStorageSource * src,virQEMUCaps * qemuCaps,bool maskBlockdev)4547 qemuDomainValidateStorageSource(virStorageSource *src,
4548 virQEMUCaps *qemuCaps,
4549 bool maskBlockdev)
4550 {
4551 int actualType = virStorageSourceGetActualType(src);
4552 bool blockdev = virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV);
4553
4554 if (maskBlockdev)
4555 blockdev = false;
4556
4557 if (src->format == VIR_STORAGE_FILE_COW) {
4558 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4559 _("'cow' storage format is not supported"));
4560 return -1;
4561 }
4562
4563 if (src->format == VIR_STORAGE_FILE_DIR) {
4564 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4565 _("'directory' storage format is not directly supported by QEMU, "
4566 "use 'dir' disk type instead"));
4567 return -1;
4568 }
4569
4570 if (src->format == VIR_STORAGE_FILE_ISO) {
4571 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4572 _("storage format 'iso' is not directly supported by QEMU, "
4573 "use 'raw' instead"));
4574 return -1;
4575 }
4576
4577 if ((src->format == VIR_STORAGE_FILE_QCOW ||
4578 src->format == VIR_STORAGE_FILE_QCOW2) &&
4579 src->encryption &&
4580 (src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT ||
4581 src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_QCOW)) {
4582 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4583 _("old qcow/qcow2 encryption is not supported"));
4584 return -1;
4585 }
4586
4587 if (src->format == VIR_STORAGE_FILE_QCOW2 &&
4588 src->encryption &&
4589 src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
4590 !virQEMUCapsGet(qemuCaps, QEMU_CAPS_QCOW2_LUKS)) {
4591 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4592 _("LUKS encrypted QCOW2 images are not supported by this QEMU"));
4593 return -1;
4594 }
4595
4596 if (src->format == VIR_STORAGE_FILE_FAT &&
4597 actualType != VIR_STORAGE_TYPE_VOLUME &&
4598 actualType != VIR_STORAGE_TYPE_DIR) {
4599 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4600 _("storage format 'fat' is supported only with 'dir' "
4601 "storage type"));
4602 return -1;
4603 }
4604
4605 if (actualType == VIR_STORAGE_TYPE_DIR) {
4606 if (src->format > 0 &&
4607 src->format != VIR_STORAGE_FILE_FAT) {
4608 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4609 _("storage type 'dir' requires use of storage format 'fat'"));
4610 return -1;
4611 }
4612
4613 if (!src->readonly) {
4614 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4615 _("virtual FAT storage can't be accessed in read-write mode"));
4616 return -1;
4617 }
4618 }
4619
4620 if (src->pr &&
4621 !virQEMUCapsGet(qemuCaps, QEMU_CAPS_PR_MANAGER_HELPER)) {
4622 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4623 _("reservations not supported with this QEMU binary"));
4624 return -1;
4625 }
4626
4627 if (src->sliceStorage) {
4628 /* In pre-blockdev era we can't configure the slice so we can allow them
4629 * only for detected backing store entries as they are populated
4630 * from a place that qemu would be able to read */
4631 if (!src->detected && !blockdev) {
4632 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4633 _("storage slice is not supported by this QEMU binary"));
4634 return -1;
4635 }
4636 }
4637
4638 if (src->sslverify != VIR_TRISTATE_BOOL_ABSENT) {
4639 if (actualType != VIR_STORAGE_TYPE_NETWORK ||
4640 (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS &&
4641 src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) {
4642 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4643 _("ssl verification is supported only with HTTPS/FTPS protocol"));
4644 return -1;
4645 }
4646
4647 if (!src->detected && !blockdev) {
4648 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4649 _("ssl verification setting is not supported by this QEMU binary"));
4650 return -1;
4651 }
4652 }
4653
4654 if (src->ncookies > 0) {
4655 if (actualType != VIR_STORAGE_TYPE_NETWORK ||
4656 (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS &&
4657 src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP)) {
4658 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4659 _("http cookies are supported only with HTTP(S) protocol"));
4660 return -1;
4661 }
4662
4663 if (!src->detected && !blockdev) {
4664 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4665 _("http cookies are not supported by this QEMU binary"));
4666 return -1;
4667 }
4668
4669 if (virStorageSourceNetCookiesValidate(src) < 0)
4670 return -1;
4671 }
4672
4673 if (src->readahead > 0) {
4674 if (actualType != VIR_STORAGE_TYPE_NETWORK ||
4675 (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS &&
4676 src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP &&
4677 src->protocol != VIR_STORAGE_NET_PROTOCOL_FTP &&
4678 src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) {
4679 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4680 _("readahead is supported only with HTTP(S)/FTP(s) protocols"));
4681 return -1;
4682 }
4683
4684 if (!src->detected && !blockdev) {
4685 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4686 _("readahead setting is not supported with this QEMU binary"));
4687 return -1;
4688 }
4689 }
4690
4691 if (src->timeout > 0) {
4692 if (actualType != VIR_STORAGE_TYPE_NETWORK ||
4693 (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS &&
4694 src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP &&
4695 src->protocol != VIR_STORAGE_NET_PROTOCOL_FTP &&
4696 src->protocol != VIR_STORAGE_NET_PROTOCOL_FTPS)) {
4697 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4698 _("timeout is supported only with HTTP(S)/FTP(s) protocols"));
4699 return -1;
4700 }
4701
4702 if (!src->detected && !blockdev) {
4703 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4704 _("timeout setting is not supported with this QEMU binary"));
4705 return -1;
4706 }
4707 }
4708
4709 if (src->query &&
4710 (actualType != VIR_STORAGE_TYPE_NETWORK ||
4711 (src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTPS &&
4712 src->protocol != VIR_STORAGE_NET_PROTOCOL_HTTP))) {
4713 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4714 _("query is supported only with HTTP(S) protocols"));
4715 return -1;
4716 }
4717
4718 /* TFTP protocol was not supported for some time, lock it out at least with
4719 * -blockdev */
4720 if (actualType == VIR_STORAGE_TYPE_NETWORK &&
4721 src->protocol == VIR_STORAGE_NET_PROTOCOL_TFTP &&
4722 blockdev) {
4723 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4724 _("'tftp' protocol is not supported with this QEMU binary"));
4725 return -1;
4726 }
4727
4728 if (actualType == VIR_STORAGE_TYPE_NETWORK &&
4729 src->protocol == VIR_STORAGE_NET_PROTOCOL_NFS) {
4730 /* NFS protocol may only be used if current QEMU supports blockdev */
4731 if (!blockdev) {
4732 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4733 _("'nfs' protocol is not supported with this QEMU binary"));
4734 return -1;
4735 }
4736
4737 /* NFS protocol must have exactly one host */
4738 if (src->nhosts != 1) {
4739 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4740 _("'nfs' protocol requires the usage of exactly one host"));
4741 return -1;
4742 }
4743
4744 /* NFS can only use a TCP protocol */
4745 if (src->hosts[0].transport != VIR_STORAGE_NET_HOST_TRANS_TCP) {
4746 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4747 _("'nfs' host must use TCP protocol"));
4748 return -1;
4749 }
4750
4751 /* NFS host cannot have a port */
4752 if (src->hosts[0].port != 0) {
4753 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4754 _("port cannot be specified in 'nfs' protocol host"));
4755 return -1;
4756 }
4757 }
4758
4759 /* metadata cache size control is currently supported only for qcow2 */
4760 if (src->metadataCacheMaxSize > 0) {
4761 if (src->format != VIR_STORAGE_FILE_QCOW2) {
4762 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4763 _("metadata cache max size control is supported only with qcow2 images"));
4764 return -1;
4765 }
4766
4767 if (!blockdev) {
4768 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4769 _("metadata cache max size control is not supported with this QEMU binary"));
4770 return -1;
4771 }
4772 }
4773
4774 if (src->encryption) {
4775 switch (src->encryption->engine) {
4776 case VIR_STORAGE_ENCRYPTION_ENGINE_QEMU:
4777 switch ((virStorageEncryptionFormatType) src->encryption->format) {
4778 case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS:
4779 case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW:
4780 break;
4781
4782 case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2:
4783 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4784 _("luks2 is currently not supported by the qemu encryption engine"));
4785 return -1;
4786
4787 case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT:
4788 case VIR_STORAGE_ENCRYPTION_FORMAT_LAST:
4789 default:
4790 virReportEnumRangeError(virStorageEncryptionFormatType,
4791 src->encryption->format);
4792 return -1;
4793 }
4794
4795 break;
4796 case VIR_STORAGE_ENCRYPTION_ENGINE_LIBRBD:
4797 if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_RBD_ENCRYPTION)) {
4798 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4799 _("librbd encryption is not supported by this QEMU binary"));
4800 return -1;
4801 }
4802
4803 switch ((virStorageEncryptionFormatType) src->encryption->format) {
4804 case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS:
4805 case VIR_STORAGE_ENCRYPTION_FORMAT_LUKS2:
4806 break;
4807
4808 case VIR_STORAGE_ENCRYPTION_FORMAT_QCOW:
4809 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
4810 _("librbd encryption engine only supports luks/luks2 formats"));
4811 return -1;
4812
4813 case VIR_STORAGE_ENCRYPTION_FORMAT_DEFAULT:
4814 case VIR_STORAGE_ENCRYPTION_FORMAT_LAST:
4815 default:
4816 virReportEnumRangeError(virStorageEncryptionFormatType,
4817 src->encryption->format);
4818 return -1;
4819 }
4820
4821 break;
4822 case VIR_STORAGE_ENCRYPTION_ENGINE_DEFAULT:
4823 case VIR_STORAGE_ENCRYPTION_ENGINE_LAST:
4824 virReportEnumRangeError(virStorageEncryptionEngine,
4825 src->encryption->engine);
4826 return -1;
4827 }
4828 }
4829
4830 return 0;
4831 }
4832
4833
4834 /**
4835 * qemuDomainDefaultNetModel:
4836 * @def: domain definition
4837 * @qemuCaps: qemu capabilities
4838 *
4839 * Returns the default network model for a given domain. Note that if @qemuCaps
4840 * is NULL this function may return NULL if the default model depends on the
4841 * capabilities.
4842 */
4843 static int
qemuDomainDefaultNetModel(const virDomainDef * def,virQEMUCaps * qemuCaps)4844 qemuDomainDefaultNetModel(const virDomainDef *def,
4845 virQEMUCaps *qemuCaps)
4846 {
4847 if (ARCH_IS_S390(def->os.arch))
4848 return VIR_DOMAIN_NET_MODEL_VIRTIO;
4849
4850 if (def->os.arch == VIR_ARCH_ARMV6L ||
4851 def->os.arch == VIR_ARCH_ARMV7L ||
4852 def->os.arch == VIR_ARCH_AARCH64) {
4853 if (STREQ(def->os.machine, "versatilepb"))
4854 return VIR_DOMAIN_NET_MODEL_SMC91C111;
4855
4856 if (qemuDomainIsARMVirt(def))
4857 return VIR_DOMAIN_NET_MODEL_VIRTIO;
4858
4859 /* Incomplete. vexpress (and a few others) use this, but not all
4860 * arm boards */
4861 return VIR_DOMAIN_NET_MODEL_LAN9118;
4862 }
4863
4864 /* virtio is a sensible default for RISC-V virt guests */
4865 if (qemuDomainIsRISCVVirt(def))
4866 return VIR_DOMAIN_NET_MODEL_VIRTIO;
4867
4868 /* In all other cases the model depends on the capabilities. If they were
4869 * not provided don't report any default. */
4870 if (!qemuCaps)
4871 return VIR_DOMAIN_NET_MODEL_UNKNOWN;
4872
4873 /* Try several network devices in turn; each of these devices is
4874 * less likely be supported out-of-the-box by the guest operating
4875 * system than the previous one */
4876 if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_RTL8139))
4877 return VIR_DOMAIN_NET_MODEL_RTL8139;
4878 else if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_E1000))
4879 return VIR_DOMAIN_NET_MODEL_E1000;
4880 else if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VIRTIO_NET))
4881 return VIR_DOMAIN_NET_MODEL_VIRTIO;
4882
4883 /* We've had no luck detecting support for any network device,
4884 * but we have to return something: might as well be rtl8139 */
4885 return VIR_DOMAIN_NET_MODEL_RTL8139;
4886 }
4887
4888
4889 /*
4890 * Clear auto generated unix socket paths:
4891 *
4892 * libvirt 1.2.18 and older:
4893 * {cfg->channelTargetDir}/{dom-name}.{target-name}
4894 *
4895 * libvirt 1.2.19 - 1.3.2:
4896 * {cfg->channelTargetDir}/domain-{dom-name}/{target-name}
4897 *
4898 * libvirt 1.3.3 and newer:
4899 * {cfg->channelTargetDir}/domain-{dom-id}-{short-dom-name}/{target-name}
4900 *
4901 * The unix socket path was stored in config XML until libvirt 1.3.0.
4902 * If someone specifies the same path as we generate, they shouldn't do it.
4903 *
4904 * This function clears the path for migration as well, so we need to clear
4905 * the path even if we are not storing it in the XML.
4906 */
4907 static void
qemuDomainChrDefDropDefaultPath(virDomainChrDef * chr,virQEMUDriver * driver)4908 qemuDomainChrDefDropDefaultPath(virDomainChrDef *chr,
4909 virQEMUDriver *driver)
4910 {
4911 g_autoptr(virQEMUDriverConfig) cfg = NULL;
4912 g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
4913 g_autofree char *regexp = NULL;
4914
4915 if (chr->deviceType != VIR_DOMAIN_CHR_DEVICE_TYPE_CHANNEL ||
4916 chr->targetType != VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO ||
4917 chr->source->type != VIR_DOMAIN_CHR_TYPE_UNIX ||
4918 !chr->source->data.nix.path) {
4919 return;
4920 }
4921
4922 cfg = virQEMUDriverGetConfig(driver);
4923
4924 virBufferEscapeRegex(&buf, "^%s", cfg->channelTargetDir);
4925 virBufferAddLit(&buf, "/([^/]+\\.)|(domain-[^/]+/)");
4926 virBufferEscapeRegex(&buf, "%s$", chr->target.name);
4927
4928 regexp = virBufferContentAndReset(&buf);
4929
4930 if (virStringMatch(chr->source->data.nix.path, regexp))
4931 VIR_FREE(chr->source->data.nix.path);
4932 }
4933
4934
4935 static int
qemuDomainShmemDefPostParse(virDomainShmemDef * shm)4936 qemuDomainShmemDefPostParse(virDomainShmemDef *shm)
4937 {
4938 /* This was the default since the introduction of this device. */
4939 if (shm->model != VIR_DOMAIN_SHMEM_MODEL_IVSHMEM_DOORBELL && !shm->size)
4940 shm->size = 4 << 20;
4941
4942 /* Nothing more to check/change for IVSHMEM */
4943 if (shm->model == VIR_DOMAIN_SHMEM_MODEL_IVSHMEM)
4944 return 0;
4945
4946 if (!shm->server.enabled) {
4947 if (shm->model == VIR_DOMAIN_SHMEM_MODEL_IVSHMEM_DOORBELL) {
4948 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4949 _("shmem model '%s' is supported "
4950 "only with server option enabled"),
4951 virDomainShmemModelTypeToString(shm->model));
4952 return -1;
4953 }
4954
4955 if (shm->msi.enabled) {
4956 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4957 _("shmem model '%s' doesn't support "
4958 "msi"),
4959 virDomainShmemModelTypeToString(shm->model));
4960 }
4961 } else {
4962 if (shm->model == VIR_DOMAIN_SHMEM_MODEL_IVSHMEM_PLAIN) {
4963 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4964 _("shmem model '%s' is supported "
4965 "only with server option disabled"),
4966 virDomainShmemModelTypeToString(shm->model));
4967 return -1;
4968 }
4969
4970 if (shm->size) {
4971 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
4972 _("shmem model '%s' does not support size setting"),
4973 virDomainShmemModelTypeToString(shm->model));
4974 return -1;
4975 }
4976 shm->msi.enabled = true;
4977 if (!shm->msi.ioeventfd)
4978 shm->msi.ioeventfd = VIR_TRISTATE_SWITCH_ON;
4979 }
4980
4981 return 0;
4982 }
4983
4984
4985 #define QEMU_USB_XHCI_MAXPORTS 15
4986
4987
4988 static int
qemuDomainControllerDefPostParse(virDomainControllerDef * cont,const virDomainDef * def,virQEMUCaps * qemuCaps,unsigned int parseFlags)4989 qemuDomainControllerDefPostParse(virDomainControllerDef *cont,
4990 const virDomainDef *def,
4991 virQEMUCaps *qemuCaps,
4992 unsigned int parseFlags)
4993 {
4994 switch ((virDomainControllerType)cont->type) {
4995 case VIR_DOMAIN_CONTROLLER_TYPE_SCSI:
4996 /* Set the default SCSI controller model if not already set */
4997 if (qemuDomainSetSCSIControllerModel(def, cont, qemuCaps) < 0)
4998 return -1;
4999 break;
5000
5001 case VIR_DOMAIN_CONTROLLER_TYPE_USB:
5002 if (cont->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_DEFAULT && qemuCaps) {
5003 /* Pick a suitable default model for the USB controller if none
5004 * has been selected by the user and we have the qemuCaps for
5005 * figuring out which controllers are supported.
5006 *
5007 * We rely on device availability instead of setting the model
5008 * unconditionally because, for some machine types, there's a
5009 * chance we will get away with using the legacy USB controller
5010 * when the relevant device is not available.
5011 *
5012 * See qemuBuildControllerDevCommandLine() */
5013
5014 /* Default USB controller is piix3-uhci if available. */
5015 if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_PIIX3_USB_UHCI))
5016 cont->model = VIR_DOMAIN_CONTROLLER_MODEL_USB_PIIX3_UHCI;
5017
5018 if (ARCH_IS_S390(def->os.arch)) {
5019 if (cont->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
5020 /* set the default USB model to none for s390 unless an
5021 * address is found */
5022 cont->model = VIR_DOMAIN_CONTROLLER_MODEL_USB_NONE;
5023 }
5024 } else if (ARCH_IS_PPC64(def->os.arch)) {
5025 /* To not break migration we need to set default USB controller
5026 * for ppc64 to pci-ohci if we cannot change ABI of the VM.
5027 * The nec-usb-xhci or qemu-xhci controller is used as default
5028 * only for newly defined domains or devices. */
5029 if ((parseFlags & VIR_DOMAIN_DEF_PARSE_ABI_UPDATE) &&
5030 virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_QEMU_XHCI)) {
5031 cont->model = VIR_DOMAIN_CONTROLLER_MODEL_USB_QEMU_XHCI;
5032 } else if ((parseFlags & VIR_DOMAIN_DEF_PARSE_ABI_UPDATE) &&
5033 virQEMUCapsGet(qemuCaps, QEMU_CAPS_NEC_USB_XHCI)) {
5034 cont->model = VIR_DOMAIN_CONTROLLER_MODEL_USB_NEC_XHCI;
5035 } else if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_PCI_OHCI)) {
5036 cont->model = VIR_DOMAIN_CONTROLLER_MODEL_USB_PCI_OHCI;
5037 } else {
5038 /* Explicitly fallback to legacy USB controller for PPC64. */
5039 cont->model = -1;
5040 }
5041 } else if (def->os.arch == VIR_ARCH_AARCH64) {
5042 if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_QEMU_XHCI))
5043 cont->model = VIR_DOMAIN_CONTROLLER_MODEL_USB_QEMU_XHCI;
5044 else if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_NEC_USB_XHCI))
5045 cont->model = VIR_DOMAIN_CONTROLLER_MODEL_USB_NEC_XHCI;
5046 }
5047 }
5048 /* forbid usb model 'qusb1' and 'qusb2' in this kind of hyperviosr */
5049 if (cont->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_QUSB1 ||
5050 cont->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_QUSB2) {
5051 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
5052 _("USB controller model type 'qusb1' or 'qusb2' "
5053 "is not supported in %s"),
5054 virDomainVirtTypeToString(def->virtType));
5055 return -1;
5056 }
5057 if ((cont->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_NEC_XHCI ||
5058 cont->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_QEMU_XHCI) &&
5059 cont->opts.usbopts.ports > QEMU_USB_XHCI_MAXPORTS) {
5060 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
5061 _("'%s' controller only supports up to '%u' ports"),
5062 virDomainControllerModelUSBTypeToString(cont->model),
5063 QEMU_USB_XHCI_MAXPORTS);
5064 return -1;
5065 }
5066 break;
5067
5068 case VIR_DOMAIN_CONTROLLER_TYPE_PCI:
5069
5070 /* pSeries guests can have multiple pci-root controllers,
5071 * but other machine types only support a single one */
5072 if (!qemuDomainIsPSeries(def) &&
5073 (cont->model == VIR_DOMAIN_CONTROLLER_MODEL_PCI_ROOT ||
5074 cont->model == VIR_DOMAIN_CONTROLLER_MODEL_PCIE_ROOT) &&
5075 cont->idx != 0) {
5076 virReportError(VIR_ERR_XML_ERROR, "%s",
5077 _("pci-root and pcie-root controllers "
5078 "should have index 0"));
5079 return -1;
5080 }
5081
5082 if (cont->model == VIR_DOMAIN_CONTROLLER_MODEL_PCI_EXPANDER_BUS &&
5083 !qemuDomainIsI440FX(def)) {
5084 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
5085 _("pci-expander-bus controllers are only supported "
5086 "on 440fx-based machinetypes"));
5087 return -1;
5088 }
5089 if (cont->model == VIR_DOMAIN_CONTROLLER_MODEL_PCIE_EXPANDER_BUS &&
5090 !(qemuDomainIsQ35(def) || qemuDomainIsARMVirt(def))) {
5091 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
5092 _("pcie-expander-bus controllers are not supported "
5093 "with this machine type"));
5094 return -1;
5095 }
5096
5097 /* if a PCI expander bus or pci-root on Pseries has a NUMA node
5098 * set, make sure that NUMA node is configured in the guest
5099 * <cpu><numa> array. NUMA cell id's in this array are numbered
5100 * from 0 .. size-1.
5101 */
5102 if (cont->opts.pciopts.numaNode >= 0 &&
5103 cont->opts.pciopts.numaNode >=
5104 (int)virDomainNumaGetNodeCount(def->numa)) {
5105 virReportError(VIR_ERR_XML_ERROR,
5106 _("%s with index %d is "
5107 "configured for a NUMA node (%d) "
5108 "not present in the domain's "
5109 "<cpu><numa> array (%zu)"),
5110 virDomainControllerModelPCITypeToString(cont->model),
5111 cont->idx, cont->opts.pciopts.numaNode,
5112 virDomainNumaGetNodeCount(def->numa));
5113 return -1;
5114 }
5115 break;
5116
5117 case VIR_DOMAIN_CONTROLLER_TYPE_SATA:
5118 case VIR_DOMAIN_CONTROLLER_TYPE_VIRTIO_SERIAL:
5119 case VIR_DOMAIN_CONTROLLER_TYPE_CCID:
5120 case VIR_DOMAIN_CONTROLLER_TYPE_IDE:
5121 case VIR_DOMAIN_CONTROLLER_TYPE_FDC:
5122 case VIR_DOMAIN_CONTROLLER_TYPE_XENBUS:
5123 case VIR_DOMAIN_CONTROLLER_TYPE_ISA:
5124 case VIR_DOMAIN_CONTROLLER_TYPE_LAST:
5125 break;
5126 }
5127
5128 return 0;
5129 }
5130
5131 static int
qemuDomainChrDefPostParse(virDomainChrDef * chr,const virDomainDef * def,virQEMUDriver * driver,unsigned int parseFlags)5132 qemuDomainChrDefPostParse(virDomainChrDef *chr,
5133 const virDomainDef *def,
5134 virQEMUDriver *driver,
5135 unsigned int parseFlags)
5136 {
5137 /* Historically, isa-serial and the default matched, so in order to
5138 * maintain backwards compatibility we map them here. The actual default
5139 * will be picked below based on the architecture and machine type. */
5140 if (chr->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL &&
5141 chr->targetType == VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_ISA) {
5142 chr->targetType = VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_NONE;
5143 }
5144
5145 /* Set the default serial type */
5146 if (chr->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL &&
5147 chr->targetType == VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_NONE) {
5148 if (ARCH_IS_X86(def->os.arch)) {
5149 chr->targetType = VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_ISA;
5150 } else if (qemuDomainIsPSeries(def)) {
5151 chr->targetType = VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SPAPR_VIO;
5152 } else if (qemuDomainIsARMVirt(def) || qemuDomainIsRISCVVirt(def)) {
5153 chr->targetType = VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SYSTEM;
5154 } else if (ARCH_IS_S390(def->os.arch)) {
5155 chr->targetType = VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SCLP;
5156 }
5157 }
5158
5159 /* Set the default target model */
5160 if (chr->deviceType == VIR_DOMAIN_CHR_DEVICE_TYPE_SERIAL &&
5161 chr->targetModel == VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_NONE) {
5162 switch ((virDomainChrSerialTargetType)chr->targetType) {
5163 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_ISA:
5164 chr->targetModel = VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_ISA_SERIAL;
5165 break;
5166 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_USB:
5167 chr->targetModel = VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_USB_SERIAL;
5168 break;
5169 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_PCI:
5170 chr->targetModel = VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_PCI_SERIAL;
5171 break;
5172 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SPAPR_VIO:
5173 chr->targetModel = VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_SPAPR_VTY;
5174 break;
5175 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SYSTEM:
5176 if (qemuDomainIsARMVirt(def)) {
5177 chr->targetModel = VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_PL011;
5178 } else if (qemuDomainIsRISCVVirt(def)) {
5179 chr->targetModel = VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_16550A;
5180 }
5181 break;
5182 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SCLP:
5183 chr->targetModel = VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_SCLPCONSOLE;
5184 break;
5185 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_NONE:
5186 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_LAST:
5187 /* Nothing to do */
5188 break;
5189 }
5190 }
5191
5192 /* clear auto generated unix socket path for inactive definitions */
5193 if (parseFlags & VIR_DOMAIN_DEF_PARSE_INACTIVE) {
5194 qemuDomainChrDefDropDefaultPath(chr, driver);
5195
5196 /* For UNIX chardev if no path is provided we generate one.
5197 * This also implies that the mode is 'bind'. */
5198 if (chr->source &&
5199 chr->source->type == VIR_DOMAIN_CHR_TYPE_UNIX &&
5200 !chr->source->data.nix.path) {
5201 chr->source->data.nix.listen = true;
5202 }
5203 }
5204
5205 return 0;
5206 }
5207
5208
5209 /**
5210 * qemuDomainDeviceDiskDefPostParseRestoreSecAlias:
5211 *
5212 * Re-generate aliases for objects related to the storage source if they
5213 * were not stored in the status XML by an older libvirt.
5214 *
5215 * Note that qemuCaps should be always present for a status XML.
5216 */
5217 static int
qemuDomainDeviceDiskDefPostParseRestoreSecAlias(virDomainDiskDef * disk,unsigned int parseFlags)5218 qemuDomainDeviceDiskDefPostParseRestoreSecAlias(virDomainDiskDef *disk,
5219 unsigned int parseFlags)
5220 {
5221 qemuDomainStorageSourcePrivate *priv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src);
5222 bool restoreAuthSecret = false;
5223 bool restoreEncSecret = false;
5224 g_autofree char *authalias = NULL;
5225 g_autofree char *encalias = NULL;
5226
5227 if (!(parseFlags & VIR_DOMAIN_DEF_PARSE_STATUS) ||
5228 virStorageSourceIsEmpty(disk->src))
5229 return 0;
5230
5231 /* network storage authentication secret */
5232 if (disk->src->auth &&
5233 (!priv || !priv->secinfo)) {
5234
5235 /* only RBD and iSCSI (with capability) were supporting authentication
5236 * using secret object at the time we did not format the alias into the
5237 * status XML */
5238 if (virStorageSourceGetActualType(disk->src) == VIR_STORAGE_TYPE_NETWORK &&
5239 (disk->src->protocol == VIR_STORAGE_NET_PROTOCOL_RBD ||
5240 disk->src->protocol == VIR_STORAGE_NET_PROTOCOL_ISCSI))
5241 restoreAuthSecret = true;
5242 }
5243
5244 /* disk encryption secret */
5245 if (disk->src->encryption &&
5246 disk->src->encryption->format == VIR_STORAGE_ENCRYPTION_FORMAT_LUKS &&
5247 (!priv || !priv->encinfo))
5248 restoreEncSecret = true;
5249
5250 if (!restoreAuthSecret && !restoreEncSecret)
5251 return 0;
5252
5253 if (!priv) {
5254 if (!(disk->src->privateData = qemuDomainStorageSourcePrivateNew()))
5255 return -1;
5256
5257 priv = QEMU_DOMAIN_STORAGE_SOURCE_PRIVATE(disk->src);
5258 }
5259
5260 if (restoreAuthSecret) {
5261 authalias = g_strdup_printf("%s-secret0", disk->info.alias);
5262
5263 if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->secinfo, &authalias) < 0)
5264 return -1;
5265 }
5266
5267 if (restoreEncSecret) {
5268 encalias = g_strdup_printf("%s-luks-secret0", disk->info.alias);
5269
5270 if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->encinfo, &encalias) < 0)
5271 return -1;
5272 }
5273
5274 return 0;
5275 }
5276
5277
5278 int
qemuDomainDeviceDiskDefPostParse(virDomainDiskDef * disk,unsigned int parseFlags)5279 qemuDomainDeviceDiskDefPostParse(virDomainDiskDef *disk,
5280 unsigned int parseFlags)
5281 {
5282 virStorageSource *n;
5283
5284 /* set default disk types and drivers */
5285 if (!virDomainDiskGetDriver(disk))
5286 virDomainDiskSetDriver(disk, "qemu");
5287
5288 /* default disk format for drives */
5289 if (virDomainDiskGetFormat(disk) == VIR_STORAGE_FILE_NONE &&
5290 virDomainDiskGetType(disk) != VIR_STORAGE_TYPE_VOLUME)
5291 virDomainDiskSetFormat(disk, VIR_STORAGE_FILE_RAW);
5292
5293 /* default disk format for mirrored drive */
5294 if (disk->mirror &&
5295 disk->mirror->format == VIR_STORAGE_FILE_NONE)
5296 disk->mirror->format = VIR_STORAGE_FILE_RAW;
5297
5298 /* default disk encryption engine */
5299 for (n = disk->src; virStorageSourceIsBacking(n); n = n->backingStore) {
5300 if (n->encryption && n->encryption->engine == VIR_STORAGE_ENCRYPTION_ENGINE_DEFAULT)
5301 n->encryption->engine = VIR_STORAGE_ENCRYPTION_ENGINE_QEMU;
5302 }
5303
5304 if (qemuDomainDeviceDiskDefPostParseRestoreSecAlias(disk, parseFlags) < 0)
5305 return -1;
5306
5307 /* regenerate TLS alias for old status XMLs */
5308 if (parseFlags & VIR_DOMAIN_DEF_PARSE_STATUS &&
5309 disk->src->haveTLS == VIR_TRISTATE_BOOL_YES &&
5310 !disk->src->tlsAlias &&
5311 !(disk->src->tlsAlias = qemuAliasTLSObjFromSrcAlias(disk->info.alias)))
5312 return -1;
5313
5314 return 0;
5315 }
5316
5317
5318 static int
qemuDomainDeviceNetDefPostParse(virDomainNetDef * net,const virDomainDef * def,virQEMUCaps * qemuCaps)5319 qemuDomainDeviceNetDefPostParse(virDomainNetDef *net,
5320 const virDomainDef *def,
5321 virQEMUCaps *qemuCaps)
5322 {
5323 if (net->type == VIR_DOMAIN_NET_TYPE_VDPA &&
5324 !virDomainNetGetModelString(net))
5325 net->model = VIR_DOMAIN_NET_MODEL_VIRTIO;
5326 else if (net->type != VIR_DOMAIN_NET_TYPE_HOSTDEV &&
5327 !virDomainNetGetModelString(net) &&
5328 virDomainNetResolveActualType(net) != VIR_DOMAIN_NET_TYPE_HOSTDEV)
5329 net->model = qemuDomainDefaultNetModel(def, qemuCaps);
5330
5331 return 0;
5332 }
5333
5334
5335 static int
qemuDomainDefaultVideoDevice(const virDomainDef * def,virQEMUCaps * qemuCaps)5336 qemuDomainDefaultVideoDevice(const virDomainDef *def,
5337 virQEMUCaps *qemuCaps)
5338 {
5339 if (ARCH_IS_PPC64(def->os.arch))
5340 return VIR_DOMAIN_VIDEO_TYPE_VGA;
5341 if (qemuDomainIsARMVirt(def) ||
5342 qemuDomainIsRISCVVirt(def) ||
5343 ARCH_IS_S390(def->os.arch)) {
5344 return VIR_DOMAIN_VIDEO_TYPE_VIRTIO;
5345 }
5346 if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_CIRRUS_VGA))
5347 return VIR_DOMAIN_VIDEO_TYPE_CIRRUS;
5348 if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VGA))
5349 return VIR_DOMAIN_VIDEO_TYPE_VGA;
5350 return VIR_DOMAIN_VIDEO_TYPE_DEFAULT;
5351 }
5352
5353
5354 static int
qemuDomainDeviceVideoDefPostParse(virDomainVideoDef * video,const virDomainDef * def,virQEMUCaps * qemuCaps)5355 qemuDomainDeviceVideoDefPostParse(virDomainVideoDef *video,
5356 const virDomainDef *def,
5357 virQEMUCaps *qemuCaps)
5358 {
5359 if (video->type == VIR_DOMAIN_VIDEO_TYPE_DEFAULT)
5360 video->type = qemuDomainDefaultVideoDevice(def, qemuCaps);
5361
5362 if (video->type == VIR_DOMAIN_VIDEO_TYPE_QXL &&
5363 !video->vgamem) {
5364 video->vgamem = QEMU_QXL_VGAMEM_DEFAULT;
5365 }
5366
5367 return 0;
5368 }
5369
5370
5371 static int
qemuDomainDevicePanicDefPostParse(virDomainPanicDef * panic,const virDomainDef * def)5372 qemuDomainDevicePanicDefPostParse(virDomainPanicDef *panic,
5373 const virDomainDef *def)
5374 {
5375 if (panic->model == VIR_DOMAIN_PANIC_MODEL_DEFAULT) {
5376 if (qemuDomainIsPSeries(def))
5377 panic->model = VIR_DOMAIN_PANIC_MODEL_PSERIES;
5378 else if (ARCH_IS_S390(def->os.arch))
5379 panic->model = VIR_DOMAIN_PANIC_MODEL_S390;
5380 else
5381 panic->model = VIR_DOMAIN_PANIC_MODEL_ISA;
5382 }
5383
5384 return 0;
5385 }
5386
5387
5388 static int
qemuDomainVsockDefPostParse(virDomainVsockDef * vsock)5389 qemuDomainVsockDefPostParse(virDomainVsockDef *vsock)
5390 {
5391 if (vsock->model == VIR_DOMAIN_VSOCK_MODEL_DEFAULT)
5392 vsock->model = VIR_DOMAIN_VSOCK_MODEL_VIRTIO;
5393
5394 return 0;
5395 }
5396
5397
5398 /**
5399 * qemuDomainDeviceHostdevDefPostParseRestoreSecAlias:
5400 *
5401 * Re-generate aliases for objects related to the storage source if they
5402 * were not stored in the status XML by an older libvirt.
5403 *
5404 * Note that qemuCaps should be always present for a status XML.
5405 */
5406 static int
qemuDomainDeviceHostdevDefPostParseRestoreSecAlias(virDomainHostdevDef * hostdev,unsigned int parseFlags)5407 qemuDomainDeviceHostdevDefPostParseRestoreSecAlias(virDomainHostdevDef *hostdev,
5408 unsigned int parseFlags)
5409 {
5410 qemuDomainStorageSourcePrivate *priv;
5411 virDomainHostdevSubsysSCSI *scsisrc = &hostdev->source.subsys.u.scsi;
5412 virDomainHostdevSubsysSCSIiSCSI *iscsisrc = &scsisrc->u.iscsi;
5413 g_autofree char *authalias = NULL;
5414
5415 if (!(parseFlags & VIR_DOMAIN_DEF_PARSE_STATUS))
5416 return 0;
5417
5418 if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS ||
5419 hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI ||
5420 scsisrc->protocol != VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI ||
5421 !qemuDomainStorageSourceHasAuth(iscsisrc->src))
5422 return 0;
5423
5424 if (!(priv = qemuDomainStorageSourcePrivateFetch(iscsisrc->src)))
5425 return -1;
5426
5427 if (priv->secinfo)
5428 return 0;
5429
5430 authalias = g_strdup_printf("%s-secret0", hostdev->info->alias);
5431
5432 if (qemuStorageSourcePrivateDataAssignSecinfo(&priv->secinfo, &authalias) < 0)
5433 return -1;
5434
5435 return 0;
5436 }
5437
5438
5439 /**
5440 * qemuDomainDeviceHostdevDefPostParseRestoreBackendAlias:
5441 *
5442 * Re-generate backend alias if it wasn't stored in the status XML by an older
5443 * libvirtd.
5444 *
5445 * Note that qemuCaps should be always present for a status XML.
5446 */
5447 static int
qemuDomainDeviceHostdevDefPostParseRestoreBackendAlias(virDomainHostdevDef * hostdev,virQEMUCaps * qemuCaps,unsigned int parseFlags)5448 qemuDomainDeviceHostdevDefPostParseRestoreBackendAlias(virDomainHostdevDef *hostdev,
5449 virQEMUCaps *qemuCaps,
5450 unsigned int parseFlags)
5451 {
5452 virDomainHostdevSubsysSCSI *scsisrc = &hostdev->source.subsys.u.scsi;
5453 virStorageSource *src;
5454
5455 if (!(parseFlags & VIR_DOMAIN_DEF_PARSE_STATUS))
5456 return 0;
5457
5458 if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS ||
5459 hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI ||
5460 !virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV_HOSTDEV_SCSI))
5461 return 0;
5462
5463 switch ((virDomainHostdevSCSIProtocolType) scsisrc->protocol) {
5464 case VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_NONE:
5465 if (!scsisrc->u.host.src)
5466 scsisrc->u.host.src = virStorageSourceNew();
5467
5468 src = scsisrc->u.host.src;
5469 break;
5470
5471 case VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI:
5472 src = scsisrc->u.iscsi.src;
5473 break;
5474
5475 case VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_LAST:
5476 default:
5477 virReportEnumRangeError(virDomainHostdevSCSIProtocolType, scsisrc->protocol);
5478 return -1;
5479 }
5480
5481 if (!src->nodestorage)
5482 src->nodestorage = g_strdup_printf("libvirt-%s-backend", hostdev->info->alias);
5483
5484 return 0;
5485 }
5486
5487
5488 static int
qemuDomainHostdevDefMdevPostParse(virDomainHostdevSubsysMediatedDev * mdevsrc,virQEMUCaps * qemuCaps)5489 qemuDomainHostdevDefMdevPostParse(virDomainHostdevSubsysMediatedDev *mdevsrc,
5490 virQEMUCaps *qemuCaps)
5491 {
5492 /* QEMU 2.12 added support for vfio-pci display type, we default to
5493 * 'display=off' to stay safe from future changes */
5494 if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_VFIO_PCI_DISPLAY) &&
5495 mdevsrc->model == VIR_MDEV_MODEL_TYPE_VFIO_PCI &&
5496 mdevsrc->display == VIR_TRISTATE_SWITCH_ABSENT)
5497 mdevsrc->display = VIR_TRISTATE_SWITCH_OFF;
5498
5499 return 0;
5500 }
5501
5502
5503 static int
qemuDomainHostdevDefPostParse(virDomainHostdevDef * hostdev,virQEMUCaps * qemuCaps,unsigned int parseFlags)5504 qemuDomainHostdevDefPostParse(virDomainHostdevDef *hostdev,
5505 virQEMUCaps *qemuCaps,
5506 unsigned int parseFlags)
5507 {
5508 virDomainHostdevSubsys *subsys = &hostdev->source.subsys;
5509
5510 if (qemuDomainDeviceHostdevDefPostParseRestoreSecAlias(hostdev, parseFlags) < 0)
5511 return -1;
5512
5513 if (qemuDomainDeviceHostdevDefPostParseRestoreBackendAlias(hostdev, qemuCaps,
5514 parseFlags) < 0)
5515 return -1;
5516
5517 if (hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
5518 hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV &&
5519 qemuDomainHostdevDefMdevPostParse(&subsys->u.mdev, qemuCaps) < 0)
5520 return -1;
5521
5522 return 0;
5523 }
5524
5525
5526 static int
qemuDomainTPMDefPostParse(virDomainTPMDef * tpm,virArch arch)5527 qemuDomainTPMDefPostParse(virDomainTPMDef *tpm,
5528 virArch arch)
5529 {
5530 if (tpm->model == VIR_DOMAIN_TPM_MODEL_DEFAULT) {
5531 if (ARCH_IS_PPC64(arch))
5532 tpm->model = VIR_DOMAIN_TPM_MODEL_SPAPR;
5533 else
5534 tpm->model = VIR_DOMAIN_TPM_MODEL_TIS;
5535 }
5536
5537 return 0;
5538 }
5539
5540
5541 static int
qemuDomainNVDimmAlignSizePseries(virDomainMemoryDef * mem)5542 qemuDomainNVDimmAlignSizePseries(virDomainMemoryDef *mem)
5543 {
5544 /* For NVDIMMs in ppc64 in we want to align down the guest
5545 * visible space, instead of align up, to avoid writing
5546 * beyond the end of file by adding a potential 256MiB
5547 * to the user specified size.
5548 *
5549 * The label-size is mandatory for ppc64 as well, meaning that
5550 * the guest visible space will be target_size-label_size.
5551 *
5552 * Finally, target_size must include label_size.
5553 *
5554 * The above can be summed up as follows:
5555 *
5556 * target_size = AlignDown(target_size - label_size) + label_size
5557 */
5558 unsigned long long ppc64AlignSize = 256 * 1024;
5559 unsigned long long guestArea = mem->size - mem->labelsize;
5560
5561 /* Align down guestArea. We can't align down if guestArea is
5562 * smaller than the 256MiB alignment. */
5563 if (guestArea < ppc64AlignSize) {
5564 virReportError(VIR_ERR_XML_ERROR, "%s",
5565 _("minimum target size for the NVDIMM "
5566 "must be 256MB plus the label size"));
5567 return -1;
5568 }
5569
5570 guestArea = (guestArea/ppc64AlignSize) * ppc64AlignSize;
5571 mem->size = guestArea + mem->labelsize;
5572
5573 return 0;
5574 }
5575
5576
5577 static int
qemuDomainMemoryDefPostParse(virDomainMemoryDef * mem,virArch arch,unsigned int parseFlags)5578 qemuDomainMemoryDefPostParse(virDomainMemoryDef *mem, virArch arch,
5579 unsigned int parseFlags)
5580 {
5581 /* Memory alignment can't be done for migration or snapshot
5582 * scenarios. This logic was defined by commit c7d7ba85a624.
5583 *
5584 * There is no easy way to replicate at this point the same conditions
5585 * used to call qemuDomainAlignMemorySizes(), which means checking if
5586 * we're not migrating and not in a snapshot.
5587 *
5588 * We can use the PARSE_ABI_UPDATE flag, which is more strict -
5589 * existing guests will not activate the flag to avoid breaking
5590 * boot ABI. This means that any alignment done here will be replicated
5591 * later on by qemuDomainAlignMemorySizes() to contemplate existing
5592 * guests as well. */
5593 if (parseFlags & VIR_DOMAIN_DEF_PARSE_ABI_UPDATE) {
5594 if (ARCH_IS_PPC64(arch)) {
5595 unsigned long long ppc64MemModuleAlign = 256 * 1024;
5596
5597 if (mem->model == VIR_DOMAIN_MEMORY_MODEL_NVDIMM) {
5598 if (qemuDomainNVDimmAlignSizePseries(mem) < 0)
5599 return -1;
5600 } else {
5601 mem->size = VIR_ROUND_UP(mem->size, ppc64MemModuleAlign);
5602 }
5603 }
5604 }
5605
5606 return 0;
5607 }
5608
5609
5610 static int
qemuDomainDeviceDefPostParse(virDomainDeviceDef * dev,const virDomainDef * def,unsigned int parseFlags,void * opaque,void * parseOpaque)5611 qemuDomainDeviceDefPostParse(virDomainDeviceDef *dev,
5612 const virDomainDef *def,
5613 unsigned int parseFlags,
5614 void *opaque,
5615 void *parseOpaque)
5616 {
5617 virQEMUDriver *driver = opaque;
5618 /* Note that qemuCaps may be NULL when this function is called. This
5619 * function shall not fail in that case. It will be re-run on VM startup
5620 * with the capabilities populated. */
5621 virQEMUCaps *qemuCaps = parseOpaque;
5622 int ret = -1;
5623
5624 switch ((virDomainDeviceType) dev->type) {
5625 case VIR_DOMAIN_DEVICE_NET:
5626 ret = qemuDomainDeviceNetDefPostParse(dev->data.net, def, qemuCaps);
5627 break;
5628
5629 case VIR_DOMAIN_DEVICE_DISK:
5630 ret = qemuDomainDeviceDiskDefPostParse(dev->data.disk, parseFlags);
5631 break;
5632
5633 case VIR_DOMAIN_DEVICE_VIDEO:
5634 ret = qemuDomainDeviceVideoDefPostParse(dev->data.video, def, qemuCaps);
5635 break;
5636
5637 case VIR_DOMAIN_DEVICE_PANIC:
5638 ret = qemuDomainDevicePanicDefPostParse(dev->data.panic, def);
5639 break;
5640
5641 case VIR_DOMAIN_DEVICE_CONTROLLER:
5642 ret = qemuDomainControllerDefPostParse(dev->data.controller, def,
5643 qemuCaps, parseFlags);
5644 break;
5645
5646 case VIR_DOMAIN_DEVICE_SHMEM:
5647 ret = qemuDomainShmemDefPostParse(dev->data.shmem);
5648 break;
5649
5650 case VIR_DOMAIN_DEVICE_CHR:
5651 ret = qemuDomainChrDefPostParse(dev->data.chr, def, driver, parseFlags);
5652 break;
5653
5654 case VIR_DOMAIN_DEVICE_VSOCK:
5655 ret = qemuDomainVsockDefPostParse(dev->data.vsock);
5656 break;
5657
5658 case VIR_DOMAIN_DEVICE_HOSTDEV:
5659 ret = qemuDomainHostdevDefPostParse(dev->data.hostdev, qemuCaps, parseFlags);
5660 break;
5661
5662 case VIR_DOMAIN_DEVICE_TPM:
5663 ret = qemuDomainTPMDefPostParse(dev->data.tpm, def->os.arch);
5664 break;
5665
5666 case VIR_DOMAIN_DEVICE_MEMORY:
5667 ret = qemuDomainMemoryDefPostParse(dev->data.memory, def->os.arch,
5668 parseFlags);
5669 break;
5670
5671 case VIR_DOMAIN_DEVICE_LEASE:
5672 case VIR_DOMAIN_DEVICE_FS:
5673 case VIR_DOMAIN_DEVICE_INPUT:
5674 case VIR_DOMAIN_DEVICE_SOUND:
5675 case VIR_DOMAIN_DEVICE_WATCHDOG:
5676 case VIR_DOMAIN_DEVICE_GRAPHICS:
5677 case VIR_DOMAIN_DEVICE_HUB:
5678 case VIR_DOMAIN_DEVICE_REDIRDEV:
5679 case VIR_DOMAIN_DEVICE_SMARTCARD:
5680 case VIR_DOMAIN_DEVICE_MEMBALLOON:
5681 case VIR_DOMAIN_DEVICE_NVRAM:
5682 case VIR_DOMAIN_DEVICE_RNG:
5683 case VIR_DOMAIN_DEVICE_IOMMU:
5684 case VIR_DOMAIN_DEVICE_AUDIO:
5685 ret = 0;
5686 break;
5687
5688 case VIR_DOMAIN_DEVICE_NONE:
5689 virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
5690 _("unexpected VIR_DOMAIN_DEVICE_NONE"));
5691 break;
5692
5693 case VIR_DOMAIN_DEVICE_LAST:
5694 default:
5695 virReportEnumRangeError(virDomainDeviceType, dev->type);
5696 break;
5697 }
5698
5699 return ret;
5700 }
5701
5702
5703 static int
qemuDomainDefAssignAddresses(virDomainDef * def,unsigned int parseFlags G_GNUC_UNUSED,void * opaque,void * parseOpaque)5704 qemuDomainDefAssignAddresses(virDomainDef *def,
5705 unsigned int parseFlags G_GNUC_UNUSED,
5706 void *opaque,
5707 void *parseOpaque)
5708 {
5709 virQEMUDriver *driver = opaque;
5710 /* Note that qemuCaps may be NULL when this function is called. This
5711 * function shall not fail in that case. It will be re-run on VM startup
5712 * with the capabilities populated. */
5713 virQEMUCaps *qemuCaps = parseOpaque;
5714 bool newDomain = parseFlags & VIR_DOMAIN_DEF_PARSE_ABI_UPDATE;
5715
5716 /* Skip address assignment if @qemuCaps is not present. In such case devices
5717 * which are automatically added may be missing. Additionally @qemuCaps should
5718 * only be missing when reloading configs, thus addresses were already
5719 * assigned. */
5720 if (!qemuCaps)
5721 return 1;
5722
5723 return qemuDomainAssignAddresses(def, qemuCaps, driver, NULL, newDomain);
5724 }
5725
5726
5727 static int
qemuDomainPostParseDataAlloc(const virDomainDef * def,unsigned int parseFlags G_GNUC_UNUSED,void * opaque,void ** parseOpaque)5728 qemuDomainPostParseDataAlloc(const virDomainDef *def,
5729 unsigned int parseFlags G_GNUC_UNUSED,
5730 void *opaque,
5731 void **parseOpaque)
5732 {
5733 virQEMUDriver *driver = opaque;
5734
5735 if (!(*parseOpaque = virQEMUCapsCacheLookup(driver->qemuCapsCache,
5736 def->emulator)))
5737 return 1;
5738
5739 return 0;
5740 }
5741
5742
5743 static void
qemuDomainPostParseDataFree(void * parseOpaque)5744 qemuDomainPostParseDataFree(void *parseOpaque)
5745 {
5746 virQEMUCaps *qemuCaps = parseOpaque;
5747
5748 virObjectUnref(qemuCaps);
5749 }
5750
5751
5752 virDomainDefParserConfig virQEMUDriverDomainDefParserConfig = {
5753 .domainPostParseBasicCallback = qemuDomainDefPostParseBasic,
5754 .domainPostParseDataAlloc = qemuDomainPostParseDataAlloc,
5755 .domainPostParseDataFree = qemuDomainPostParseDataFree,
5756 .devicesPostParseCallback = qemuDomainDeviceDefPostParse,
5757 .domainPostParseCallback = qemuDomainDefPostParse,
5758 .assignAddressesCallback = qemuDomainDefAssignAddresses,
5759 .domainValidateCallback = qemuValidateDomainDef,
5760 .deviceValidateCallback = qemuValidateDomainDeviceDef,
5761
5762 .features = VIR_DOMAIN_DEF_FEATURE_MEMORY_HOTPLUG |
5763 VIR_DOMAIN_DEF_FEATURE_OFFLINE_VCPUPIN |
5764 VIR_DOMAIN_DEF_FEATURE_INDIVIDUAL_VCPUS |
5765 VIR_DOMAIN_DEF_FEATURE_USER_ALIAS |
5766 VIR_DOMAIN_DEF_FEATURE_FW_AUTOSELECT |
5767 VIR_DOMAIN_DEF_FEATURE_NET_MODEL_STRING,
5768 };
5769
5770
5771 void
qemuDomainObjSaveStatus(virQEMUDriver * driver,virDomainObj * obj)5772 qemuDomainObjSaveStatus(virQEMUDriver *driver,
5773 virDomainObj *obj)
5774 {
5775 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
5776
5777 if (virDomainObjIsActive(obj)) {
5778 if (virDomainObjSave(obj, driver->xmlopt, cfg->stateDir) < 0)
5779 VIR_WARN("Failed to save status on vm %s", obj->def->name);
5780 }
5781 }
5782
5783
5784 void
qemuDomainSaveStatus(virDomainObj * obj)5785 qemuDomainSaveStatus(virDomainObj *obj)
5786 {
5787 qemuDomainObjSaveStatus(QEMU_DOMAIN_PRIVATE(obj)->driver, obj);
5788 }
5789
5790
5791 void
qemuDomainSaveConfig(virDomainObj * obj)5792 qemuDomainSaveConfig(virDomainObj *obj)
5793 {
5794 virQEMUDriver *driver = QEMU_DOMAIN_PRIVATE(obj)->driver;
5795 g_autoptr(virQEMUDriverConfig) cfg = NULL;
5796 virDomainDef *def = NULL;
5797
5798 if (virDomainObjIsActive(obj))
5799 def = obj->newDef;
5800 else
5801 def = obj->def;
5802
5803 if (!def)
5804 return;
5805
5806 cfg = virQEMUDriverGetConfig(driver);
5807
5808 if (virDomainDefSave(def, driver->xmlopt, cfg->configDir) < 0)
5809 VIR_WARN("Failed to save config of vm %s", obj->def->name);
5810 }
5811
5812
5813 /*
5814 * obj must be locked before calling
5815 *
5816 * To be called immediately before any QEMU monitor API call
5817 * Must have already called qemuDomainObjBeginJob() and checked
5818 * that the VM is still active; may not be used for nested async
5819 * jobs.
5820 *
5821 * To be followed with qemuDomainObjExitMonitor() once complete
5822 */
5823 static int
qemuDomainObjEnterMonitorInternal(virQEMUDriver * driver,virDomainObj * obj,qemuDomainAsyncJob asyncJob)5824 qemuDomainObjEnterMonitorInternal(virQEMUDriver *driver,
5825 virDomainObj *obj,
5826 qemuDomainAsyncJob asyncJob)
5827 {
5828 qemuDomainObjPrivate *priv = obj->privateData;
5829
5830 if (asyncJob != QEMU_ASYNC_JOB_NONE) {
5831 int ret;
5832 if ((ret = qemuDomainObjBeginNestedJob(driver, obj, asyncJob)) < 0)
5833 return ret;
5834 if (!virDomainObjIsActive(obj)) {
5835 virReportError(VIR_ERR_OPERATION_FAILED, "%s",
5836 _("domain is no longer running"));
5837 qemuDomainObjEndJob(driver, obj);
5838 return -1;
5839 }
5840 } else if (priv->job.asyncOwner == virThreadSelfID()) {
5841 VIR_WARN("This thread seems to be the async job owner; entering"
5842 " monitor without asking for a nested job is dangerous");
5843 } else if (priv->job.owner != virThreadSelfID()) {
5844 VIR_WARN("Entering a monitor without owning a job. "
5845 "Job %s owner %s (%llu)",
5846 qemuDomainJobTypeToString(priv->job.active),
5847 priv->job.ownerAPI, priv->job.owner);
5848 }
5849
5850 VIR_DEBUG("Entering monitor (mon=%p vm=%p name=%s)",
5851 priv->mon, obj, obj->def->name);
5852 virObjectLock(priv->mon);
5853 virObjectRef(priv->mon);
5854 ignore_value(virTimeMillisNow(&priv->monStart));
5855 virObjectUnlock(obj);
5856
5857 return 0;
5858 }
5859
5860 static void ATTRIBUTE_NONNULL(1)
qemuDomainObjExitMonitorInternal(virQEMUDriver * driver,virDomainObj * obj)5861 qemuDomainObjExitMonitorInternal(virQEMUDriver *driver,
5862 virDomainObj *obj)
5863 {
5864 qemuDomainObjPrivate *priv = obj->privateData;
5865 bool hasRefs;
5866
5867 qemuMonitorWatchDispose();
5868 virObjectUnref(priv->mon);
5869
5870 hasRefs = !qemuMonitorWasDisposed();
5871 if (hasRefs)
5872 virObjectUnlock(priv->mon);
5873
5874 virObjectLock(obj);
5875 VIR_DEBUG("Exited monitor (mon=%p vm=%p name=%s)",
5876 priv->mon, obj, obj->def->name);
5877
5878 priv->monStart = 0;
5879 if (!hasRefs)
5880 priv->mon = NULL;
5881
5882 if (priv->job.active == QEMU_JOB_ASYNC_NESTED)
5883 qemuDomainObjEndJob(driver, obj);
5884 }
5885
qemuDomainObjEnterMonitor(virQEMUDriver * driver,virDomainObj * obj)5886 void qemuDomainObjEnterMonitor(virQEMUDriver *driver,
5887 virDomainObj *obj)
5888 {
5889 ignore_value(qemuDomainObjEnterMonitorInternal(driver, obj,
5890 QEMU_ASYNC_JOB_NONE));
5891 }
5892
5893 /* obj must NOT be locked before calling
5894 *
5895 * Should be paired with an earlier qemuDomainObjEnterMonitor() call
5896 *
5897 * Returns -1 if the domain is no longer alive after exiting the monitor.
5898 * In that case, the caller should be careful when using obj's data,
5899 * e.g. the live definition in vm->def has been freed by qemuProcessStop
5900 * and replaced by the persistent definition, so pointers stolen
5901 * from the live definition could no longer be valid.
5902 */
qemuDomainObjExitMonitor(virQEMUDriver * driver,virDomainObj * obj)5903 int qemuDomainObjExitMonitor(virQEMUDriver *driver,
5904 virDomainObj *obj)
5905 {
5906 qemuDomainObjExitMonitorInternal(driver, obj);
5907 if (!virDomainObjIsActive(obj)) {
5908 if (virGetLastErrorCode() == VIR_ERR_OK)
5909 virReportError(VIR_ERR_OPERATION_FAILED, "%s",
5910 _("domain is no longer running"));
5911 return -1;
5912 }
5913 return 0;
5914 }
5915
5916 /*
5917 * obj must be locked before calling
5918 *
5919 * To be called immediately before any QEMU monitor API call.
5920 * Must have already either called qemuDomainObjBeginJob()
5921 * and checked that the VM is still active, with asyncJob of
5922 * QEMU_ASYNC_JOB_NONE; or already called qemuDomainObjBeginAsyncJob,
5923 * with the same asyncJob.
5924 *
5925 * Returns 0 if job was started, in which case this must be followed with
5926 * qemuDomainObjExitMonitor(); -2 if waiting for the nested job times out;
5927 * or -1 if the job could not be started (probably because the vm exited
5928 * in the meantime).
5929 */
5930 int
qemuDomainObjEnterMonitorAsync(virQEMUDriver * driver,virDomainObj * obj,qemuDomainAsyncJob asyncJob)5931 qemuDomainObjEnterMonitorAsync(virQEMUDriver *driver,
5932 virDomainObj *obj,
5933 qemuDomainAsyncJob asyncJob)
5934 {
5935 return qemuDomainObjEnterMonitorInternal(driver, obj, asyncJob);
5936 }
5937
5938
5939 /*
5940 * obj must be locked before calling
5941 *
5942 * To be called immediately before any QEMU agent API call.
5943 * Must have already called qemuDomainObjBeginAgentJob() and
5944 * checked that the VM is still active.
5945 *
5946 * To be followed with qemuDomainObjExitAgent() once complete
5947 */
5948 qemuAgent *
qemuDomainObjEnterAgent(virDomainObj * obj)5949 qemuDomainObjEnterAgent(virDomainObj *obj)
5950 {
5951 qemuDomainObjPrivate *priv = obj->privateData;
5952 qemuAgent *agent = priv->agent;
5953
5954 VIR_DEBUG("Entering agent (agent=%p vm=%p name=%s)",
5955 priv->agent, obj, obj->def->name);
5956
5957 virObjectLock(agent);
5958 virObjectRef(agent);
5959 virObjectUnlock(obj);
5960
5961 return agent;
5962 }
5963
5964
5965 /* obj must NOT be locked before calling
5966 *
5967 * Should be paired with an earlier qemuDomainObjEnterAgent() call
5968 */
5969 void
qemuDomainObjExitAgent(virDomainObj * obj,qemuAgent * agent)5970 qemuDomainObjExitAgent(virDomainObj *obj, qemuAgent *agent)
5971 {
5972 virObjectUnlock(agent);
5973 virObjectUnref(agent);
5974 virObjectLock(obj);
5975
5976 VIR_DEBUG("Exited agent (agent=%p vm=%p name=%s)",
5977 agent, obj, obj->def->name);
5978 }
5979
qemuDomainObjEnterRemote(virDomainObj * obj)5980 void qemuDomainObjEnterRemote(virDomainObj *obj)
5981 {
5982 VIR_DEBUG("Entering remote (vm=%p name=%s)",
5983 obj, obj->def->name);
5984 virObjectUnlock(obj);
5985 }
5986
5987
5988 int
qemuDomainObjExitRemote(virDomainObj * obj,bool checkActive)5989 qemuDomainObjExitRemote(virDomainObj *obj,
5990 bool checkActive)
5991 {
5992 virObjectLock(obj);
5993 VIR_DEBUG("Exited remote (vm=%p name=%s)",
5994 obj, obj->def->name);
5995
5996 if (checkActive && !virDomainObjIsActive(obj)) {
5997 virReportError(VIR_ERR_OPERATION_FAILED,
5998 _("domain '%s' is not running"),
5999 obj->def->name);
6000 return -1;
6001 }
6002
6003 return 0;
6004 }
6005
6006
6007 static virDomainDef *
qemuDomainDefFromXML(virQEMUDriver * driver,virQEMUCaps * qemuCaps,const char * xml)6008 qemuDomainDefFromXML(virQEMUDriver *driver,
6009 virQEMUCaps *qemuCaps,
6010 const char *xml)
6011 {
6012 return virDomainDefParseString(xml, driver->xmlopt, qemuCaps,
6013 VIR_DOMAIN_DEF_PARSE_INACTIVE |
6014 VIR_DOMAIN_DEF_PARSE_SKIP_VALIDATE);
6015 }
6016
6017
6018 virDomainDef *
qemuDomainDefCopy(virQEMUDriver * driver,virQEMUCaps * qemuCaps,virDomainDef * src,unsigned int flags)6019 qemuDomainDefCopy(virQEMUDriver *driver,
6020 virQEMUCaps *qemuCaps,
6021 virDomainDef *src,
6022 unsigned int flags)
6023 {
6024 g_autofree char *xml = NULL;
6025
6026 if (!(xml = qemuDomainDefFormatXML(driver, qemuCaps, src, flags)))
6027 return NULL;
6028
6029 return qemuDomainDefFromXML(driver, qemuCaps, xml);
6030 }
6031
6032
6033 int
qemuDomainMakeCPUMigratable(virCPUDef * cpu)6034 qemuDomainMakeCPUMigratable(virCPUDef *cpu)
6035 {
6036 if (cpu->mode == VIR_CPU_MODE_CUSTOM &&
6037 STREQ_NULLABLE(cpu->model, "Icelake-Server")) {
6038 /* Originally Icelake-Server CPU model contained pconfig CPU feature.
6039 * It was never actually enabled and thus it was removed. To enable
6040 * migration to QEMU 3.1.0 (with both new and old libvirt), we
6041 * explicitly disable pconfig in migration XML (otherwise old libvirt
6042 * would think it was implicitly enabled on the source). New libvirt
6043 * will drop it from the XML before starting the domain on new QEMU.
6044 */
6045 if (virCPUDefUpdateFeature(cpu, "pconfig", VIR_CPU_FEATURE_DISABLE) < 0)
6046 return -1;
6047 }
6048
6049 return 0;
6050 }
6051
6052
6053 static int
qemuDomainDefFormatBufInternal(virQEMUDriver * driver,virQEMUCaps * qemuCaps,virDomainDef * def,virCPUDef * origCPU,unsigned int flags,virBuffer * buf)6054 qemuDomainDefFormatBufInternal(virQEMUDriver *driver,
6055 virQEMUCaps *qemuCaps,
6056 virDomainDef *def,
6057 virCPUDef *origCPU,
6058 unsigned int flags,
6059 virBuffer *buf)
6060 {
6061 g_autoptr(virDomainDef) copy = NULL;
6062
6063 virCheckFlags(VIR_DOMAIN_XML_COMMON_FLAGS | VIR_DOMAIN_XML_UPDATE_CPU, -1);
6064
6065 if (!(flags & (VIR_DOMAIN_XML_UPDATE_CPU | VIR_DOMAIN_XML_MIGRATABLE)))
6066 goto format;
6067
6068 if (!(copy = virDomainDefCopy(def, driver->xmlopt, qemuCaps,
6069 flags & VIR_DOMAIN_XML_MIGRATABLE)))
6070 return -1;
6071
6072 def = copy;
6073
6074 /* Update guest CPU requirements according to host CPU */
6075 if ((flags & VIR_DOMAIN_XML_UPDATE_CPU) &&
6076 def->cpu &&
6077 (def->cpu->mode != VIR_CPU_MODE_CUSTOM ||
6078 def->cpu->model)) {
6079 g_autoptr(virQEMUCaps) qCaps = NULL;
6080
6081 if (qemuCaps) {
6082 qCaps = virObjectRef(qemuCaps);
6083 } else {
6084 if (!(qCaps = virQEMUCapsCacheLookupCopy(driver->qemuCapsCache,
6085 def->virtType,
6086 def->emulator,
6087 def->os.machine)))
6088 return -1;
6089 }
6090
6091 if (virCPUUpdate(def->os.arch, def->cpu,
6092 virQEMUCapsGetHostModel(qCaps, def->virtType,
6093 VIR_QEMU_CAPS_HOST_CPU_MIGRATABLE)) < 0)
6094 return -1;
6095 }
6096
6097 if ((flags & VIR_DOMAIN_XML_MIGRATABLE)) {
6098 size_t i;
6099 int toremove = 0;
6100 virDomainControllerDef *usb = NULL;
6101 virDomainControllerDef *pci = NULL;
6102
6103 /* If only the default USB controller is present, we can remove it
6104 * and make the XML compatible with older versions of libvirt which
6105 * didn't support USB controllers in the XML but always added the
6106 * default one to qemu anyway.
6107 */
6108 for (i = 0; i < def->ncontrollers; i++) {
6109 if (def->controllers[i]->type == VIR_DOMAIN_CONTROLLER_TYPE_USB) {
6110 if (usb) {
6111 usb = NULL;
6112 break;
6113 }
6114 usb = def->controllers[i];
6115 }
6116 }
6117
6118 /* In order to maintain compatibility with version of libvirt that
6119 * didn't support <controller type='usb'/> (<= 0.9.4), we need to
6120 * drop the default USB controller, ie. a USB controller at index
6121 * zero with no model or with the default piix3-ohci model.
6122 *
6123 * However, we only need to do so for x86 i440fx machine types,
6124 * because other architectures and machine types were introduced
6125 * when libvirt already supported <controller type='usb'/>.
6126 */
6127 if (qemuDomainIsI440FX(def) &&
6128 usb && usb->idx == 0 &&
6129 (usb->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_DEFAULT ||
6130 usb->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_PIIX3_UHCI) &&
6131 !virDomainDeviceAliasIsUserAlias(usb->info.alias)) {
6132 VIR_DEBUG("Removing default USB controller from domain '%s'"
6133 " for migration compatibility", def->name);
6134 toremove++;
6135 } else {
6136 usb = NULL;
6137 }
6138
6139 /* Remove the default PCI controller if there is only one present
6140 * and its model is pci-root */
6141 for (i = 0; i < def->ncontrollers; i++) {
6142 if (def->controllers[i]->type == VIR_DOMAIN_CONTROLLER_TYPE_PCI) {
6143 if (pci) {
6144 pci = NULL;
6145 break;
6146 }
6147 pci = def->controllers[i];
6148 }
6149 }
6150
6151 if (pci && pci->idx == 0 &&
6152 pci->model == VIR_DOMAIN_CONTROLLER_MODEL_PCI_ROOT &&
6153 !virDomainDeviceAliasIsUserAlias(pci->info.alias) &&
6154 !pci->opts.pciopts.pcihole64) {
6155 VIR_DEBUG("Removing default pci-root from domain '%s'"
6156 " for migration compatibility", def->name);
6157 toremove++;
6158 } else {
6159 pci = NULL;
6160 }
6161
6162 if (toremove) {
6163 virDomainControllerDef **controllers = def->controllers;
6164 int ncontrollers = def->ncontrollers;
6165
6166 def->controllers = g_new0(virDomainControllerDef *, ncontrollers - toremove);
6167 def->ncontrollers = 0;
6168
6169 for (i = 0; i < ncontrollers; i++) {
6170 if (controllers[i] != usb && controllers[i] != pci)
6171 def->controllers[def->ncontrollers++] = controllers[i];
6172 }
6173
6174 VIR_FREE(controllers);
6175 virDomainControllerDefFree(pci);
6176 virDomainControllerDefFree(usb);
6177 }
6178
6179 /* Remove the panic device for selected models if present */
6180 for (i = 0; i < def->npanics; i++) {
6181 if (def->panics[i]->model == VIR_DOMAIN_PANIC_MODEL_S390 ||
6182 def->panics[i]->model == VIR_DOMAIN_PANIC_MODEL_PSERIES) {
6183 VIR_DELETE_ELEMENT(def->panics, i, def->npanics);
6184 break;
6185 }
6186 }
6187
6188 for (i = 0; i < def->nchannels; i++)
6189 qemuDomainChrDefDropDefaultPath(def->channels[i], driver);
6190
6191 for (i = 0; i < def->nserials; i++) {
6192 virDomainChrDef *serial = def->serials[i];
6193
6194 /* Historically, the native console type for some machine types
6195 * was not set at all, which means it defaulted to ISA even
6196 * though that was not even remotely accurate. To ensure migration
6197 * towards older libvirt versions works for such guests, we switch
6198 * it back to the default here */
6199 if (flags & VIR_DOMAIN_XML_MIGRATABLE) {
6200 switch ((virDomainChrSerialTargetType)serial->targetType) {
6201 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SPAPR_VIO:
6202 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SYSTEM:
6203 serial->targetType = VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_NONE;
6204 serial->targetModel = VIR_DOMAIN_CHR_SERIAL_TARGET_MODEL_NONE;
6205 break;
6206 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_ISA:
6207 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_PCI:
6208 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_USB:
6209 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_SCLP:
6210 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_NONE:
6211 case VIR_DOMAIN_CHR_SERIAL_TARGET_TYPE_LAST:
6212 /* Nothing to do */
6213 break;
6214 }
6215 }
6216 }
6217
6218 /* Replace the CPU definition updated according to QEMU with the one
6219 * used for starting the domain. The updated def will be sent
6220 * separately for backward compatibility.
6221 */
6222 if (origCPU) {
6223 virCPUDefFree(def->cpu);
6224 if (!(def->cpu = virCPUDefCopy(origCPU)))
6225 return -1;
6226 }
6227
6228 if (def->cpu && qemuDomainMakeCPUMigratable(def->cpu) < 0)
6229 return -1;
6230
6231 /* Old libvirt doesn't understand <audio> elements so
6232 * remove any we added by default
6233 */
6234 if (qemuDomainDefClearDefaultAudioBackend(driver, def) < 0)
6235 return -1;
6236 }
6237
6238 format:
6239 return virDomainDefFormatInternal(def, driver->xmlopt, buf,
6240 virDomainDefFormatConvertXMLFlags(flags));
6241 }
6242
6243
6244 int
qemuDomainDefFormatBuf(virQEMUDriver * driver,virQEMUCaps * qemuCaps,virDomainDef * def,unsigned int flags,virBuffer * buf)6245 qemuDomainDefFormatBuf(virQEMUDriver *driver,
6246 virQEMUCaps *qemuCaps,
6247 virDomainDef *def,
6248 unsigned int flags,
6249 virBuffer *buf)
6250 {
6251 return qemuDomainDefFormatBufInternal(driver, qemuCaps, def, NULL, flags, buf);
6252 }
6253
6254
6255 static char *
qemuDomainDefFormatXMLInternal(virQEMUDriver * driver,virQEMUCaps * qemuCaps,virDomainDef * def,virCPUDef * origCPU,unsigned int flags)6256 qemuDomainDefFormatXMLInternal(virQEMUDriver *driver,
6257 virQEMUCaps *qemuCaps,
6258 virDomainDef *def,
6259 virCPUDef *origCPU,
6260 unsigned int flags)
6261 {
6262 g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
6263
6264 if (qemuDomainDefFormatBufInternal(driver, qemuCaps, def, origCPU, flags, &buf) < 0)
6265 return NULL;
6266
6267 return virBufferContentAndReset(&buf);
6268 }
6269
6270
6271 char *
qemuDomainDefFormatXML(virQEMUDriver * driver,virQEMUCaps * qemuCaps,virDomainDef * def,unsigned int flags)6272 qemuDomainDefFormatXML(virQEMUDriver *driver,
6273 virQEMUCaps *qemuCaps,
6274 virDomainDef *def,
6275 unsigned int flags)
6276 {
6277 return qemuDomainDefFormatXMLInternal(driver, qemuCaps, def, NULL, flags);
6278 }
6279
6280
qemuDomainFormatXML(virQEMUDriver * driver,virDomainObj * vm,unsigned int flags)6281 char *qemuDomainFormatXML(virQEMUDriver *driver,
6282 virDomainObj *vm,
6283 unsigned int flags)
6284 {
6285 virDomainDef *def;
6286 qemuDomainObjPrivate *priv = vm->privateData;
6287 virCPUDef *origCPU = NULL;
6288
6289 if ((flags & VIR_DOMAIN_XML_INACTIVE) && vm->newDef) {
6290 def = vm->newDef;
6291 } else {
6292 def = vm->def;
6293 origCPU = priv->origCPU;
6294 }
6295
6296 return qemuDomainDefFormatXMLInternal(driver, priv->qemuCaps, def, origCPU, flags);
6297 }
6298
6299 char *
qemuDomainDefFormatLive(virQEMUDriver * driver,virQEMUCaps * qemuCaps,virDomainDef * def,virCPUDef * origCPU,bool inactive,bool compatible)6300 qemuDomainDefFormatLive(virQEMUDriver *driver,
6301 virQEMUCaps *qemuCaps,
6302 virDomainDef *def,
6303 virCPUDef *origCPU,
6304 bool inactive,
6305 bool compatible)
6306 {
6307 unsigned int flags = QEMU_DOMAIN_FORMAT_LIVE_FLAGS;
6308
6309 if (inactive)
6310 flags |= VIR_DOMAIN_XML_INACTIVE;
6311 if (compatible)
6312 flags |= VIR_DOMAIN_XML_MIGRATABLE;
6313
6314 return qemuDomainDefFormatXMLInternal(driver, qemuCaps, def, origCPU, flags);
6315 }
6316
6317
qemuDomainObjTaint(virQEMUDriver * driver,virDomainObj * obj,virDomainTaintFlags taint,qemuDomainLogContext * logCtxt)6318 void qemuDomainObjTaint(virQEMUDriver *driver,
6319 virDomainObj *obj,
6320 virDomainTaintFlags taint,
6321 qemuDomainLogContext *logCtxt)
6322 {
6323 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
6324
6325 qemuDomainObjTaintMsg(driver, obj, taint, logCtxt, NULL);
6326 ignore_value(virDomainObjSave(obj, driver->xmlopt, cfg->stateDir));
6327 }
6328
qemuDomainObjTaintMsg(virQEMUDriver * driver,virDomainObj * obj,virDomainTaintFlags taint,qemuDomainLogContext * logCtxt,const char * fmt,...)6329 void qemuDomainObjTaintMsg(virQEMUDriver *driver,
6330 virDomainObj *obj,
6331 virDomainTaintFlags taint,
6332 qemuDomainLogContext *logCtxt,
6333 const char *fmt, ...)
6334 {
6335 virErrorPtr orig_err = NULL;
6336 g_autofree char *timestamp = NULL;
6337 char uuidstr[VIR_UUID_STRING_BUFLEN];
6338 int rc;
6339 g_autofree char *extra = NULL;
6340 const char *extraprefix = "";
6341 const char *extramsg = "";
6342 const char *extrasuffix = "";
6343 va_list args;
6344
6345 if (virDomainObjTaint(obj, taint)) {
6346 /* If an extra message was given we must always
6347 * emit the taint warning, otherwise it is a
6348 * one-time only warning per VM
6349 */
6350 if (!fmt)
6351 return;
6352 }
6353
6354 virUUIDFormat(obj->def->uuid, uuidstr);
6355
6356 if (fmt) {
6357 va_start(args, fmt);
6358 extraprefix = " (";
6359 extramsg = extra = g_strdup_vprintf(fmt, args);
6360 extrasuffix = ")";
6361 va_end(args);
6362 }
6363
6364 if (taint == VIR_DOMAIN_TAINT_DEPRECATED_CONFIG &&
6365 extramsg) {
6366 virDomainObjDeprecation(obj, extramsg);
6367 }
6368
6369 VIR_WARN("Domain id=%d name='%s' uuid=%s is tainted: %s%s%s%s",
6370 obj->def->id,
6371 obj->def->name,
6372 uuidstr,
6373 virDomainTaintTypeToString(taint),
6374 extraprefix, extramsg, extrasuffix);
6375
6376 /* We don't care about errors logging taint info, so
6377 * preserve original error, and clear any error that
6378 * is raised */
6379 virErrorPreserveLast(&orig_err);
6380
6381 if (!(timestamp = virTimeStringNow()))
6382 goto cleanup;
6383
6384 if (logCtxt) {
6385 rc = qemuDomainLogContextWrite(logCtxt,
6386 "%s: Domain id=%d is tainted: %s%s%s%s\n",
6387 timestamp,
6388 obj->def->id,
6389 virDomainTaintTypeToString(taint),
6390 extraprefix, extramsg, extrasuffix);
6391 } else {
6392 rc = qemuDomainLogAppendMessage(driver, obj,
6393 "%s: Domain id=%d is tainted: %s%s%s%s\n",
6394 timestamp,
6395 obj->def->id,
6396 virDomainTaintTypeToString(taint),
6397 extraprefix, extramsg, extrasuffix);
6398 }
6399
6400 if (rc < 0)
6401 virResetLastError();
6402
6403 cleanup:
6404 virErrorRestore(&orig_err);
6405 }
6406
6407 static void
qemuDomainObjCheckMachineTaint(virQEMUDriver * driver,virDomainObj * obj,qemuDomainLogContext * logCtxt)6408 qemuDomainObjCheckMachineTaint(virQEMUDriver *driver,
6409 virDomainObj *obj,
6410 qemuDomainLogContext *logCtxt)
6411 {
6412 qemuDomainObjPrivate *priv = obj->privateData;
6413 virQEMUCaps *qemuCaps = priv->qemuCaps;
6414
6415 if (virQEMUCapsIsMachineDeprecated(qemuCaps,
6416 obj->def->virtType,
6417 obj->def->os.machine)) {
6418 qemuDomainObjTaintMsg(driver, obj, VIR_DOMAIN_TAINT_DEPRECATED_CONFIG, logCtxt,
6419 _("machine type '%s'"),
6420 obj->def->os.machine);
6421 }
6422 }
6423
6424
6425 static void
qemuDomainObjCheckCPUTaint(virQEMUDriver * driver,virDomainObj * obj,qemuDomainLogContext * logCtxt,bool incomingMigration)6426 qemuDomainObjCheckCPUTaint(virQEMUDriver *driver,
6427 virDomainObj *obj,
6428 qemuDomainLogContext *logCtxt,
6429 bool incomingMigration)
6430 {
6431 qemuDomainObjPrivate *priv = obj->privateData;
6432 virQEMUCaps *qemuCaps = priv->qemuCaps;
6433
6434 switch (obj->def->cpu->mode) {
6435 case VIR_CPU_MODE_HOST_PASSTHROUGH:
6436 case VIR_CPU_MODE_MAXIMUM:
6437 if (incomingMigration)
6438 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HOST_CPU, logCtxt);
6439 break;
6440 case VIR_CPU_MODE_CUSTOM:
6441 if (obj->def->cpu->model &&
6442 virQEMUCapsIsCPUDeprecated(qemuCaps,
6443 obj->def->virtType,
6444 obj->def->cpu->model)) {
6445 qemuDomainObjTaintMsg(driver, obj, VIR_DOMAIN_TAINT_DEPRECATED_CONFIG, logCtxt,
6446 _("CPU model '%s'"),
6447 obj->def->cpu->model);
6448 }
6449 break;
6450 case VIR_CPU_MODE_HOST_MODEL:
6451 case VIR_CPU_MODE_LAST:
6452 default:
6453 break;
6454 }
6455 }
6456
6457
qemuDomainObjCheckTaint(virQEMUDriver * driver,virDomainObj * obj,qemuDomainLogContext * logCtxt,bool incomingMigration)6458 void qemuDomainObjCheckTaint(virQEMUDriver *driver,
6459 virDomainObj *obj,
6460 qemuDomainLogContext *logCtxt,
6461 bool incomingMigration)
6462 {
6463 size_t i;
6464 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
6465 qemuDomainObjPrivate *priv = obj->privateData;
6466 bool custom_hypervisor_feat = false;
6467
6468 if (driver->privileged &&
6469 (cfg->user == 0 ||
6470 cfg->group == 0))
6471 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logCtxt);
6472
6473 if (priv->hookRun)
6474 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HOOK, logCtxt);
6475
6476 if (obj->def->namespaceData) {
6477 qemuDomainXmlNsDef *qemuxmlns = obj->def->namespaceData;
6478 if (qemuxmlns->args || qemuxmlns->num_env)
6479 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_CUSTOM_ARGV, logCtxt);
6480 if (qemuxmlns->capsadd || qemuxmlns->capsdel)
6481 custom_hypervisor_feat = true;
6482 }
6483
6484 if (custom_hypervisor_feat ||
6485 (cfg->capabilityfilters && *cfg->capabilityfilters)) {
6486 qemuDomainObjTaint(driver, obj,
6487 VIR_DOMAIN_TAINT_CUSTOM_HYPERVISOR_FEATURE, logCtxt);
6488 }
6489
6490 qemuDomainObjCheckMachineTaint(driver, obj, logCtxt);
6491
6492 if (obj->def->cpu)
6493 qemuDomainObjCheckCPUTaint(driver, obj, logCtxt, incomingMigration);
6494
6495 for (i = 0; i < obj->def->ndisks; i++)
6496 qemuDomainObjCheckDiskTaint(driver, obj, obj->def->disks[i], logCtxt);
6497
6498 for (i = 0; i < obj->def->nhostdevs; i++)
6499 qemuDomainObjCheckHostdevTaint(driver, obj, obj->def->hostdevs[i],
6500 logCtxt);
6501
6502 for (i = 0; i < obj->def->nnets; i++)
6503 qemuDomainObjCheckNetTaint(driver, obj, obj->def->nets[i], logCtxt);
6504
6505 if (obj->def->os.dtb)
6506 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_CUSTOM_DTB, logCtxt);
6507 }
6508
6509
qemuDomainObjCheckDiskTaint(virQEMUDriver * driver,virDomainObj * obj,virDomainDiskDef * disk,qemuDomainLogContext * logCtxt)6510 void qemuDomainObjCheckDiskTaint(virQEMUDriver *driver,
6511 virDomainObj *obj,
6512 virDomainDiskDef *disk,
6513 qemuDomainLogContext *logCtxt)
6514 {
6515 if (disk->rawio == VIR_TRISTATE_BOOL_YES)
6516 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES,
6517 logCtxt);
6518
6519 if (disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM &&
6520 virStorageSourceGetActualType(disk->src) == VIR_STORAGE_TYPE_BLOCK &&
6521 disk->src->path && virFileIsCDROM(disk->src->path) == 1)
6522 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_CDROM_PASSTHROUGH,
6523 logCtxt);
6524 }
6525
6526
qemuDomainObjCheckHostdevTaint(virQEMUDriver * driver,virDomainObj * obj,virDomainHostdevDef * hostdev,qemuDomainLogContext * logCtxt)6527 void qemuDomainObjCheckHostdevTaint(virQEMUDriver *driver,
6528 virDomainObj *obj,
6529 virDomainHostdevDef *hostdev,
6530 qemuDomainLogContext *logCtxt)
6531 {
6532 if (!virHostdevIsSCSIDevice(hostdev))
6533 return;
6534
6535 if (hostdev->source.subsys.u.scsi.rawio == VIR_TRISTATE_BOOL_YES)
6536 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logCtxt);
6537 }
6538
6539
qemuDomainObjCheckNetTaint(virQEMUDriver * driver,virDomainObj * obj,virDomainNetDef * net,qemuDomainLogContext * logCtxt)6540 void qemuDomainObjCheckNetTaint(virQEMUDriver *driver,
6541 virDomainObj *obj,
6542 virDomainNetDef *net,
6543 qemuDomainLogContext *logCtxt)
6544 {
6545 /* script is only useful for NET_TYPE_ETHERNET (qemu) and
6546 * NET_TYPE_BRIDGE (xen), but could be (incorrectly) specified for
6547 * any interface type. In any case, it's adding user sauce into
6548 * the soup, so it should taint the domain.
6549 */
6550 if (net->script != NULL)
6551 qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_SHELL_SCRIPTS, logCtxt);
6552 }
6553
6554
qemuDomainLogContextNew(virQEMUDriver * driver,virDomainObj * vm,qemuDomainLogContextMode mode)6555 qemuDomainLogContext *qemuDomainLogContextNew(virQEMUDriver *driver,
6556 virDomainObj *vm,
6557 qemuDomainLogContextMode mode)
6558 {
6559 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
6560 qemuDomainLogContext *ctxt = QEMU_DOMAIN_LOG_CONTEXT(g_object_new(QEMU_TYPE_DOMAIN_LOG_CONTEXT, NULL));
6561
6562 VIR_DEBUG("Context new %p stdioLogD=%d", ctxt, cfg->stdioLogD);
6563 ctxt->writefd = -1;
6564 ctxt->readfd = -1;
6565
6566 ctxt->path = g_strdup_printf("%s/%s.log", cfg->logDir, vm->def->name);
6567
6568 if (cfg->stdioLogD) {
6569 ctxt->manager = virLogManagerNew(driver->privileged);
6570 if (!ctxt->manager)
6571 goto error;
6572
6573 ctxt->writefd = virLogManagerDomainOpenLogFile(ctxt->manager,
6574 "qemu",
6575 vm->def->uuid,
6576 vm->def->name,
6577 ctxt->path,
6578 0,
6579 &ctxt->inode,
6580 &ctxt->pos);
6581 if (ctxt->writefd < 0)
6582 goto error;
6583 } else {
6584 if ((ctxt->writefd = open(ctxt->path, O_WRONLY | O_CREAT | O_APPEND, S_IRUSR | S_IWUSR)) < 0) {
6585 virReportSystemError(errno, _("failed to create logfile %s"),
6586 ctxt->path);
6587 goto error;
6588 }
6589 if (virSetCloseExec(ctxt->writefd) < 0) {
6590 virReportSystemError(errno, _("failed to set close-on-exec flag on %s"),
6591 ctxt->path);
6592 goto error;
6593 }
6594
6595 /* For unprivileged startup we must truncate the file since
6596 * we can't rely on logrotate. We don't use O_TRUNC since
6597 * it is better for SELinux policy if we truncate afterwards */
6598 if (mode == QEMU_DOMAIN_LOG_CONTEXT_MODE_START &&
6599 !driver->privileged &&
6600 ftruncate(ctxt->writefd, 0) < 0) {
6601 virReportSystemError(errno, _("failed to truncate %s"),
6602 ctxt->path);
6603 goto error;
6604 }
6605
6606 if (mode == QEMU_DOMAIN_LOG_CONTEXT_MODE_START) {
6607 if ((ctxt->readfd = open(ctxt->path, O_RDONLY)) < 0) {
6608 virReportSystemError(errno, _("failed to open logfile %s"),
6609 ctxt->path);
6610 goto error;
6611 }
6612 if (virSetCloseExec(ctxt->readfd) < 0) {
6613 virReportSystemError(errno, _("failed to set close-on-exec flag on %s"),
6614 ctxt->path);
6615 goto error;
6616 }
6617 }
6618
6619 if ((ctxt->pos = lseek(ctxt->writefd, 0, SEEK_END)) < 0) {
6620 virReportSystemError(errno, _("failed to seek in log file %s"),
6621 ctxt->path);
6622 goto error;
6623 }
6624 }
6625
6626 return ctxt;
6627
6628 error:
6629 g_clear_object(&ctxt);
6630 return NULL;
6631 }
6632
6633
qemuDomainLogContextWrite(qemuDomainLogContext * ctxt,const char * fmt,...)6634 int qemuDomainLogContextWrite(qemuDomainLogContext *ctxt,
6635 const char *fmt, ...)
6636 {
6637 va_list argptr;
6638 g_autofree char *message = NULL;
6639 int ret = -1;
6640
6641 va_start(argptr, fmt);
6642
6643 message = g_strdup_vprintf(fmt, argptr);
6644 if (!ctxt->manager &&
6645 lseek(ctxt->writefd, 0, SEEK_END) < 0) {
6646 virReportSystemError(errno, "%s",
6647 _("Unable to seek to end of domain logfile"));
6648 goto cleanup;
6649 }
6650 if (safewrite(ctxt->writefd, message, strlen(message)) < 0) {
6651 virReportSystemError(errno, "%s",
6652 _("Unable to write to domain logfile"));
6653 goto cleanup;
6654 }
6655
6656 ret = 0;
6657
6658 cleanup:
6659 va_end(argptr);
6660 return ret;
6661 }
6662
6663
qemuDomainLogContextRead(qemuDomainLogContext * ctxt,char ** msg)6664 ssize_t qemuDomainLogContextRead(qemuDomainLogContext *ctxt,
6665 char **msg)
6666 {
6667 char *buf;
6668 size_t buflen;
6669
6670 VIR_DEBUG("Context read %p manager=%p inode=%llu pos=%llu",
6671 ctxt, ctxt->manager,
6672 (unsigned long long)ctxt->inode,
6673 (unsigned long long)ctxt->pos);
6674
6675 if (ctxt->manager) {
6676 buf = virLogManagerDomainReadLogFile(ctxt->manager,
6677 ctxt->path,
6678 ctxt->inode,
6679 ctxt->pos,
6680 1024 * 128,
6681 0);
6682 if (!buf)
6683 return -1;
6684 buflen = strlen(buf);
6685 } else {
6686 ssize_t got;
6687
6688 buflen = 1024 * 128;
6689
6690 /* Best effort jump to start of messages */
6691 ignore_value(lseek(ctxt->readfd, ctxt->pos, SEEK_SET));
6692
6693 buf = g_new0(char, buflen);
6694
6695 got = saferead(ctxt->readfd, buf, buflen - 1);
6696 if (got < 0) {
6697 VIR_FREE(buf);
6698 virReportSystemError(errno, "%s",
6699 _("Unable to read from log file"));
6700 return -1;
6701 }
6702
6703 buf[got] = '\0';
6704
6705 buf = g_renew(char, buf, got + 1);
6706 buflen = got;
6707 }
6708
6709 *msg = buf;
6710
6711 return buflen;
6712 }
6713
6714
6715 /**
6716 * qemuDomainLogAppendMessage:
6717 *
6718 * This is a best-effort attempt to add a log message to the qemu log file
6719 * either by using virtlogd or the legacy approach */
6720 int
qemuDomainLogAppendMessage(virQEMUDriver * driver,virDomainObj * vm,const char * fmt,...)6721 qemuDomainLogAppendMessage(virQEMUDriver *driver,
6722 virDomainObj *vm,
6723 const char *fmt,
6724 ...)
6725 {
6726 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
6727 virLogManager *manager = NULL;
6728 va_list ap;
6729 g_autofree char *path = NULL;
6730 int writefd = -1;
6731 g_autofree char *message = NULL;
6732 int ret = -1;
6733
6734 va_start(ap, fmt);
6735
6736 message = g_strdup_vprintf(fmt, ap);
6737
6738 VIR_DEBUG("Append log message (vm='%s' message='%s) stdioLogD=%d",
6739 vm->def->name, message, cfg->stdioLogD);
6740
6741 path = g_strdup_printf("%s/%s.log", cfg->logDir, vm->def->name);
6742
6743 if (cfg->stdioLogD) {
6744 if (!(manager = virLogManagerNew(driver->privileged)))
6745 goto cleanup;
6746
6747 if (virLogManagerDomainAppendMessage(manager, "qemu", vm->def->uuid,
6748 vm->def->name, path, message, 0) < 0)
6749 goto cleanup;
6750 } else {
6751 if ((writefd = open(path, O_WRONLY | O_CREAT | O_APPEND, S_IRUSR | S_IWUSR)) < 0) {
6752 virReportSystemError(errno, _("failed to create logfile %s"),
6753 path);
6754 goto cleanup;
6755 }
6756
6757 if (safewrite(writefd, message, strlen(message)) < 0)
6758 goto cleanup;
6759 }
6760
6761 ret = 0;
6762
6763 cleanup:
6764 va_end(ap);
6765 VIR_FORCE_CLOSE(writefd);
6766 virLogManagerFree(manager);
6767
6768 return ret;
6769 }
6770
6771
qemuDomainLogContextGetWriteFD(qemuDomainLogContext * ctxt)6772 int qemuDomainLogContextGetWriteFD(qemuDomainLogContext *ctxt)
6773 {
6774 return ctxt->writefd;
6775 }
6776
6777
qemuDomainLogContextMarkPosition(qemuDomainLogContext * ctxt)6778 void qemuDomainLogContextMarkPosition(qemuDomainLogContext *ctxt)
6779 {
6780 if (ctxt->manager)
6781 virLogManagerDomainGetLogFilePosition(ctxt->manager,
6782 ctxt->path,
6783 0,
6784 &ctxt->inode,
6785 &ctxt->pos);
6786 else
6787 ctxt->pos = lseek(ctxt->writefd, 0, SEEK_END);
6788 }
6789
6790
qemuDomainLogContextGetManager(qemuDomainLogContext * ctxt)6791 virLogManager *qemuDomainLogContextGetManager(qemuDomainLogContext *ctxt)
6792 {
6793 return ctxt->manager;
6794 }
6795
6796
6797 /* Locate an appropriate 'qemu-img' binary. */
6798 const char *
qemuFindQemuImgBinary(virQEMUDriver * driver)6799 qemuFindQemuImgBinary(virQEMUDriver *driver)
6800 {
6801 if (!driver->qemuImgBinary)
6802 virReportError(VIR_ERR_INTERNAL_ERROR,
6803 "%s", _("unable to find qemu-img"));
6804
6805 return driver->qemuImgBinary;
6806 }
6807
6808 int
qemuDomainSnapshotWriteMetadata(virDomainObj * vm,virDomainMomentObj * snapshot,virDomainXMLOption * xmlopt,const char * snapshotDir)6809 qemuDomainSnapshotWriteMetadata(virDomainObj *vm,
6810 virDomainMomentObj *snapshot,
6811 virDomainXMLOption *xmlopt,
6812 const char *snapshotDir)
6813 {
6814 g_autofree char *newxml = NULL;
6815 g_autofree char *snapDir = NULL;
6816 g_autofree char *snapFile = NULL;
6817 char uuidstr[VIR_UUID_STRING_BUFLEN];
6818 unsigned int flags = VIR_DOMAIN_SNAPSHOT_FORMAT_SECURE |
6819 VIR_DOMAIN_SNAPSHOT_FORMAT_INTERNAL;
6820 virDomainSnapshotDef *def = virDomainSnapshotObjGetDef(snapshot);
6821
6822 if (virDomainSnapshotGetCurrent(vm->snapshots) == snapshot)
6823 flags |= VIR_DOMAIN_SNAPSHOT_FORMAT_CURRENT;
6824 virUUIDFormat(vm->def->uuid, uuidstr);
6825 newxml = virDomainSnapshotDefFormat(uuidstr, def, xmlopt, flags);
6826 if (newxml == NULL)
6827 return -1;
6828
6829 snapDir = g_strdup_printf("%s/%s", snapshotDir, vm->def->name);
6830 if (g_mkdir_with_parents(snapDir, 0777) < 0) {
6831 virReportSystemError(errno, _("cannot create snapshot directory '%s'"),
6832 snapDir);
6833 return -1;
6834 }
6835
6836 snapFile = g_strdup_printf("%s/%s.xml", snapDir, def->parent.name);
6837
6838 return virXMLSaveFile(snapFile, NULL, "snapshot-edit", newxml);
6839 }
6840
6841
6842 /* The domain is expected to be locked and inactive. Return -1 on normal
6843 * failure, 1 if we skipped a disk due to try_all. */
6844 static int
qemuDomainSnapshotForEachQcow2Raw(virQEMUDriver * driver,virDomainDef * def,const char * name,const char * op,bool try_all,int ndisks)6845 qemuDomainSnapshotForEachQcow2Raw(virQEMUDriver *driver,
6846 virDomainDef *def,
6847 const char *name,
6848 const char *op,
6849 bool try_all,
6850 int ndisks)
6851 {
6852 const char *qemuimgbin;
6853 size_t i;
6854 bool skipped = false;
6855
6856 qemuimgbin = qemuFindQemuImgBinary(driver);
6857 if (qemuimgbin == NULL) {
6858 /* qemuFindQemuImgBinary set the error */
6859 return -1;
6860 }
6861
6862 for (i = 0; i < ndisks; i++) {
6863 g_autoptr(virCommand) cmd = virCommandNewArgList(qemuimgbin, "snapshot",
6864 op, name, NULL);
6865 int format = virDomainDiskGetFormat(def->disks[i]);
6866
6867 /* FIXME: we also need to handle LVM here */
6868 if (def->disks[i]->device != VIR_DOMAIN_DISK_DEVICE_DISK)
6869 continue;
6870
6871 if (!virStorageSourceIsLocalStorage(def->disks[i]->src)) {
6872 virReportError(VIR_ERR_OPERATION_INVALID,
6873 _("can't manipulate inactive snapshots of disk '%s'"),
6874 def->disks[i]->dst);
6875 return -1;
6876 }
6877
6878 if (format > 0 && format != VIR_STORAGE_FILE_QCOW2) {
6879 if (try_all) {
6880 /* Continue on even in the face of error, since other
6881 * disks in this VM may have the same snapshot name.
6882 */
6883 VIR_WARN("skipping snapshot action on %s",
6884 def->disks[i]->dst);
6885 skipped = true;
6886 continue;
6887 } else if (STREQ(op, "-c") && i) {
6888 /* We must roll back partial creation by deleting
6889 * all earlier snapshots. */
6890 qemuDomainSnapshotForEachQcow2Raw(driver, def, name,
6891 "-d", false, i);
6892 }
6893 virReportError(VIR_ERR_OPERATION_INVALID,
6894 _("Disk device '%s' does not support snapshotting"),
6895 def->disks[i]->dst);
6896 return -1;
6897 }
6898
6899 virCommandAddArg(cmd, virDomainDiskGetSource(def->disks[i]));
6900
6901 if (virCommandRun(cmd, NULL) < 0) {
6902 if (try_all) {
6903 VIR_WARN("skipping snapshot action on %s",
6904 def->disks[i]->dst);
6905 skipped = true;
6906 continue;
6907 } else if (STREQ(op, "-c") && i) {
6908 /* We must roll back partial creation by deleting
6909 * all earlier snapshots. */
6910 qemuDomainSnapshotForEachQcow2Raw(driver, def, name,
6911 "-d", false, i);
6912 }
6913 return -1;
6914 }
6915 }
6916
6917 return skipped ? 1 : 0;
6918 }
6919
6920 /* The domain is expected to be locked and inactive. Return -1 on normal
6921 * failure, 1 if we skipped a disk due to try_all. */
6922 int
qemuDomainSnapshotForEachQcow2(virQEMUDriver * driver,virDomainDef * def,virDomainMomentObj * snap,const char * op,bool try_all)6923 qemuDomainSnapshotForEachQcow2(virQEMUDriver *driver,
6924 virDomainDef *def,
6925 virDomainMomentObj *snap,
6926 const char *op,
6927 bool try_all)
6928 {
6929 return qemuDomainSnapshotForEachQcow2Raw(driver, def, snap->def->name,
6930 op, try_all, def->ndisks);
6931 }
6932
6933 /* Discard one snapshot (or its metadata), without reparenting any children. */
6934 int
qemuDomainSnapshotDiscard(virQEMUDriver * driver,virDomainObj * vm,virDomainMomentObj * snap,bool update_parent,bool metadata_only)6935 qemuDomainSnapshotDiscard(virQEMUDriver *driver,
6936 virDomainObj *vm,
6937 virDomainMomentObj *snap,
6938 bool update_parent,
6939 bool metadata_only)
6940 {
6941 g_autofree char *snapFile = NULL;
6942 qemuDomainObjPrivate *priv;
6943 virDomainMomentObj *parentsnap = NULL;
6944 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
6945
6946 if (!metadata_only) {
6947 if (!virDomainObjIsActive(vm)) {
6948 size_t i;
6949 /* Ignore any skipped disks */
6950
6951 /* Prefer action on the disks in use at the time the snapshot was
6952 * created; but fall back to current definition if dealing with a
6953 * snapshot created prior to libvirt 0.9.5. */
6954 virDomainDef *def = snap->def->dom;
6955
6956 if (!def)
6957 def = vm->def;
6958
6959 for (i = 0; i < def->ndisks; i++) {
6960 if (virDomainDiskTranslateSourcePool(def->disks[i]) < 0)
6961 return -1;
6962 }
6963
6964 if (qemuDomainSnapshotForEachQcow2(driver, def, snap, "-d", true) < 0)
6965 return -1;
6966 } else {
6967 priv = vm->privateData;
6968 qemuDomainObjEnterMonitor(driver, vm);
6969 /* we continue on even in the face of error */
6970 qemuMonitorDeleteSnapshot(priv->mon, snap->def->name);
6971 ignore_value(qemuDomainObjExitMonitor(driver, vm));
6972 }
6973 }
6974
6975 snapFile = g_strdup_printf("%s/%s/%s.xml", cfg->snapshotDir, vm->def->name,
6976 snap->def->name);
6977
6978 if (snap == virDomainSnapshotGetCurrent(vm->snapshots)) {
6979 virDomainSnapshotSetCurrent(vm->snapshots, NULL);
6980 if (update_parent && snap->def->parent_name) {
6981 parentsnap = virDomainSnapshotFindByName(vm->snapshots,
6982 snap->def->parent_name);
6983 if (!parentsnap) {
6984 VIR_WARN("missing parent snapshot matching name '%s'",
6985 snap->def->parent_name);
6986 } else {
6987 virDomainSnapshotSetCurrent(vm->snapshots, parentsnap);
6988 if (qemuDomainSnapshotWriteMetadata(vm, parentsnap,
6989 driver->xmlopt,
6990 cfg->snapshotDir) < 0) {
6991 VIR_WARN("failed to set parent snapshot '%s' as current",
6992 snap->def->parent_name);
6993 virDomainSnapshotSetCurrent(vm->snapshots, NULL);
6994 }
6995 }
6996 }
6997 }
6998
6999 if (unlink(snapFile) < 0)
7000 VIR_WARN("Failed to unlink %s", snapFile);
7001 if (update_parent)
7002 virDomainMomentDropParent(snap);
7003 virDomainSnapshotObjListRemove(vm->snapshots, snap);
7004
7005 return 0;
7006 }
7007
7008 /* Hash iterator callback to discard multiple snapshots. */
qemuDomainMomentDiscardAll(void * payload,const char * name G_GNUC_UNUSED,void * data)7009 int qemuDomainMomentDiscardAll(void *payload,
7010 const char *name G_GNUC_UNUSED,
7011 void *data)
7012 {
7013 virDomainMomentObj *moment = payload;
7014 virQEMUMomentRemove *curr = data;
7015 int err;
7016
7017 if (!curr->found && curr->current == moment)
7018 curr->found = true;
7019 err = curr->momentDiscard(curr->driver, curr->vm, moment, false,
7020 curr->metadata_only);
7021 if (err && !curr->err)
7022 curr->err = err;
7023 return 0;
7024 }
7025
7026 int
qemuDomainSnapshotDiscardAllMetadata(virQEMUDriver * driver,virDomainObj * vm)7027 qemuDomainSnapshotDiscardAllMetadata(virQEMUDriver *driver,
7028 virDomainObj *vm)
7029 {
7030 virQEMUMomentRemove rem = {
7031 .driver = driver,
7032 .vm = vm,
7033 .metadata_only = true,
7034 .momentDiscard = qemuDomainSnapshotDiscard,
7035 };
7036
7037 virDomainSnapshotForEach(vm->snapshots, qemuDomainMomentDiscardAll, &rem);
7038 virDomainSnapshotObjListRemoveAll(vm->snapshots);
7039
7040 return rem.err;
7041 }
7042
7043
7044 static void
qemuDomainRemoveInactiveCommon(virQEMUDriver * driver,virDomainObj * vm)7045 qemuDomainRemoveInactiveCommon(virQEMUDriver *driver,
7046 virDomainObj *vm)
7047 {
7048 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
7049 g_autofree char *snapDir = NULL;
7050 g_autofree char *chkDir = NULL;
7051
7052 /* Remove any snapshot metadata prior to removing the domain */
7053 if (qemuDomainSnapshotDiscardAllMetadata(driver, vm) < 0) {
7054 VIR_WARN("unable to remove all snapshots for domain %s",
7055 vm->def->name);
7056 } else {
7057 snapDir = g_strdup_printf("%s/%s", cfg->snapshotDir, vm->def->name);
7058
7059 if (rmdir(snapDir) < 0 && errno != ENOENT)
7060 VIR_WARN("unable to remove snapshot directory %s", snapDir);
7061 }
7062 /* Remove any checkpoint metadata prior to removing the domain */
7063 if (qemuCheckpointDiscardAllMetadata(driver, vm) < 0) {
7064 VIR_WARN("unable to remove all checkpoints for domain %s",
7065 vm->def->name);
7066 } else {
7067 chkDir = g_strdup_printf("%s/%s", cfg->checkpointDir,
7068 vm->def->name);
7069 if (rmdir(chkDir) < 0 && errno != ENOENT)
7070 VIR_WARN("unable to remove checkpoint directory %s", chkDir);
7071 }
7072 qemuExtDevicesCleanupHost(driver, vm->def);
7073 }
7074
7075
7076 /**
7077 * qemuDomainRemoveInactive:
7078 *
7079 * The caller must hold a lock to the vm.
7080 */
7081 void
qemuDomainRemoveInactive(virQEMUDriver * driver,virDomainObj * vm)7082 qemuDomainRemoveInactive(virQEMUDriver *driver,
7083 virDomainObj *vm)
7084 {
7085 if (vm->persistent) {
7086 /* Short-circuit, we don't want to remove a persistent domain */
7087 return;
7088 }
7089
7090 qemuDomainRemoveInactiveCommon(driver, vm);
7091
7092 virDomainObjListRemove(driver->domains, vm);
7093 }
7094
7095
7096 /**
7097 * qemuDomainRemoveInactiveLocked:
7098 *
7099 * The caller must hold a lock to the vm and must hold the
7100 * lock on driver->domains in order to call the remove obj
7101 * from locked list method.
7102 */
7103 static void
qemuDomainRemoveInactiveLocked(virQEMUDriver * driver,virDomainObj * vm)7104 qemuDomainRemoveInactiveLocked(virQEMUDriver *driver,
7105 virDomainObj *vm)
7106 {
7107 if (vm->persistent) {
7108 /* Short-circuit, we don't want to remove a persistent domain */
7109 return;
7110 }
7111
7112 qemuDomainRemoveInactiveCommon(driver, vm);
7113
7114 virDomainObjListRemoveLocked(driver->domains, vm);
7115 }
7116
7117 /**
7118 * qemuDomainRemoveInactiveJob:
7119 *
7120 * Just like qemuDomainRemoveInactive but it tries to grab a
7121 * QEMU_JOB_MODIFY first. Even though it doesn't succeed in
7122 * grabbing the job the control carries with
7123 * qemuDomainRemoveInactive call.
7124 */
7125 void
qemuDomainRemoveInactiveJob(virQEMUDriver * driver,virDomainObj * vm)7126 qemuDomainRemoveInactiveJob(virQEMUDriver *driver,
7127 virDomainObj *vm)
7128 {
7129 bool haveJob;
7130
7131 haveJob = qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) >= 0;
7132
7133 qemuDomainRemoveInactive(driver, vm);
7134
7135 if (haveJob)
7136 qemuDomainObjEndJob(driver, vm);
7137 }
7138
7139
7140 /**
7141 * qemuDomainRemoveInactiveJobLocked:
7142 *
7143 * Similar to qemuDomainRemoveInactiveJob, except that the caller must
7144 * also hold the lock @driver->domains
7145 */
7146 void
qemuDomainRemoveInactiveJobLocked(virQEMUDriver * driver,virDomainObj * vm)7147 qemuDomainRemoveInactiveJobLocked(virQEMUDriver *driver,
7148 virDomainObj *vm)
7149 {
7150 bool haveJob;
7151
7152 haveJob = qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) >= 0;
7153
7154 qemuDomainRemoveInactiveLocked(driver, vm);
7155
7156 if (haveJob)
7157 qemuDomainObjEndJob(driver, vm);
7158 }
7159
7160
7161 void
qemuDomainSetFakeReboot(virQEMUDriver * driver,virDomainObj * vm,bool value)7162 qemuDomainSetFakeReboot(virQEMUDriver *driver,
7163 virDomainObj *vm,
7164 bool value)
7165 {
7166 qemuDomainObjPrivate *priv = vm->privateData;
7167 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
7168
7169 if (priv->fakeReboot == value)
7170 return;
7171
7172 priv->fakeReboot = value;
7173
7174 if (virDomainObjSave(vm, driver->xmlopt, cfg->stateDir) < 0)
7175 VIR_WARN("Failed to save status on vm %s", vm->def->name);
7176 }
7177
7178 static void
qemuDomainCheckRemoveOptionalDisk(virQEMUDriver * driver,virDomainObj * vm,size_t diskIndex)7179 qemuDomainCheckRemoveOptionalDisk(virQEMUDriver *driver,
7180 virDomainObj *vm,
7181 size_t diskIndex)
7182 {
7183 char uuid[VIR_UUID_STRING_BUFLEN];
7184 virObjectEvent *event = NULL;
7185 virDomainDiskDef *disk = vm->def->disks[diskIndex];
7186 const char *src = virDomainDiskGetSource(disk);
7187
7188 virUUIDFormat(vm->def->uuid, uuid);
7189
7190 VIR_DEBUG("Dropping disk '%s' on domain '%s' (UUID '%s') "
7191 "due to inaccessible source '%s'",
7192 disk->dst, vm->def->name, uuid, src);
7193
7194 if (disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM ||
7195 disk->device == VIR_DOMAIN_DISK_DEVICE_FLOPPY) {
7196
7197 event = virDomainEventDiskChangeNewFromObj(vm, src, NULL,
7198 disk->info.alias,
7199 VIR_DOMAIN_EVENT_DISK_CHANGE_MISSING_ON_START);
7200 virDomainDiskEmptySource(disk);
7201 /* keeping the old startup policy would be invalid for new images */
7202 disk->startupPolicy = VIR_DOMAIN_STARTUP_POLICY_DEFAULT;
7203 } else {
7204 event = virDomainEventDiskChangeNewFromObj(vm, src, NULL,
7205 disk->info.alias,
7206 VIR_DOMAIN_EVENT_DISK_DROP_MISSING_ON_START);
7207 virDomainDiskRemove(vm->def, diskIndex);
7208 virDomainDiskDefFree(disk);
7209 }
7210
7211 virObjectEventStateQueue(driver->domainEventState, event);
7212 }
7213
7214
7215 /**
7216 * qemuDomainCheckDiskStartupPolicy:
7217 * @driver: qemu driver object
7218 * @vm: domain object
7219 * @disk: index of disk to check
7220 * @cold_boot: true if a new VM is being started
7221 *
7222 * This function should be called when the source storage for a disk device is
7223 * missing. The function checks whether the startup policy for the disk allows
7224 * removal of the source (or disk) according to the state of the VM.
7225 *
7226 * The function returns 0 if the source or disk was dropped and -1 if the state
7227 * of the VM does not allow this. This function does not report errors, but
7228 * clears any reported error if 0 is returned.
7229 */
7230 int
qemuDomainCheckDiskStartupPolicy(virQEMUDriver * driver,virDomainObj * vm,size_t diskIndex,bool cold_boot)7231 qemuDomainCheckDiskStartupPolicy(virQEMUDriver *driver,
7232 virDomainObj *vm,
7233 size_t diskIndex,
7234 bool cold_boot)
7235 {
7236 int startupPolicy = vm->def->disks[diskIndex]->startupPolicy;
7237 int device = vm->def->disks[diskIndex]->device;
7238
7239 switch ((virDomainStartupPolicy) startupPolicy) {
7240 case VIR_DOMAIN_STARTUP_POLICY_OPTIONAL:
7241 /* Once started with an optional disk, qemu saves its section
7242 * in the migration stream, so later, when restoring from it
7243 * we must make sure the sections match. */
7244 if (!cold_boot &&
7245 device != VIR_DOMAIN_DISK_DEVICE_FLOPPY &&
7246 device != VIR_DOMAIN_DISK_DEVICE_CDROM)
7247 return -1;
7248 break;
7249
7250 case VIR_DOMAIN_STARTUP_POLICY_DEFAULT:
7251 case VIR_DOMAIN_STARTUP_POLICY_MANDATORY:
7252 return -1;
7253
7254 case VIR_DOMAIN_STARTUP_POLICY_REQUISITE:
7255 if (cold_boot)
7256 return -1;
7257 break;
7258
7259 case VIR_DOMAIN_STARTUP_POLICY_LAST:
7260 /* this should never happen */
7261 break;
7262 }
7263
7264 qemuDomainCheckRemoveOptionalDisk(driver, vm, diskIndex);
7265 virResetLastError();
7266 return 0;
7267 }
7268
7269
7270
7271 /*
7272 * The vm must be locked when any of the following cleanup functions is
7273 * called.
7274 */
7275 int
qemuDomainCleanupAdd(virDomainObj * vm,qemuDomainCleanupCallback cb)7276 qemuDomainCleanupAdd(virDomainObj *vm,
7277 qemuDomainCleanupCallback cb)
7278 {
7279 qemuDomainObjPrivate *priv = vm->privateData;
7280 size_t i;
7281
7282 VIR_DEBUG("vm=%s, cb=%p", vm->def->name, cb);
7283
7284 for (i = 0; i < priv->ncleanupCallbacks; i++) {
7285 if (priv->cleanupCallbacks[i] == cb)
7286 return 0;
7287 }
7288
7289 VIR_RESIZE_N(priv->cleanupCallbacks,
7290 priv->ncleanupCallbacks_max,
7291 priv->ncleanupCallbacks, 1);
7292
7293 priv->cleanupCallbacks[priv->ncleanupCallbacks++] = cb;
7294 return 0;
7295 }
7296
7297 void
qemuDomainCleanupRemove(virDomainObj * vm,qemuDomainCleanupCallback cb)7298 qemuDomainCleanupRemove(virDomainObj *vm,
7299 qemuDomainCleanupCallback cb)
7300 {
7301 qemuDomainObjPrivate *priv = vm->privateData;
7302 size_t i;
7303
7304 VIR_DEBUG("vm=%s, cb=%p", vm->def->name, cb);
7305
7306 for (i = 0; i < priv->ncleanupCallbacks; i++) {
7307 if (priv->cleanupCallbacks[i] == cb)
7308 VIR_DELETE_ELEMENT_INPLACE(priv->cleanupCallbacks,
7309 i, priv->ncleanupCallbacks);
7310 }
7311
7312 VIR_SHRINK_N(priv->cleanupCallbacks,
7313 priv->ncleanupCallbacks_max,
7314 priv->ncleanupCallbacks_max - priv->ncleanupCallbacks);
7315 }
7316
7317 void
qemuDomainCleanupRun(virQEMUDriver * driver,virDomainObj * vm)7318 qemuDomainCleanupRun(virQEMUDriver *driver,
7319 virDomainObj *vm)
7320 {
7321 qemuDomainObjPrivate *priv = vm->privateData;
7322
7323 VIR_DEBUG("driver=%p, vm=%s", driver, vm->def->name);
7324
7325 /* run cleanup callbacks in reverse order */
7326 while (priv->ncleanupCallbacks)
7327 priv->cleanupCallbacks[--priv->ncleanupCallbacks](driver, vm);
7328
7329 VIR_FREE(priv->cleanupCallbacks);
7330 priv->ncleanupCallbacks_max = 0;
7331 }
7332
7333 void
qemuDomainGetImageIds(virQEMUDriverConfig * cfg,virDomainObj * vm,virStorageSource * src,virStorageSource * parentSrc,uid_t * uid,gid_t * gid)7334 qemuDomainGetImageIds(virQEMUDriverConfig *cfg,
7335 virDomainObj *vm,
7336 virStorageSource *src,
7337 virStorageSource *parentSrc,
7338 uid_t *uid, gid_t *gid)
7339 {
7340 virSecurityLabelDef *vmlabel;
7341 virSecurityDeviceLabelDef *disklabel;
7342
7343 if (uid)
7344 *uid = -1;
7345 if (gid)
7346 *gid = -1;
7347
7348 if (cfg) {
7349 if (uid)
7350 *uid = cfg->user;
7351
7352 if (gid)
7353 *gid = cfg->group;
7354 }
7355
7356 if (vm && (vmlabel = virDomainDefGetSecurityLabelDef(vm->def, "dac")) &&
7357 vmlabel->label)
7358 virParseOwnershipIds(vmlabel->label, uid, gid);
7359
7360 if (parentSrc &&
7361 (disklabel = virStorageSourceGetSecurityLabelDef(parentSrc, "dac")) &&
7362 disklabel->label)
7363 virParseOwnershipIds(disklabel->label, uid, gid);
7364
7365 if ((disklabel = virStorageSourceGetSecurityLabelDef(src, "dac")) &&
7366 disklabel->label)
7367 virParseOwnershipIds(disklabel->label, uid, gid);
7368 }
7369
7370
7371 int
qemuDomainStorageFileInit(virQEMUDriver * driver,virDomainObj * vm,virStorageSource * src,virStorageSource * parent)7372 qemuDomainStorageFileInit(virQEMUDriver *driver,
7373 virDomainObj *vm,
7374 virStorageSource *src,
7375 virStorageSource *parent)
7376 {
7377 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
7378 uid_t uid;
7379 gid_t gid;
7380
7381 qemuDomainGetImageIds(cfg, vm, src, parent, &uid, &gid);
7382
7383 if (virStorageSourceInitAs(src, uid, gid) < 0)
7384 return -1;
7385
7386 return 0;
7387 }
7388
7389
7390 char *
qemuDomainStorageAlias(const char * device,int depth)7391 qemuDomainStorageAlias(const char *device, int depth)
7392 {
7393 char *alias;
7394
7395 device = qemuAliasDiskDriveSkipPrefix(device);
7396
7397 if (!depth)
7398 alias = g_strdup(device);
7399 else
7400 alias = g_strdup_printf("%s.%d", device, depth);
7401 return alias;
7402 }
7403
7404
7405 #define QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH 200
7406
7407 /**
7408 * qemuDomainStorageSourceValidateDepth:
7409 * @src: storage source chain to validate
7410 * @add: offsets the calculated number of images
7411 * @diskdst: optional disk target to use in error message
7412 *
7413 * The XML parser limits the maximum element nesting to 256 layers. As libvirt
7414 * reports the chain into the status and in some cases the config XML we must
7415 * validate that any user-provided chains will not exceed the XML nesting limit
7416 * when formatted to the XML.
7417 *
7418 * This function validates that the storage source chain starting @src is at
7419 * most QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH layers deep. @add modifies
7420 * the calculated value to offset the number to allow checking cases when new
7421 * layers are going to be added to the chain.
7422 *
7423 * Returns 0 on success and -1 if the chain is too deep. Error is reported.
7424 */
7425 int
qemuDomainStorageSourceValidateDepth(virStorageSource * src,int add,const char * diskdst)7426 qemuDomainStorageSourceValidateDepth(virStorageSource *src,
7427 int add,
7428 const char *diskdst)
7429 {
7430 virStorageSource *n;
7431 size_t nlayers = 0;
7432
7433 for (n = src; virStorageSourceIsBacking(n); n = n->backingStore)
7434 nlayers++;
7435
7436 nlayers += add;
7437
7438 if (nlayers > QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH) {
7439 if (diskdst)
7440 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
7441 _("backing chains more than 200 layers deep are not "
7442 "supported for disk '%s'"), diskdst);
7443 else
7444 virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
7445 _("backing chains more than 200 layers deep are not "
7446 "supported"));
7447
7448 return -1;
7449 }
7450
7451 return 0;
7452 }
7453
7454
7455 /**
7456 * qemuDomainPrepareStorageSourceConfig:
7457 * @src: storage source to configure
7458 * @cfg: qemu driver config object
7459 * @qemuCaps: capabilities of qemu
7460 *
7461 * Set properties of @src based on the qemu driver config @cfg.
7462 *
7463 */
7464 static void
qemuDomainPrepareStorageSourceConfig(virStorageSource * src,virQEMUDriverConfig * cfg,virQEMUCaps * qemuCaps)7465 qemuDomainPrepareStorageSourceConfig(virStorageSource *src,
7466 virQEMUDriverConfig *cfg,
7467 virQEMUCaps *qemuCaps)
7468 {
7469 if (!cfg)
7470 return;
7471
7472 if (src->type == VIR_STORAGE_TYPE_NETWORK &&
7473 src->protocol == VIR_STORAGE_NET_PROTOCOL_GLUSTER &&
7474 virQEMUCapsGet(qemuCaps, QEMU_CAPS_GLUSTER_DEBUG_LEVEL)) {
7475 src->debug = true;
7476 src->debugLevel = cfg->glusterDebugLevel;
7477 }
7478 }
7479
7480
7481 /**
7482 * qemuDomainDetermineDiskChain:
7483 * @driver: qemu driver object
7484 * @vm: domain object
7485 * @disk: disk definition
7486 * @disksrc: source to determine the chain for, may be NULL
7487 * @report_broken: report broken chain verbosely
7488 *
7489 * Prepares and initializes the backing chain of disk @disk. In cases where
7490 * a new source is to be associated with @disk the @disksrc parameter can be
7491 * used to override the source. If @report_broken is true missing images
7492 * in the backing chain are reported.
7493 */
7494 int
qemuDomainDetermineDiskChain(virQEMUDriver * driver,virDomainObj * vm,virDomainDiskDef * disk,virStorageSource * disksrc,bool report_broken)7495 qemuDomainDetermineDiskChain(virQEMUDriver *driver,
7496 virDomainObj *vm,
7497 virDomainDiskDef *disk,
7498 virStorageSource *disksrc,
7499 bool report_broken)
7500 {
7501 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
7502 virStorageSource *src; /* iterator for the backing chain declared in XML */
7503 virStorageSource *n; /* iterator for the backing chain detected from disk */
7504 qemuDomainObjPrivate *priv = vm->privateData;
7505 bool blockdev = virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV);
7506 bool isSD = qemuDiskBusIsSD(disk->bus);
7507 uid_t uid;
7508 gid_t gid;
7509
7510 if (!disksrc)
7511 disksrc = disk->src;
7512
7513 if (virStorageSourceIsEmpty(disksrc))
7514 return 0;
7515
7516 /* There is no need to check the backing chain for disks without backing
7517 * support */
7518 if (virStorageSourceIsLocalStorage(disksrc) &&
7519 disksrc->format > VIR_STORAGE_FILE_NONE &&
7520 disksrc->format < VIR_STORAGE_FILE_BACKING) {
7521
7522 if (!virFileExists(disksrc->path)) {
7523 if (report_broken)
7524 virStorageSourceReportBrokenChain(errno, disksrc, disksrc);
7525
7526 return -1;
7527 }
7528
7529 /* terminate the chain for such images as the code below would do */
7530 if (!disksrc->backingStore)
7531 disksrc->backingStore = virStorageSourceNew();
7532
7533 /* host cdrom requires special treatment in qemu, so we need to check
7534 * whether a block device is a cdrom */
7535 if (disk->device == VIR_DOMAIN_DISK_DEVICE_CDROM &&
7536 disksrc->format == VIR_STORAGE_FILE_RAW &&
7537 virStorageSourceIsBlockLocal(disksrc) &&
7538 virFileIsCDROM(disksrc->path) == 1)
7539 disksrc->hostcdrom = true;
7540
7541 return 0;
7542 }
7543
7544 src = disksrc;
7545 /* skip to the end of the chain if there is any */
7546 while (virStorageSourceHasBacking(src)) {
7547 if (report_broken) {
7548 int rv = virStorageSourceSupportsAccess(src);
7549
7550 if (rv < 0)
7551 return -1;
7552
7553 if (rv > 0) {
7554 if (qemuDomainStorageFileInit(driver, vm, src, disksrc) < 0)
7555 return -1;
7556
7557 if (virStorageSourceAccess(src, F_OK) < 0) {
7558 virStorageSourceReportBrokenChain(errno, src, disksrc);
7559 virStorageSourceDeinit(src);
7560 return -1;
7561 }
7562
7563 virStorageSourceDeinit(src);
7564 }
7565 }
7566 src = src->backingStore;
7567 }
7568
7569 /* We skipped to the end of the chain. Skip detection if there's the
7570 * terminator. (An allocated but empty backingStore) */
7571 if (src->backingStore) {
7572 if (qemuDomainStorageSourceValidateDepth(disksrc, 0, disk->dst) < 0)
7573 return -1;
7574
7575 return 0;
7576 }
7577
7578 qemuDomainGetImageIds(cfg, vm, src, disksrc, &uid, &gid);
7579
7580 if (virStorageSourceGetMetadata(src, uid, gid,
7581 QEMU_DOMAIN_STORAGE_SOURCE_CHAIN_MAX_DEPTH,
7582 report_broken) < 0)
7583 return -1;
7584
7585 for (n = src->backingStore; virStorageSourceIsBacking(n); n = n->backingStore) {
7586 /* convert detected ISO format to 'raw' as qemu would not understand it */
7587 if (n->format == VIR_STORAGE_FILE_ISO)
7588 n->format = VIR_STORAGE_FILE_RAW;
7589
7590 /* mask-out blockdev for 'sd' disks */
7591 if (qemuDomainValidateStorageSource(n, priv->qemuCaps, isSD) < 0)
7592 return -1;
7593
7594 qemuDomainPrepareStorageSourceConfig(n, cfg, priv->qemuCaps);
7595 qemuDomainPrepareDiskSourceData(disk, n);
7596
7597 if (blockdev && !isSD &&
7598 qemuDomainPrepareStorageSourceBlockdev(disk, n, priv, cfg) < 0)
7599 return -1;
7600 }
7601
7602 if (qemuDomainStorageSourceValidateDepth(disksrc, 0, disk->dst) < 0)
7603 return -1;
7604
7605 return 0;
7606 }
7607
7608
7609 /**
7610 * qemuDomainDiskGetTopNodename:
7611 *
7612 * @disk: disk definition object
7613 *
7614 * Returns the pointer to the node-name of the topmost layer used by @disk as
7615 * backend. Currently returns the nodename of the copy-on-read filter if enabled
7616 * or the nodename of the top image's format driver. Empty disks return NULL.
7617 * This must be used only when VIR_QEMU_CAPS_BLOCKDEV is enabled.
7618 */
7619 const char *
qemuDomainDiskGetTopNodename(virDomainDiskDef * disk)7620 qemuDomainDiskGetTopNodename(virDomainDiskDef *disk)
7621 {
7622 qemuDomainDiskPrivate *priv = QEMU_DOMAIN_DISK_PRIVATE(disk);
7623
7624 if (virStorageSourceIsEmpty(disk->src))
7625 return NULL;
7626
7627 if (disk->copy_on_read == VIR_TRISTATE_SWITCH_ON)
7628 return priv->nodeCopyOnRead;
7629
7630 return disk->src->nodeformat;
7631 }
7632
7633
7634 /**
7635 * qemuDomainDiskGetBackendAlias:
7636 * @disk: disk definition
7637 * @qemuCaps: emulator capabilities
7638 * @backendAlias: filled with the alias of the disk storage backend
7639 *
7640 * Returns the correct alias for the disk backend. This may be the alias of
7641 * -drive for legacy setup or the correct node name for -blockdev setups.
7642 *
7643 * @backendAlias may be NULL on success if the backend does not exist
7644 * (disk is empty). Caller is responsible for freeing @backendAlias.
7645 *
7646 * Returns 0 on success, -1 on error with libvirt error reported.
7647 */
7648 int
qemuDomainDiskGetBackendAlias(virDomainDiskDef * disk,virQEMUCaps * qemuCaps,char ** backendAlias)7649 qemuDomainDiskGetBackendAlias(virDomainDiskDef *disk,
7650 virQEMUCaps *qemuCaps,
7651 char **backendAlias)
7652 {
7653 *backendAlias = NULL;
7654
7655 if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_BLOCKDEV) ||
7656 qemuDiskBusIsSD(disk->bus)) {
7657 if (!(*backendAlias = qemuAliasDiskDriveFromDisk(disk)))
7658 return -1;
7659
7660 return 0;
7661 }
7662
7663 *backendAlias = g_strdup(qemuDomainDiskGetTopNodename(disk));
7664 return 0;
7665 }
7666
7667
7668 typedef enum {
7669 /* revoke access to the image instead of allowing it */
7670 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_REVOKE = 1 << 0,
7671 /* operate on full backing chain rather than single image */
7672 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN = 1 << 1,
7673 /* force permissions to read-only/read-write when allowing */
7674 /* currently does not properly work with QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN */
7675 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_FORCE_READ_ONLY = 1 << 2,
7676 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_FORCE_READ_WRITE = 1 << 3,
7677 /* don't revoke permissions when modification has failed */
7678 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_SKIP_REVOKE = 1 << 4,
7679 /* VM already has access to the source and we are just modifying it */
7680 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_MODIFY_ACCESS = 1 << 5,
7681 /* whether the image is the top image of the backing chain (e.g. disk source) */
7682 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN_TOP = 1 << 6,
7683 } qemuDomainStorageSourceAccessFlags;
7684
7685
7686 static int
qemuDomainStorageSourceAccessModifyNVMe(virQEMUDriver * driver,virDomainObj * vm,virStorageSource * src,bool revoke)7687 qemuDomainStorageSourceAccessModifyNVMe(virQEMUDriver *driver,
7688 virDomainObj *vm,
7689 virStorageSource *src,
7690 bool revoke)
7691 {
7692 bool revoke_maxmemlock = false;
7693 bool revoke_hostdev = false;
7694 int ret = -1;
7695
7696 if (!virStorageSourceChainHasNVMe(src))
7697 return 0;
7698
7699 VIR_DEBUG("Modifying access for a NVMe disk src=%p revoke=%d",
7700 src, revoke);
7701
7702 if (revoke) {
7703 revoke_maxmemlock = true;
7704 revoke_hostdev = true;
7705 ret = 0;
7706 goto revoke;
7707 }
7708
7709 if (qemuDomainAdjustMaxMemLock(vm, true) < 0)
7710 goto revoke;
7711
7712 revoke_maxmemlock = true;
7713
7714 if (qemuHostdevPrepareOneNVMeDisk(driver, vm->def->name, src) < 0)
7715 goto revoke;
7716
7717 revoke_hostdev = true;
7718
7719 return 0;
7720
7721 revoke:
7722 if (revoke_maxmemlock) {
7723 if (qemuDomainAdjustMaxMemLock(vm, false) < 0)
7724 VIR_WARN("Unable to change max memlock limit");
7725 }
7726
7727 if (revoke_hostdev)
7728 qemuHostdevReAttachOneNVMeDisk(driver, vm->def->name, src);
7729
7730 return ret;
7731 }
7732
7733
7734 /**
7735 * qemuDomainStorageSourceAccessModify:
7736 * @driver: qemu driver struct
7737 * @vm: domain object
7738 * @src: Source to prepare
7739 * @flags: bitwise or of qemuDomainStorageSourceAccessFlags
7740 *
7741 * Setup the locks, cgroups and security permissions on a disk source and its
7742 * backing chain.
7743 *
7744 * Returns 0 on success and -1 on error. Reports libvirt error.
7745 */
7746 static int
qemuDomainStorageSourceAccessModify(virQEMUDriver * driver,virDomainObj * vm,virStorageSource * src,qemuDomainStorageSourceAccessFlags flags)7747 qemuDomainStorageSourceAccessModify(virQEMUDriver *driver,
7748 virDomainObj *vm,
7749 virStorageSource *src,
7750 qemuDomainStorageSourceAccessFlags flags)
7751 {
7752 g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver);
7753 const char *srcstr = NULLSTR(src->path);
7754 int ret = -1;
7755 virErrorPtr orig_err = NULL;
7756 bool chain = flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN;
7757 bool force_ro = flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_FORCE_READ_ONLY;
7758 bool force_rw = flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_FORCE_READ_WRITE;
7759 bool revoke = flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_REVOKE;
7760 bool chain_top = flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN_TOP;
7761 int rc;
7762 bool was_readonly = src->readonly;
7763 bool revoke_cgroup = false;
7764 bool revoke_label = false;
7765 bool revoke_namespace = false;
7766 bool revoke_nvme = false;
7767 bool revoke_lockspace = false;
7768
7769 VIR_DEBUG("src='%s' readonly=%d force_ro=%d force_rw=%d revoke=%d chain=%d",
7770 NULLSTR(src->path), src->readonly, force_ro, force_rw, revoke, chain);
7771
7772 if (force_ro)
7773 src->readonly = true;
7774
7775 if (force_rw)
7776 src->readonly = false;
7777
7778 /* just tear down the disk access */
7779 if (revoke) {
7780 virErrorPreserveLast(&orig_err);
7781 revoke_cgroup = true;
7782 revoke_label = true;
7783 revoke_namespace = true;
7784 revoke_nvme = true;
7785 revoke_lockspace = true;
7786 ret = 0;
7787 goto revoke;
7788 }
7789
7790 if (virDomainLockImageAttach(driver->lockManager, cfg->uri, vm, src) < 0)
7791 goto revoke;
7792
7793 revoke_lockspace = true;
7794
7795 if (!(flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_MODIFY_ACCESS)) {
7796 if (qemuDomainStorageSourceAccessModifyNVMe(driver, vm, src, false) < 0)
7797 goto revoke;
7798
7799 revoke_nvme = true;
7800
7801 if (qemuDomainNamespaceSetupDisk(vm, src, &revoke_namespace) < 0)
7802 goto revoke;
7803 }
7804
7805 if (qemuSecuritySetImageLabel(driver, vm, src, chain, chain_top) < 0)
7806 goto revoke;
7807
7808 revoke_label = true;
7809
7810 if (chain)
7811 rc = qemuSetupImageChainCgroup(vm, src);
7812 else
7813 rc = qemuSetupImageCgroup(vm, src);
7814
7815 if (rc < 0)
7816 goto revoke;
7817
7818 revoke_cgroup = true;
7819
7820 ret = 0;
7821 goto cleanup;
7822
7823 revoke:
7824 if (flags & QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_SKIP_REVOKE)
7825 goto cleanup;
7826
7827 if (revoke_cgroup) {
7828 if (chain)
7829 rc = qemuTeardownImageChainCgroup(vm, src);
7830 else
7831 rc = qemuTeardownImageCgroup(vm, src);
7832
7833 if (rc < 0)
7834 VIR_WARN("Unable to tear down cgroup access on %s", srcstr);
7835 }
7836
7837 if (revoke_label) {
7838 if (qemuSecurityRestoreImageLabel(driver, vm, src, chain) < 0)
7839 VIR_WARN("Unable to restore security label on %s", srcstr);
7840 }
7841
7842 if (revoke_namespace) {
7843 if (qemuDomainNamespaceTeardownDisk(vm, src) < 0)
7844 VIR_WARN("Unable to remove /dev entry for %s", srcstr);
7845 }
7846
7847 if (revoke_nvme)
7848 qemuDomainStorageSourceAccessModifyNVMe(driver, vm, src, true);
7849
7850 if (revoke_lockspace) {
7851 if (virDomainLockImageDetach(driver->lockManager, vm, src) < 0)
7852 VIR_WARN("Unable to release lock on %s", srcstr);
7853 }
7854
7855 cleanup:
7856 src->readonly = was_readonly;
7857 virErrorRestore(&orig_err);
7858
7859 return ret;
7860 }
7861
7862
7863 int
qemuDomainStorageSourceChainAccessAllow(virQEMUDriver * driver,virDomainObj * vm,virStorageSource * src)7864 qemuDomainStorageSourceChainAccessAllow(virQEMUDriver *driver,
7865 virDomainObj *vm,
7866 virStorageSource *src)
7867 {
7868 qemuDomainStorageSourceAccessFlags flags = QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN |
7869 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN_TOP;
7870
7871 return qemuDomainStorageSourceAccessModify(driver, vm, src, flags);
7872 }
7873
7874
7875 int
qemuDomainStorageSourceChainAccessRevoke(virQEMUDriver * driver,virDomainObj * vm,virStorageSource * src)7876 qemuDomainStorageSourceChainAccessRevoke(virQEMUDriver *driver,
7877 virDomainObj *vm,
7878 virStorageSource *src)
7879 {
7880 qemuDomainStorageSourceAccessFlags flags = QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_REVOKE |
7881 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN |
7882 QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN_TOP;
7883
7884 return qemuDomainStorageSourceAccessModify(driver, vm, src, flags);
7885 }
7886
7887
7888 /**
7889 * qemuDomainStorageSourceAccessRevoke:
7890 *
7891 * Revoke access to a single backing chain element. This restores the labels,
7892 * removes cgroup ACLs for devices and removes locks.
7893 */
7894 void
qemuDomainStorageSourceAccessRevoke(virQEMUDriver * driver,virDomainObj * vm,virStorageSource * elem)7895 qemuDomainStorageSourceAccessRevoke(virQEMUDriver *driver,
7896 virDomainObj *vm,
7897 virStorageSource *elem)
7898 {
7899 qemuDomainStorageSourceAccessFlags flags = QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_REVOKE;
7900
7901 ignore_value(qemuDomainStorageSourceAccessModify(driver, vm, elem, flags));
7902 }
7903
7904
7905 /**
7906 * qemuDomainStorageSourceAccessAllow:
7907 * @driver: qemu driver data
7908 * @vm: domain object
7909 * @elem: source structure to set access for
7910 * @readonly: setup read-only access if true
7911 * @newSource: @elem describes a storage source which @vm can't access yet
7912 * @chainTop: @elem is top parent of backing chain
7913 *
7914 * Allow a VM access to a single element of a disk backing chain; this helper
7915 * ensures that the lock manager, cgroup device controller, and security manager
7916 * labelling are all aware of each new file before it is added to a chain.
7917 *
7918 * When modifying permissions of @elem which @vm can already access (is in the
7919 * backing chain) @newSource needs to be set to false.
7920 *
7921 * The @chainTop flag must be set if the @elem image is the topmost image of a
7922 * given backing chain or meant to become the topmost image (for e.g.
7923 * snapshots, or blockcopy or even in the end for active layer block commit,
7924 * where we discard the top of the backing chain so one of the intermediates
7925 * (the base) becomes the top of the chain).
7926 */
7927 int
qemuDomainStorageSourceAccessAllow(virQEMUDriver * driver,virDomainObj * vm,virStorageSource * elem,bool readonly,bool newSource,bool chainTop)7928 qemuDomainStorageSourceAccessAllow(virQEMUDriver *driver,
7929 virDomainObj *vm,
7930 virStorageSource *elem,
7931 bool readonly,
7932 bool newSource,
7933 bool chainTop)
7934 {
7935 qemuDomainStorageSourceAccessFlags flags = QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_SKIP_REVOKE;
7936
7937 if (readonly)
7938 flags |= QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_FORCE_READ_ONLY;
7939 else
7940 flags |= QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_FORCE_READ_WRITE;
7941
7942 if (!newSource)
7943 flags |= QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_MODIFY_ACCESS;
7944
7945 if (chainTop)
7946 flags |= QEMU_DOMAIN_STORAGE_SOURCE_ACCESS_CHAIN_TOP;
7947
7948 return qemuDomainStorageSourceAccessModify(driver, vm, elem, flags);
7949 }
7950
7951
7952 /*
7953 * Makes sure the @disk differs from @orig_disk only by the source
7954 * path and nothing else. Fields that are being checked and the
7955 * information whether they are nullable (may not be specified) or is
7956 * taken from the virDomainDiskDefFormat() code.
7957 */
7958 bool
qemuDomainDiskChangeSupported(virDomainDiskDef * disk,virDomainDiskDef * orig_disk)7959 qemuDomainDiskChangeSupported(virDomainDiskDef *disk,
7960 virDomainDiskDef *orig_disk)
7961 {
7962 #define CHECK_EQ(field, field_name, nullable) \
7963 do { \
7964 if (nullable && !disk->field) \
7965 break; \
7966 if (disk->field != orig_disk->field) { \
7967 virReportError(VIR_ERR_OPERATION_UNSUPPORTED, \
7968 _("cannot modify field '%s' of the disk"), \
7969 field_name); \
7970 return false; \
7971 } \
7972 } while (0)
7973
7974 #define CHECK_STREQ_NULLABLE(field, field_name) \
7975 do { \
7976 if (!disk->field) \
7977 break; \
7978 if (STRNEQ_NULLABLE(disk->field, orig_disk->field)) { \
7979 virReportError(VIR_ERR_OPERATION_UNSUPPORTED, \
7980 _("cannot modify field '%s' of the disk"), \
7981 field_name); \
7982 return false; \
7983 } \
7984 } while (0)
7985
7986 CHECK_EQ(device, "device", false);
7987 CHECK_EQ(bus, "bus", false);
7988 if (STRNEQ(disk->dst, orig_disk->dst)) {
7989 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
7990 _("cannot modify field '%s' of the disk"),
7991 "target");
7992 return false;
7993 }
7994 CHECK_EQ(tray_status, "tray", true);
7995 CHECK_EQ(removable, "removable", true);
7996
7997 if (disk->geometry.cylinders &&
7998 disk->geometry.heads &&
7999 disk->geometry.sectors) {
8000 CHECK_EQ(geometry.cylinders, "geometry cylinders", false);
8001 CHECK_EQ(geometry.heads, "geometry heads", false);
8002 CHECK_EQ(geometry.sectors, "geometry sectors", false);
8003 CHECK_EQ(geometry.trans, "BIOS-translation-modus", true);
8004 }
8005
8006 CHECK_EQ(blockio.logical_block_size,
8007 "blockio logical_block_size", false);
8008 CHECK_EQ(blockio.physical_block_size,
8009 "blockio physical_block_size", false);
8010
8011 CHECK_EQ(blkdeviotune.total_bytes_sec,
8012 "blkdeviotune total_bytes_sec",
8013 true);
8014 CHECK_EQ(blkdeviotune.read_bytes_sec,
8015 "blkdeviotune read_bytes_sec",
8016 true);
8017 CHECK_EQ(blkdeviotune.write_bytes_sec,
8018 "blkdeviotune write_bytes_sec",
8019 true);
8020 CHECK_EQ(blkdeviotune.total_iops_sec,
8021 "blkdeviotune total_iops_sec",
8022 true);
8023 CHECK_EQ(blkdeviotune.read_iops_sec,
8024 "blkdeviotune read_iops_sec",
8025 true);
8026 CHECK_EQ(blkdeviotune.write_iops_sec,
8027 "blkdeviotune write_iops_sec",
8028 true);
8029 CHECK_EQ(blkdeviotune.total_bytes_sec_max,
8030 "blkdeviotune total_bytes_sec_max",
8031 true);
8032 CHECK_EQ(blkdeviotune.read_bytes_sec_max,
8033 "blkdeviotune read_bytes_sec_max",
8034 true);
8035 CHECK_EQ(blkdeviotune.write_bytes_sec_max,
8036 "blkdeviotune write_bytes_sec_max",
8037 true);
8038 CHECK_EQ(blkdeviotune.total_iops_sec_max,
8039 "blkdeviotune total_iops_sec_max",
8040 true);
8041 CHECK_EQ(blkdeviotune.read_iops_sec_max,
8042 "blkdeviotune read_iops_sec_max",
8043 true);
8044 CHECK_EQ(blkdeviotune.write_iops_sec_max,
8045 "blkdeviotune write_iops_sec_max",
8046 true);
8047 CHECK_EQ(blkdeviotune.size_iops_sec,
8048 "blkdeviotune size_iops_sec",
8049 true);
8050 CHECK_STREQ_NULLABLE(blkdeviotune.group_name,
8051 "blkdeviotune group name");
8052
8053 CHECK_STREQ_NULLABLE(serial,
8054 "serial");
8055 CHECK_STREQ_NULLABLE(wwn,
8056 "wwn");
8057 CHECK_STREQ_NULLABLE(vendor,
8058 "vendor");
8059 CHECK_STREQ_NULLABLE(product,
8060 "product");
8061
8062 CHECK_EQ(cachemode, "cache", true);
8063 CHECK_EQ(error_policy, "error_policy", true);
8064 CHECK_EQ(rerror_policy, "rerror_policy", true);
8065 CHECK_EQ(iomode, "io", true);
8066 CHECK_EQ(ioeventfd, "ioeventfd", true);
8067 CHECK_EQ(event_idx, "event_idx", true);
8068 CHECK_EQ(copy_on_read, "copy_on_read", true);
8069 /* "snapshot" is a libvirt internal field and thus can be changed */
8070 /* startupPolicy is allowed to be updated. Therefore not checked here. */
8071 CHECK_EQ(transient, "transient", true);
8072
8073 /* Note: For some address types the address auto generation for
8074 * @disk has still not happened at this point (e.g. driver
8075 * specific addresses) therefore we can't catch these possible
8076 * address modifications here. */
8077 if (disk->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE &&
8078 !virDomainDeviceInfoAddressIsEqual(&disk->info, &orig_disk->info)) {
8079 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
8080 _("cannot modify field '%s' of the disk"),
8081 "address");
8082 return false;
8083 }
8084
8085 /* device alias is checked already in virDomainDefCompatibleDevice */
8086
8087 CHECK_EQ(info.bootIndex, "boot order", true);
8088 CHECK_EQ(rawio, "rawio", true);
8089 CHECK_EQ(sgio, "sgio", true);
8090 CHECK_EQ(discard, "discard", true);
8091 CHECK_EQ(iothread, "iothread", true);
8092
8093 CHECK_STREQ_NULLABLE(domain_name,
8094 "backenddomain");
8095
8096 /* checks for fields stored in disk->src */
8097 /* unfortunately 'readonly' and 'shared' can't be converted to tristate
8098 * values thus we need to ignore the check if the new value is 'false' */
8099 CHECK_EQ(src->readonly, "readonly", true);
8100 CHECK_EQ(src->shared, "shared", true);
8101
8102 if (!virStoragePRDefIsEqual(disk->src->pr,
8103 orig_disk->src->pr)) {
8104 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
8105 _("cannot modify field '%s' of the disk"),
8106 "reservations");
8107 return false;
8108 }
8109
8110 #undef CHECK_EQ
8111 #undef CHECK_STREQ_NULLABLE
8112
8113 return true;
8114 }
8115
8116
8117 bool
qemuDomainDiskBlockJobIsActive(virDomainDiskDef * disk)8118 qemuDomainDiskBlockJobIsActive(virDomainDiskDef *disk)
8119 {
8120 qemuDomainDiskPrivate *diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
8121
8122 if (disk->mirror) {
8123 virReportError(VIR_ERR_BLOCK_COPY_ACTIVE,
8124 _("disk '%s' already in active block job"),
8125 disk->dst);
8126
8127 return true;
8128 }
8129
8130 if (diskPriv->blockjob &&
8131 qemuBlockJobIsRunning(diskPriv->blockjob)) {
8132 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
8133 _("disk '%s' already in active block job"),
8134 disk->dst);
8135 return true;
8136 }
8137
8138 return false;
8139 }
8140
8141
8142 /**
8143 * qemuDomainHasBlockjob:
8144 * @vm: domain object
8145 * @copy_only: Reject only block copy job
8146 *
8147 * Return true if @vm has at least one disk involved in a current block
8148 * copy/commit/pull job. If @copy_only is true this returns true only if the
8149 * disk is involved in a block copy.
8150 * */
8151 bool
qemuDomainHasBlockjob(virDomainObj * vm,bool copy_only)8152 qemuDomainHasBlockjob(virDomainObj *vm,
8153 bool copy_only)
8154 {
8155 size_t i;
8156 for (i = 0; i < vm->def->ndisks; i++) {
8157 virDomainDiskDef *disk = vm->def->disks[i];
8158 qemuDomainDiskPrivate *diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
8159
8160 if (!copy_only && diskPriv->blockjob &&
8161 qemuBlockJobIsRunning(diskPriv->blockjob))
8162 return true;
8163
8164 if (disk->mirror && disk->mirrorJob == VIR_DOMAIN_BLOCK_JOB_TYPE_COPY)
8165 return true;
8166 }
8167
8168 return false;
8169 }
8170
8171
8172 int
qemuDomainUpdateDeviceList(virQEMUDriver * driver,virDomainObj * vm,int asyncJob)8173 qemuDomainUpdateDeviceList(virQEMUDriver *driver,
8174 virDomainObj *vm,
8175 int asyncJob)
8176 {
8177 qemuDomainObjPrivate *priv = vm->privateData;
8178 char **aliases;
8179 int rc;
8180
8181 if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
8182 return -1;
8183 rc = qemuMonitorGetDeviceAliases(priv->mon, &aliases);
8184 if (qemuDomainObjExitMonitor(driver, vm) < 0)
8185 return -1;
8186 if (rc < 0)
8187 return -1;
8188
8189 g_strfreev(priv->qemuDevices);
8190 priv->qemuDevices = aliases;
8191 return 0;
8192 }
8193
8194
8195 int
qemuDomainUpdateMemoryDeviceInfo(virQEMUDriver * driver,virDomainObj * vm,int asyncJob)8196 qemuDomainUpdateMemoryDeviceInfo(virQEMUDriver *driver,
8197 virDomainObj *vm,
8198 int asyncJob)
8199 {
8200 qemuDomainObjPrivate *priv = vm->privateData;
8201 GHashTable *meminfo = NULL;
8202 int rc;
8203 size_t i;
8204
8205 if (vm->def->nmems == 0)
8206 return 0;
8207
8208 if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
8209 return -1;
8210
8211 rc = qemuMonitorGetMemoryDeviceInfo(priv->mon, &meminfo);
8212
8213 if (qemuDomainObjExitMonitor(driver, vm) < 0) {
8214 virHashFree(meminfo);
8215 return -1;
8216 }
8217
8218 if (rc < 0)
8219 return -1;
8220
8221 for (i = 0; i < vm->def->nmems; i++) {
8222 virDomainMemoryDef *mem = vm->def->mems[i];
8223 qemuMonitorMemoryDeviceInfo *dimm;
8224
8225 if (!mem->info.alias)
8226 continue;
8227
8228 if (!(dimm = virHashLookup(meminfo, mem->info.alias)))
8229 continue;
8230
8231 switch (mem->model) {
8232 case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
8233 mem->currentsize = VIR_DIV_UP(dimm->size, 1024);
8234 break;
8235
8236 case VIR_DOMAIN_MEMORY_MODEL_DIMM:
8237 case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
8238 mem->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DIMM;
8239 mem->info.addr.dimm.slot = dimm->slot;
8240 mem->info.addr.dimm.base = dimm->address;
8241 break;
8242
8243 case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
8244 case VIR_DOMAIN_MEMORY_MODEL_NONE:
8245 case VIR_DOMAIN_MEMORY_MODEL_LAST:
8246 break;
8247 }
8248 }
8249
8250 virHashFree(meminfo);
8251 return 0;
8252 }
8253
8254
8255 static bool
qemuDomainABIStabilityCheck(const virDomainDef * src,const virDomainDef * dst)8256 qemuDomainABIStabilityCheck(const virDomainDef *src,
8257 const virDomainDef *dst)
8258 {
8259 size_t i;
8260
8261 if (src->mem.source != dst->mem.source) {
8262 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8263 _("Target memoryBacking source '%s' doesn't "
8264 "match source memoryBacking source'%s'"),
8265 virDomainMemorySourceTypeToString(dst->mem.source),
8266 virDomainMemorySourceTypeToString(src->mem.source));
8267 return false;
8268 }
8269
8270 for (i = 0; i < src->nmems; i++) {
8271 const char *srcAlias = src->mems[i]->info.alias;
8272 const char *dstAlias = dst->mems[i]->info.alias;
8273
8274 if (STRNEQ_NULLABLE(srcAlias, dstAlias)) {
8275 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8276 _("Target memory device alias '%s' doesn't "
8277 "match source alias '%s'"),
8278 NULLSTR(srcAlias), NULLSTR(dstAlias));
8279 return false;
8280 }
8281 }
8282
8283 return true;
8284 }
8285
8286
8287 virDomainABIStability virQEMUDriverDomainABIStability = {
8288 .domain = qemuDomainABIStabilityCheck,
8289 };
8290
8291
8292 static bool
qemuDomainMigratableDefCheckABIStability(virQEMUDriver * driver,virDomainDef * src,virDomainDef * migratableSrc,virDomainDef * dst,virDomainDef * migratableDst)8293 qemuDomainMigratableDefCheckABIStability(virQEMUDriver *driver,
8294 virDomainDef *src,
8295 virDomainDef *migratableSrc,
8296 virDomainDef *dst,
8297 virDomainDef *migratableDst)
8298 {
8299 if (!virDomainDefCheckABIStabilityFlags(migratableSrc,
8300 migratableDst,
8301 driver->xmlopt,
8302 VIR_DOMAIN_DEF_ABI_CHECK_SKIP_VOLATILE))
8303 return false;
8304
8305 /* Force update any skipped values from the volatile flag */
8306 dst->mem.cur_balloon = src->mem.cur_balloon;
8307
8308 return true;
8309 }
8310
8311
8312 #define COPY_FLAGS (VIR_DOMAIN_XML_SECURE | \
8313 VIR_DOMAIN_XML_MIGRATABLE)
8314
8315 bool
qemuDomainDefCheckABIStability(virQEMUDriver * driver,virQEMUCaps * qemuCaps,virDomainDef * src,virDomainDef * dst)8316 qemuDomainDefCheckABIStability(virQEMUDriver *driver,
8317 virQEMUCaps *qemuCaps,
8318 virDomainDef *src,
8319 virDomainDef *dst)
8320 {
8321 g_autoptr(virDomainDef) migratableDefSrc = NULL;
8322 g_autoptr(virDomainDef) migratableDefDst = NULL;
8323
8324 if (!(migratableDefSrc = qemuDomainDefCopy(driver, qemuCaps, src, COPY_FLAGS)) ||
8325 !(migratableDefDst = qemuDomainDefCopy(driver, qemuCaps, dst, COPY_FLAGS)))
8326 return false;
8327
8328 return qemuDomainMigratableDefCheckABIStability(driver,
8329 src, migratableDefSrc,
8330 dst, migratableDefDst);
8331 }
8332
8333
8334 bool
qemuDomainCheckABIStability(virQEMUDriver * driver,virDomainObj * vm,virDomainDef * dst)8335 qemuDomainCheckABIStability(virQEMUDriver *driver,
8336 virDomainObj *vm,
8337 virDomainDef *dst)
8338 {
8339 qemuDomainObjPrivate *priv = vm->privateData;
8340 g_autoptr(virDomainDef) migratableSrc = NULL;
8341 g_autoptr(virDomainDef) migratableDst = NULL;
8342 g_autofree char *xml = NULL;
8343
8344 if (!(xml = qemuDomainFormatXML(driver, vm, COPY_FLAGS)) ||
8345 !(migratableSrc = qemuDomainDefFromXML(driver, priv->qemuCaps, xml)) ||
8346 !(migratableDst = qemuDomainDefCopy(driver, priv->qemuCaps, dst, COPY_FLAGS)))
8347 return false;
8348
8349 return qemuDomainMigratableDefCheckABIStability(driver,
8350 vm->def, migratableSrc,
8351 dst, migratableDst);
8352 }
8353
8354 #undef COPY_FLAGS
8355
8356
8357 bool
qemuDomainAgentAvailable(virDomainObj * vm,bool reportError)8358 qemuDomainAgentAvailable(virDomainObj *vm,
8359 bool reportError)
8360 {
8361 qemuDomainObjPrivate *priv = vm->privateData;
8362
8363 if (virDomainObjGetState(vm, NULL) != VIR_DOMAIN_RUNNING) {
8364 if (reportError) {
8365 virReportError(VIR_ERR_OPERATION_INVALID, "%s",
8366 _("domain is not running"));
8367 }
8368 return false;
8369 }
8370 if (priv->agentError) {
8371 if (reportError) {
8372 virReportError(VIR_ERR_AGENT_UNRESPONSIVE, "%s",
8373 _("QEMU guest agent is not "
8374 "available due to an error"));
8375 }
8376 return false;
8377 }
8378 if (!priv->agent) {
8379 if (qemuFindAgentConfig(vm->def)) {
8380 if (reportError) {
8381 virReportError(VIR_ERR_AGENT_UNRESPONSIVE, "%s",
8382 _("QEMU guest agent is not connected"));
8383 }
8384 return false;
8385 } else {
8386 if (reportError) {
8387 virReportError(VIR_ERR_ARGUMENT_UNSUPPORTED, "%s",
8388 _("QEMU guest agent is not configured"));
8389 }
8390 return false;
8391 }
8392 }
8393 return true;
8394 }
8395
8396
8397 static unsigned long long
qemuDomainGetMemorySizeAlignment(const virDomainDef * def)8398 qemuDomainGetMemorySizeAlignment(const virDomainDef *def)
8399 {
8400 /* PPC requires the memory sizes to be rounded to 256MiB increments, so
8401 * round them to the size always. */
8402 if (ARCH_IS_PPC64(def->os.arch))
8403 return 256 * 1024;
8404
8405 /* Align memory size. QEMU requires rounding to next 4KiB block.
8406 * We'll take the "traditional" path and round it to 1MiB */
8407
8408 return 1024;
8409 }
8410
8411
8412 static unsigned long long
qemuDomainGetMemoryModuleSizeAlignment(const virDomainDef * def,const virDomainMemoryDef * mem G_GNUC_UNUSED)8413 qemuDomainGetMemoryModuleSizeAlignment(const virDomainDef *def,
8414 const virDomainMemoryDef *mem G_GNUC_UNUSED)
8415 {
8416 /* PPC requires the memory sizes to be rounded to 256MiB increments, so
8417 * round them to the size always. */
8418 if (ARCH_IS_PPC64(def->os.arch))
8419 return 256 * 1024;
8420
8421 /* dimm memory modules require 2MiB alignment rather than the 1MiB we are
8422 * using elsewhere. */
8423 return 2048;
8424 }
8425
8426
8427 int
qemuDomainAlignMemorySizes(virDomainDef * def)8428 qemuDomainAlignMemorySizes(virDomainDef *def)
8429 {
8430 unsigned long long maxmemkb = virMemoryMaxValue(false) >> 10;
8431 unsigned long long maxmemcapped = virMemoryMaxValue(true) >> 10;
8432 unsigned long long initialmem = 0;
8433 unsigned long long hotplugmem = 0;
8434 unsigned long long mem;
8435 unsigned long long align = qemuDomainGetMemorySizeAlignment(def);
8436 size_t ncells = virDomainNumaGetNodeCount(def->numa);
8437 size_t i;
8438
8439 /* align NUMA cell sizes if relevant */
8440 for (i = 0; i < ncells; i++) {
8441 mem = VIR_ROUND_UP(virDomainNumaGetNodeMemorySize(def->numa, i), align);
8442 initialmem += mem;
8443
8444 if (mem > maxmemkb) {
8445 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8446 _("memory size of NUMA node '%zu' overflowed after "
8447 "alignment"), i);
8448 return -1;
8449 }
8450 virDomainNumaSetNodeMemorySize(def->numa, i, mem);
8451 }
8452
8453 /* align initial memory size, if NUMA is present calculate it as total of
8454 * individual aligned NUMA node sizes */
8455 if (initialmem == 0)
8456 initialmem = VIR_ROUND_UP(virDomainDefGetMemoryInitial(def), align);
8457
8458 if (initialmem > maxmemcapped) {
8459 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
8460 _("initial memory size overflowed after alignment"));
8461 return -1;
8462 }
8463
8464 def->mem.max_memory = VIR_ROUND_UP(def->mem.max_memory, align);
8465 if (def->mem.max_memory > maxmemkb) {
8466 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
8467 _("maximum memory size overflowed after alignment"));
8468 return -1;
8469 }
8470
8471 /* Align memory module sizes */
8472 for (i = 0; i < def->nmems; i++) {
8473 if (def->mems[i]->model == VIR_DOMAIN_MEMORY_MODEL_NVDIMM &&
8474 ARCH_IS_PPC64(def->os.arch)) {
8475 if (qemuDomainNVDimmAlignSizePseries(def->mems[i]) < 0)
8476 return -1;
8477 } else {
8478 align = qemuDomainGetMemoryModuleSizeAlignment(def, def->mems[i]);
8479 def->mems[i]->size = VIR_ROUND_UP(def->mems[i]->size, align);
8480 }
8481
8482 hotplugmem += def->mems[i]->size;
8483
8484 if (def->mems[i]->size > maxmemkb) {
8485 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8486 _("size of memory module '%zu' overflowed after "
8487 "alignment"), i);
8488 return -1;
8489 }
8490 }
8491
8492 virDomainDefSetMemoryTotal(def, initialmem + hotplugmem);
8493
8494 return 0;
8495 }
8496
8497
8498 /**
8499 * qemuDomainMemoryDeviceAlignSize:
8500 * @mem: memory device definition object
8501 *
8502 * Aligns the size of the memory module as qemu enforces it. The size is updated
8503 * inplace. Default rounding is now to 1 MiB (qemu requires rounding to page,
8504 * size so this should be safe).
8505 */
8506 int
qemuDomainMemoryDeviceAlignSize(virDomainDef * def,virDomainMemoryDef * mem)8507 qemuDomainMemoryDeviceAlignSize(virDomainDef *def,
8508 virDomainMemoryDef *mem)
8509 {
8510 if (mem->model == VIR_DOMAIN_MEMORY_MODEL_NVDIMM &&
8511 ARCH_IS_PPC64(def->os.arch)) {
8512 return qemuDomainNVDimmAlignSizePseries(mem);
8513 } else {
8514 mem->size = VIR_ROUND_UP(mem->size,
8515 qemuDomainGetMemorySizeAlignment(def));
8516 }
8517
8518 return 0;
8519 }
8520
8521
8522 /**
8523 * qemuDomainGetMonitor:
8524 * @vm: domain object
8525 *
8526 * Returns the monitor pointer corresponding to the domain object @vm.
8527 */
8528 qemuMonitor *
qemuDomainGetMonitor(virDomainObj * vm)8529 qemuDomainGetMonitor(virDomainObj *vm)
8530 {
8531 return ((qemuDomainObjPrivate *) vm->privateData)->mon;
8532 }
8533
8534
8535 /**
8536 * qemuFindAgentConfig:
8537 * @def: domain definition
8538 *
8539 * Returns the pointer to the channel definition that is used to access the
8540 * guest agent if the agent is configured or NULL otherwise.
8541 */
8542 virDomainChrDef *
qemuFindAgentConfig(virDomainDef * def)8543 qemuFindAgentConfig(virDomainDef *def)
8544 {
8545 size_t i;
8546
8547 for (i = 0; i < def->nchannels; i++) {
8548 virDomainChrDef *channel = def->channels[i];
8549
8550 if (channel->targetType != VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO)
8551 continue;
8552
8553 if (STREQ_NULLABLE(channel->target.name, "org.qemu.guest_agent.0"))
8554 return channel;
8555 }
8556
8557 return NULL;
8558 }
8559
8560
8561 static bool
qemuDomainMachineIsQ35(const char * machine,const virArch arch)8562 qemuDomainMachineIsQ35(const char *machine,
8563 const virArch arch)
8564 {
8565 if (!ARCH_IS_X86(arch))
8566 return false;
8567
8568 if (STREQ(machine, "q35") ||
8569 STRPREFIX(machine, "pc-q35-")) {
8570 return true;
8571 }
8572
8573 return false;
8574 }
8575
8576
8577 static bool
qemuDomainMachineIsI440FX(const char * machine,const virArch arch)8578 qemuDomainMachineIsI440FX(const char *machine,
8579 const virArch arch)
8580 {
8581 if (!ARCH_IS_X86(arch))
8582 return false;
8583
8584 if (STREQ(machine, "pc") ||
8585 STRPREFIX(machine, "pc-0.") ||
8586 STRPREFIX(machine, "pc-1.") ||
8587 STRPREFIX(machine, "pc-i440fx-") ||
8588 STRPREFIX(machine, "rhel")) {
8589 return true;
8590 }
8591
8592 return false;
8593 }
8594
8595
8596 static bool
qemuDomainMachineIsS390CCW(const char * machine,const virArch arch)8597 qemuDomainMachineIsS390CCW(const char *machine,
8598 const virArch arch)
8599 {
8600 if (!ARCH_IS_S390(arch))
8601 return false;
8602
8603 if (STRPREFIX(machine, "s390-ccw"))
8604 return true;
8605
8606 return false;
8607 }
8608
8609
8610 /* You should normally avoid this function and use
8611 * qemuDomainIsARMVirt() instead. */
8612 bool
qemuDomainMachineIsARMVirt(const char * machine,const virArch arch)8613 qemuDomainMachineIsARMVirt(const char *machine,
8614 const virArch arch)
8615 {
8616 if (arch != VIR_ARCH_ARMV6L &&
8617 arch != VIR_ARCH_ARMV7L &&
8618 arch != VIR_ARCH_AARCH64) {
8619 return false;
8620 }
8621
8622 if (STREQ(machine, "virt") ||
8623 STRPREFIX(machine, "virt-")) {
8624 return true;
8625 }
8626
8627 return false;
8628 }
8629
8630
8631 static bool
qemuDomainMachineIsRISCVVirt(const char * machine,const virArch arch)8632 qemuDomainMachineIsRISCVVirt(const char *machine,
8633 const virArch arch)
8634 {
8635 if (!ARCH_IS_RISCV(arch))
8636 return false;
8637
8638 if (STREQ(machine, "virt") ||
8639 STRPREFIX(machine, "virt-")) {
8640 return true;
8641 }
8642
8643 return false;
8644 }
8645
8646
8647 /* You should normally avoid this function and use
8648 * qemuDomainIsPSeries() instead. */
8649 bool
qemuDomainMachineIsPSeries(const char * machine,const virArch arch)8650 qemuDomainMachineIsPSeries(const char *machine,
8651 const virArch arch)
8652 {
8653 if (!ARCH_IS_PPC64(arch))
8654 return false;
8655
8656 if (STREQ(machine, "pseries") ||
8657 STRPREFIX(machine, "pseries-")) {
8658 return true;
8659 }
8660
8661 return false;
8662 }
8663
8664
8665 /* You should normally avoid this function and use
8666 * qemuDomainHasBuiltinIDE() instead. */
8667 bool
qemuDomainMachineHasBuiltinIDE(const char * machine,const virArch arch)8668 qemuDomainMachineHasBuiltinIDE(const char *machine,
8669 const virArch arch)
8670 {
8671 return qemuDomainMachineIsI440FX(machine, arch) ||
8672 STREQ(machine, "malta") ||
8673 STREQ(machine, "sun4u") ||
8674 STREQ(machine, "g3beige");
8675 }
8676
8677
qemuDomainHasBuiltinESP(const virDomainDef * def)8678 bool qemuDomainHasBuiltinESP(const virDomainDef *def)
8679 {
8680 /* These machines use ncr53c90 (ESP) SCSI controller built-in */
8681 if (def->os.arch == VIR_ARCH_SPARC) {
8682 return true;
8683 } else if (ARCH_IS_MIPS64(def->os.arch) &&
8684 (STREQ(def->os.machine, "magnum") ||
8685 STREQ(def->os.machine, "pica61"))) {
8686 return true;
8687 } else if (def->os.arch == VIR_ARCH_M68K &&
8688 STREQ(def->os.machine, "q800")) {
8689 return true;
8690 }
8691 return false;
8692 }
8693
8694
8695 static bool
qemuDomainMachineNeedsFDC(const char * machine,const virArch arch)8696 qemuDomainMachineNeedsFDC(const char *machine,
8697 const virArch arch)
8698 {
8699 if (!ARCH_IS_X86(arch))
8700 return false;
8701
8702 if (!STRPREFIX(machine, "pc-q35-"))
8703 return false;
8704
8705 return true;
8706 }
8707
8708
8709 bool
qemuDomainIsQ35(const virDomainDef * def)8710 qemuDomainIsQ35(const virDomainDef *def)
8711 {
8712 return qemuDomainMachineIsQ35(def->os.machine, def->os.arch);
8713 }
8714
8715
8716 bool
qemuDomainIsI440FX(const virDomainDef * def)8717 qemuDomainIsI440FX(const virDomainDef *def)
8718 {
8719 return qemuDomainMachineIsI440FX(def->os.machine, def->os.arch);
8720 }
8721
8722
8723 bool
qemuDomainIsS390CCW(const virDomainDef * def)8724 qemuDomainIsS390CCW(const virDomainDef *def)
8725 {
8726 return qemuDomainMachineIsS390CCW(def->os.machine, def->os.arch);
8727 }
8728
8729
8730 bool
qemuDomainIsARMVirt(const virDomainDef * def)8731 qemuDomainIsARMVirt(const virDomainDef *def)
8732 {
8733 return qemuDomainMachineIsARMVirt(def->os.machine, def->os.arch);
8734 }
8735
8736
8737 bool
qemuDomainIsRISCVVirt(const virDomainDef * def)8738 qemuDomainIsRISCVVirt(const virDomainDef *def)
8739 {
8740 return qemuDomainMachineIsRISCVVirt(def->os.machine, def->os.arch);
8741 }
8742
8743
8744 bool
qemuDomainIsPSeries(const virDomainDef * def)8745 qemuDomainIsPSeries(const virDomainDef *def)
8746 {
8747 return qemuDomainMachineIsPSeries(def->os.machine, def->os.arch);
8748 }
8749
8750
8751 bool
qemuDomainHasPCIRoot(const virDomainDef * def)8752 qemuDomainHasPCIRoot(const virDomainDef *def)
8753 {
8754 int root = virDomainControllerFind(def, VIR_DOMAIN_CONTROLLER_TYPE_PCI, 0);
8755
8756 if (root < 0)
8757 return false;
8758
8759 if (def->controllers[root]->model != VIR_DOMAIN_CONTROLLER_MODEL_PCI_ROOT)
8760 return false;
8761
8762 return true;
8763 }
8764
8765
8766 bool
qemuDomainHasPCIeRoot(const virDomainDef * def)8767 qemuDomainHasPCIeRoot(const virDomainDef *def)
8768 {
8769 int root = virDomainControllerFind(def, VIR_DOMAIN_CONTROLLER_TYPE_PCI, 0);
8770
8771 if (root < 0)
8772 return false;
8773
8774 if (def->controllers[root]->model != VIR_DOMAIN_CONTROLLER_MODEL_PCIE_ROOT)
8775 return false;
8776
8777 return true;
8778 }
8779
8780
8781 bool
qemuDomainHasBuiltinIDE(const virDomainDef * def)8782 qemuDomainHasBuiltinIDE(const virDomainDef *def)
8783 {
8784 return qemuDomainMachineHasBuiltinIDE(def->os.machine, def->os.arch);
8785 }
8786
8787
8788 bool
qemuDomainNeedsFDC(const virDomainDef * def)8789 qemuDomainNeedsFDC(const virDomainDef *def)
8790 {
8791 return qemuDomainMachineNeedsFDC(def->os.machine, def->os.arch);
8792 }
8793
8794
8795 bool
qemuDomainSupportsPCI(virDomainDef * def,virQEMUCaps * qemuCaps)8796 qemuDomainSupportsPCI(virDomainDef *def,
8797 virQEMUCaps *qemuCaps)
8798 {
8799 if (def->os.arch != VIR_ARCH_ARMV6L &&
8800 def->os.arch != VIR_ARCH_ARMV7L &&
8801 def->os.arch != VIR_ARCH_AARCH64 &&
8802 !ARCH_IS_RISCV(def->os.arch)) {
8803 return true;
8804 }
8805
8806 if (STREQ(def->os.machine, "versatilepb"))
8807 return true;
8808
8809 if ((qemuDomainIsARMVirt(def) ||
8810 qemuDomainIsRISCVVirt(def)) &&
8811 virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_GPEX)) {
8812 return true;
8813 }
8814
8815 return false;
8816 }
8817
8818
8819 static bool
qemuCheckMemoryDimmConflict(const virDomainDef * def,const virDomainMemoryDef * mem)8820 qemuCheckMemoryDimmConflict(const virDomainDef *def,
8821 const virDomainMemoryDef *mem)
8822 {
8823 size_t i;
8824
8825 for (i = 0; i < def->nmems; i++) {
8826 virDomainMemoryDef *tmp = def->mems[i];
8827
8828 if (tmp == mem ||
8829 tmp->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DIMM)
8830 continue;
8831
8832 if (mem->info.addr.dimm.slot == tmp->info.addr.dimm.slot) {
8833 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8834 _("memory device slot '%u' is already being "
8835 "used by another memory device"),
8836 mem->info.addr.dimm.slot);
8837 return true;
8838 }
8839
8840 if (mem->info.addr.dimm.base != 0 &&
8841 mem->info.addr.dimm.base == tmp->info.addr.dimm.base) {
8842 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8843 _("memory device base '0x%llx' is already being "
8844 "used by another memory device"),
8845 mem->info.addr.dimm.base);
8846 return true;
8847 }
8848 }
8849
8850 return false;
8851 }
8852
8853
8854 static int
qemuDomainDefValidateMemoryHotplugDevice(const virDomainMemoryDef * mem,const virDomainDef * def)8855 qemuDomainDefValidateMemoryHotplugDevice(const virDomainMemoryDef *mem,
8856 const virDomainDef *def)
8857 {
8858 bool needsNuma = true;
8859
8860 switch (mem->model) {
8861 case VIR_DOMAIN_MEMORY_MODEL_DIMM:
8862 case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
8863 if (mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DIMM &&
8864 mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
8865 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
8866 _("only 'dimm' addresses are supported for the "
8867 "pc-dimm device"));
8868 return -1;
8869 }
8870
8871 if (virDomainNumaGetNodeCount(def->numa) != 0) {
8872 if (mem->targetNode == -1) {
8873 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
8874 _("target NUMA node needs to be specified for "
8875 "memory device"));
8876 return -1;
8877 }
8878 }
8879
8880 if (mem->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DIMM) {
8881 if (mem->info.addr.dimm.slot >= def->mem.memory_slots) {
8882 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8883 _("memory device slot '%u' exceeds slots "
8884 "count '%u'"),
8885 mem->info.addr.dimm.slot, def->mem.memory_slots);
8886 return -1;
8887 }
8888
8889
8890 if (qemuCheckMemoryDimmConflict(def, mem))
8891 return -1;
8892 }
8893 break;
8894
8895 case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
8896 if (mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI &&
8897 mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
8898 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
8899 _("only 'pci' addresses are supported for the "
8900 "virtio-pmem device"));
8901 return -1;
8902 }
8903
8904 /* virtio-pmem doesn't have .node attribute. */
8905 needsNuma = false;
8906 break;
8907
8908 case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
8909 if (mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI &&
8910 mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
8911 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8912 _("only 'pci' addresses are supported for the %s device"),
8913 virDomainMemoryModelTypeToString(mem->model));
8914 return -1;
8915 }
8916 break;
8917
8918 case VIR_DOMAIN_MEMORY_MODEL_NONE:
8919 case VIR_DOMAIN_MEMORY_MODEL_LAST:
8920 return -1;
8921 }
8922
8923 if (needsNuma &&
8924 virDomainNumaGetNodeCount(def->numa) != 0) {
8925 if (mem->targetNode == -1) {
8926 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
8927 _("target NUMA node needs to be specified for "
8928 "memory device"));
8929 return -1;
8930 }
8931 }
8932
8933 return 0;
8934 }
8935
8936
8937 /**
8938 * qemuDomainDefValidateMemoryHotplug:
8939 * @def: domain definition
8940 * @mem: definition of memory device that is to be added to @def with hotplug,
8941 * NULL in case of regular VM startup
8942 *
8943 * Validates that the domain definition and memory modules have valid
8944 * configuration and are possibly able to accept @mem via hotplug if it's
8945 * non-NULL.
8946 *
8947 * Returns 0 on success; -1 and a libvirt error on error.
8948 */
8949 int
qemuDomainDefValidateMemoryHotplug(const virDomainDef * def,const virDomainMemoryDef * mem)8950 qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
8951 const virDomainMemoryDef *mem)
8952 {
8953 unsigned int nmems = def->nmems;
8954 unsigned long long hotplugSpace;
8955 unsigned long long hotplugMemory = 0;
8956 size_t i;
8957
8958 hotplugSpace = def->mem.max_memory - virDomainDefGetMemoryInitial(def);
8959
8960 if (mem) {
8961 nmems++;
8962 hotplugMemory = mem->size;
8963
8964 if (qemuDomainDefValidateMemoryHotplugDevice(mem, def) < 0)
8965 return -1;
8966 }
8967
8968 if (!virDomainDefHasMemoryHotplug(def)) {
8969 if (nmems) {
8970 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
8971 _("cannot use/hotplug a memory device when domain "
8972 "'maxMemory' is not defined"));
8973 return -1;
8974 }
8975
8976 return 0;
8977 }
8978
8979 if (!ARCH_IS_PPC64(def->os.arch)) {
8980 /* due to guest support, qemu would silently enable NUMA with one node
8981 * once the memory hotplug backend is enabled. To avoid possible
8982 * confusion we will enforce user originated numa configuration along
8983 * with memory hotplug. */
8984 if (virDomainNumaGetNodeCount(def->numa) == 0) {
8985 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
8986 _("At least one numa node has to be configured when "
8987 "enabling memory hotplug"));
8988 return -1;
8989 }
8990 }
8991
8992 if (nmems > def->mem.memory_slots) {
8993 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
8994 _("memory device count '%u' exceeds slots count '%u'"),
8995 nmems, def->mem.memory_slots);
8996 return -1;
8997 }
8998
8999 for (i = 0; i < def->nmems; i++) {
9000 hotplugMemory += def->mems[i]->size;
9001
9002 /* already existing devices don't need to be checked on hotplug */
9003 if (!mem &&
9004 qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def) < 0)
9005 return -1;
9006 }
9007
9008 if (hotplugMemory > hotplugSpace) {
9009 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
9010 _("memory device total size exceeds hotplug space"));
9011 return -1;
9012 }
9013
9014 return 0;
9015 }
9016
9017
9018 /**
9019 * qemuDomainUpdateCurrentMemorySize:
9020 *
9021 * In case when the balloon is not present for the domain, the function
9022 * recalculates the maximum size to reflect possible changes.
9023 */
9024 void
qemuDomainUpdateCurrentMemorySize(virDomainObj * vm)9025 qemuDomainUpdateCurrentMemorySize(virDomainObj *vm)
9026 {
9027 /* inactive domain doesn't need size update */
9028 if (!virDomainObjIsActive(vm))
9029 return;
9030
9031 /* if no balloning is available, the current size equals to the current
9032 * full memory size */
9033 if (!virDomainDefHasMemballoon(vm->def))
9034 vm->def->mem.cur_balloon = virDomainDefGetMemoryTotal(vm->def);
9035 }
9036
9037
9038 /**
9039 * ppc64VFIODeviceIsNV2Bridge:
9040 * @device: string with the PCI device address
9041 *
9042 * This function receives a string that represents a PCI device,
9043 * such as '0004:04:00.0', and tells if the device is a NVLink2
9044 * bridge.
9045 */
9046 static bool
ppc64VFIODeviceIsNV2Bridge(const char * device)9047 ppc64VFIODeviceIsNV2Bridge(const char *device)
9048 {
9049 const char *nvlink2Files[] = {"ibm,gpu", "ibm,nvlink",
9050 "ibm,nvlink-speed", "memory-region"};
9051 size_t i;
9052
9053 for (i = 0; i < G_N_ELEMENTS(nvlink2Files); i++) {
9054 g_autofree char *file = NULL;
9055
9056 file = g_strdup_printf("/sys/bus/pci/devices/%s/of_node/%s",
9057 device, nvlink2Files[i]);
9058
9059 if (!virFileExists(file))
9060 return false;
9061 }
9062
9063 return true;
9064 }
9065
9066
9067 /**
9068 * getPPC64MemLockLimitBytes:
9069 * @def: domain definition
9070 * @forceVFIO: force VFIO usage
9071 *
9072 * A PPC64 helper that calculates the memory locking limit in order for
9073 * the guest to operate properly.
9074 */
9075 static unsigned long long
getPPC64MemLockLimitBytes(virDomainDef * def,bool forceVFIO)9076 getPPC64MemLockLimitBytes(virDomainDef *def,
9077 bool forceVFIO)
9078 {
9079 unsigned long long memKB = 0;
9080 unsigned long long baseLimit = 0;
9081 unsigned long long memory = 0;
9082 unsigned long long maxMemory = 0;
9083 unsigned long long passthroughLimit = 0;
9084 size_t i, nPCIHostBridges = 0;
9085 virPCIDeviceAddress *pciAddr;
9086 bool nvlink2Capable = false;
9087
9088 for (i = 0; i < def->ncontrollers; i++) {
9089 virDomainControllerDef *cont = def->controllers[i];
9090
9091 if (!virDomainControllerIsPSeriesPHB(cont))
9092 continue;
9093
9094 nPCIHostBridges++;
9095 }
9096
9097 for (i = 0; i < def->nhostdevs; i++) {
9098 virDomainHostdevDef *dev = def->hostdevs[i];
9099
9100 if (virHostdevIsVFIODevice(dev)) {
9101
9102 pciAddr = &dev->source.subsys.u.pci.addr;
9103 if (virPCIDeviceAddressIsValid(pciAddr, false)) {
9104 g_autofree char *pciAddrStr = NULL;
9105
9106 pciAddrStr = virPCIDeviceAddressAsString(pciAddr);
9107 if (ppc64VFIODeviceIsNV2Bridge(pciAddrStr)) {
9108 nvlink2Capable = true;
9109 break;
9110 }
9111 }
9112 }
9113 }
9114
9115 memory = virDomainDefGetMemoryTotal(def);
9116
9117 if (def->mem.max_memory)
9118 maxMemory = def->mem.max_memory;
9119 else
9120 maxMemory = memory;
9121
9122 /* baseLimit := maxMemory / 128 (a)
9123 * + 4 MiB * #PHBs + 8 MiB (b)
9124 *
9125 * (a) is the hash table
9126 *
9127 * (b) is accounting for the 32-bit DMA window - it could be either the
9128 * KVM accelerated TCE tables for emulated devices, or the VFIO
9129 * userspace view. The 4 MiB per-PHB (including the default one) covers
9130 * a 2GiB DMA window: default is 1GiB, but it's possible it'll be
9131 * increased to help performance. The 8 MiB extra should be plenty for
9132 * the TCE table index for any reasonable number of PHBs and several
9133 * spapr-vlan or spapr-vscsi devices (512kB + a tiny bit each) */
9134 baseLimit = maxMemory / 128 +
9135 4096 * nPCIHostBridges +
9136 8192;
9137
9138 /* NVLink2 support in QEMU is a special case of the passthrough
9139 * mechanics explained in the forceVFIO case below. The GPU RAM
9140 * is placed with a gap after maxMemory. The current QEMU
9141 * implementation puts the NVIDIA RAM above the PCI MMIO, which
9142 * starts at 32TiB and is the MMIO reserved for the guest main RAM.
9143 *
9144 * This window ends at 64TiB, and this is where the GPUs are being
9145 * placed. The next available window size is at 128TiB, and
9146 * 64TiB..128TiB will fit all possible NVIDIA GPUs.
9147 *
9148 * The same assumption as the most common case applies here:
9149 * the guest will request a 64-bit DMA window, per PHB, that is
9150 * big enough to map all its RAM, which is now at 128TiB due
9151 * to the GPUs.
9152 *
9153 * Note that the NVIDIA RAM window must be accounted for the TCE
9154 * table size, but *not* for the main RAM (maxMemory). This gives
9155 * us the following passthroughLimit for the NVLink2 case:
9156 *
9157 * passthroughLimit = maxMemory +
9158 * 128TiB/512KiB * #PHBs + 8 MiB */
9159 if (nvlink2Capable) {
9160 passthroughLimit = maxMemory +
9161 128 * (1ULL<<30) / 512 * nPCIHostBridges +
9162 8192;
9163 } else if (forceVFIO || qemuDomainNeedsVFIO(def) || virDomainDefHasVDPANet(def)) {
9164 /* For regular (non-NVLink2 present) VFIO passthrough, the value
9165 * of passthroughLimit is:
9166 *
9167 * passthroughLimit := max( 2 GiB * #PHBs, (c)
9168 * memory (d)
9169 * + memory * 1/512 * #PHBs + 8 MiB ) (e)
9170 *
9171 * (c) is the pre-DDW VFIO DMA window accounting. We're allowing 2
9172 * GiB rather than 1 GiB
9173 *
9174 * (d) is the with-DDW (and memory pre-registration and related
9175 * features) DMA window accounting - assuming that we only account
9176 * RAM once, even if mapped to multiple PHBs
9177 *
9178 * (e) is the with-DDW userspace view and overhead for the 64-bit
9179 * DMA window. This is based a bit on expected guest behaviour, but
9180 * there really isn't a way to completely avoid that. We assume the
9181 * guest requests a 64-bit DMA window (per PHB) just big enough to
9182 * map all its RAM. 4 kiB page size gives the 1/512; it will be
9183 * less with 64 kiB pages, less still if the guest is mapped with
9184 * hugepages (unlike the default 32-bit DMA window, DDW windows
9185 * can use large IOMMU pages). 8 MiB is for second and further level
9186 * overheads, like (b) */
9187 passthroughLimit = MAX(2 * 1024 * 1024 * nPCIHostBridges,
9188 memory +
9189 memory / 512 * nPCIHostBridges + 8192);
9190 }
9191
9192 memKB = baseLimit + passthroughLimit;
9193
9194 return memKB << 10;
9195 }
9196
9197
9198 /**
9199 * qemuDomainGetMemLockLimitBytes:
9200 * @def: domain definition
9201 * @forceVFIO: force VFIO calculation
9202 *
9203 * Calculate the memory locking limit that needs to be set in order for
9204 * the guest to operate properly. The limit depends on a number of factors,
9205 * including certain configuration options and less immediately apparent ones
9206 * such as the guest architecture or the use of certain devices.
9207 * The @forceVFIO argument can be used to tell this function will use VFIO even
9208 * though @def doesn't indicates so right now.
9209 *
9210 * Returns: the memory locking limit, or 0 if setting the limit is not needed
9211 */
9212 unsigned long long
qemuDomainGetMemLockLimitBytes(virDomainDef * def,bool forceVFIO)9213 qemuDomainGetMemLockLimitBytes(virDomainDef *def,
9214 bool forceVFIO)
9215 {
9216 unsigned long long memKB = 0;
9217
9218 /* prefer the hard limit */
9219 if (virMemoryLimitIsSet(def->mem.hard_limit)) {
9220 memKB = def->mem.hard_limit;
9221 return memKB << 10;
9222 }
9223
9224 /* If the guest wants its memory to be locked, we need to raise the memory
9225 * locking limit so that the OS will not refuse allocation requests;
9226 * however, there is no reliable way for us to figure out how much memory
9227 * the QEMU process will allocate for its own use, so our only way out is
9228 * to remove the limit altogether. Use with extreme care */
9229 if (def->mem.locked)
9230 return VIR_DOMAIN_MEMORY_PARAM_UNLIMITED;
9231
9232 if (ARCH_IS_PPC64(def->os.arch) && def->virtType == VIR_DOMAIN_VIRT_KVM)
9233 return getPPC64MemLockLimitBytes(def, forceVFIO);
9234
9235 /* For device passthrough using VFIO the guest memory and MMIO memory
9236 * regions need to be locked persistent in order to allow DMA.
9237 *
9238 * Currently the below limit is based on assumptions about the x86 platform.
9239 *
9240 * The chosen value of 1GiB below originates from x86 systems where it was
9241 * used as space reserved for the MMIO region for the whole system.
9242 *
9243 * On x86_64 systems the MMIO regions of the IOMMU mapped devices don't
9244 * count towards the locked memory limit since the memory is owned by the
9245 * device. Emulated devices though do count, but the regions are usually
9246 * small. Although it's not guaranteed that the limit will be enough for all
9247 * configurations it didn't pose a problem for now.
9248 *
9249 * https://www.redhat.com/archives/libvir-list/2015-November/msg00329.html
9250 *
9251 * Note that this may not be valid for all platforms.
9252 */
9253 if (forceVFIO || qemuDomainNeedsVFIO(def) || virDomainDefHasVDPANet(def))
9254 memKB = virDomainDefGetMemoryTotal(def) + 1024 * 1024;
9255
9256 return memKB << 10;
9257 }
9258
9259
9260 /**
9261 * qemuDomainAdjustMaxMemLock:
9262 * @vm: domain
9263 * @forceVFIO: apply VFIO requirements even if vm's def doesn't require it
9264 *
9265 * Adjust the memory locking limit for the QEMU process associated to @vm, in
9266 * order to comply with VFIO or architecture requirements. If @forceVFIO is
9267 * true then the limit is changed even if nothing in @vm's definition indicates
9268 * so.
9269 *
9270 * The limit will not be changed unless doing so is needed; the first time
9271 * the limit is changed, the original (default) limit is stored in @vm and
9272 * that value will be restored if qemuDomainAdjustMaxMemLock() is called once
9273 * memory locking is no longer required.
9274 *
9275 * Returns: 0 on success, <0 on failure
9276 */
9277 int
qemuDomainAdjustMaxMemLock(virDomainObj * vm,bool forceVFIO)9278 qemuDomainAdjustMaxMemLock(virDomainObj *vm,
9279 bool forceVFIO)
9280 {
9281 unsigned long long currentMemLock = 0;
9282 unsigned long long desiredMemLock = 0;
9283
9284 desiredMemLock = qemuDomainGetMemLockLimitBytes(vm->def, forceVFIO);
9285 if (virProcessGetMaxMemLock(vm->pid, ¤tMemLock) < 0)
9286 return -1;
9287
9288 if (desiredMemLock > 0) {
9289 if (currentMemLock < desiredMemLock) {
9290 /* If this is the first time adjusting the limit, save the current
9291 * value so that we can restore it once memory locking is no longer
9292 * required */
9293 if (vm->originalMemlock == 0) {
9294 vm->originalMemlock = currentMemLock;
9295 }
9296 } else {
9297 /* If the limit is already high enough, we can assume
9298 * that some external process is taking care of managing
9299 * process limits and we shouldn't do anything ourselves:
9300 * we're probably running in a containerized environment
9301 * where we don't have enough privilege anyway */
9302 desiredMemLock = 0;
9303 }
9304 } else {
9305 /* Once memory locking is no longer required, we can restore the
9306 * original, usually very low, limit */
9307 desiredMemLock = vm->originalMemlock;
9308 vm->originalMemlock = 0;
9309 }
9310
9311 if (desiredMemLock > 0 &&
9312 virProcessSetMaxMemLock(vm->pid, desiredMemLock) < 0) {
9313 return -1;
9314 }
9315
9316 return 0;
9317 }
9318
9319
9320 /**
9321 * qemuDomainAdjustMaxMemLockHostdev:
9322 * @vm: domain
9323 * @hostdev: device
9324 *
9325 * Temporarily add the hostdev to the domain definition. This is needed
9326 * because qemuDomainAdjustMaxMemLock() requires the hostdev to be already
9327 * part of the domain definition, but other functions like
9328 * qemuAssignDeviceHostdevAlias() expect it *not* to be there.
9329 * A better way to handle this would be nice
9330 *
9331 * Returns: 0 on success, <0 on failure
9332 */
9333 int
qemuDomainAdjustMaxMemLockHostdev(virDomainObj * vm,virDomainHostdevDef * hostdev)9334 qemuDomainAdjustMaxMemLockHostdev(virDomainObj *vm,
9335 virDomainHostdevDef *hostdev)
9336 {
9337 int ret = 0;
9338
9339 vm->def->hostdevs[vm->def->nhostdevs++] = hostdev;
9340 if (qemuDomainAdjustMaxMemLock(vm, false) < 0)
9341 ret = -1;
9342
9343 vm->def->hostdevs[--(vm->def->nhostdevs)] = NULL;
9344
9345 return ret;
9346 }
9347
9348
9349 /**
9350 * qemuDomainHasVcpuPids:
9351 * @vm: Domain object
9352 *
9353 * Returns true if we were able to successfully detect vCPU pids for the VM.
9354 */
9355 bool
qemuDomainHasVcpuPids(virDomainObj * vm)9356 qemuDomainHasVcpuPids(virDomainObj *vm)
9357 {
9358 size_t i;
9359 size_t maxvcpus = virDomainDefGetVcpusMax(vm->def);
9360 virDomainVcpuDef *vcpu;
9361
9362 for (i = 0; i < maxvcpus; i++) {
9363 vcpu = virDomainDefGetVcpu(vm->def, i);
9364
9365 if (QEMU_DOMAIN_VCPU_PRIVATE(vcpu)->tid > 0)
9366 return true;
9367 }
9368
9369 return false;
9370 }
9371
9372
9373 /**
9374 * qemuDomainGetVcpuPid:
9375 * @vm: domain object
9376 * @vcpu: cpu id
9377 *
9378 * Returns the vCPU pid. If @vcpu is offline or out of range 0 is returned.
9379 */
9380 pid_t
qemuDomainGetVcpuPid(virDomainObj * vm,unsigned int vcpuid)9381 qemuDomainGetVcpuPid(virDomainObj *vm,
9382 unsigned int vcpuid)
9383 {
9384 virDomainVcpuDef *vcpu = virDomainDefGetVcpu(vm->def, vcpuid);
9385 return QEMU_DOMAIN_VCPU_PRIVATE(vcpu)->tid;
9386 }
9387
9388
9389 /**
9390 * qemuDomainValidateVcpuInfo:
9391 *
9392 * Validates vcpu thread information. If vcpu thread IDs are reported by qemu,
9393 * this function validates that online vcpus have thread info present and
9394 * offline vcpus don't.
9395 *
9396 * Returns 0 on success -1 on error.
9397 */
9398 int
qemuDomainValidateVcpuInfo(virDomainObj * vm)9399 qemuDomainValidateVcpuInfo(virDomainObj *vm)
9400 {
9401 size_t maxvcpus = virDomainDefGetVcpusMax(vm->def);
9402 virDomainVcpuDef *vcpu;
9403 qemuDomainVcpuPrivate *vcpupriv;
9404 size_t i;
9405
9406 if (!qemuDomainHasVcpuPids(vm))
9407 return 0;
9408
9409 for (i = 0; i < maxvcpus; i++) {
9410 vcpu = virDomainDefGetVcpu(vm->def, i);
9411 vcpupriv = QEMU_DOMAIN_VCPU_PRIVATE(vcpu);
9412
9413 if (vcpu->online && vcpupriv->tid == 0) {
9414 virReportError(VIR_ERR_INTERNAL_ERROR,
9415 _("qemu didn't report thread id for vcpu '%zu'"), i);
9416 return -1;
9417 }
9418
9419 if (!vcpu->online && vcpupriv->tid != 0) {
9420 virReportError(VIR_ERR_INTERNAL_ERROR,
9421 _("qemu reported thread id for inactive vcpu '%zu'"),
9422 i);
9423 return -1;
9424 }
9425 }
9426
9427 return 0;
9428 }
9429
9430
9431 bool
qemuDomainSupportsNewVcpuHotplug(virDomainObj * vm)9432 qemuDomainSupportsNewVcpuHotplug(virDomainObj *vm)
9433 {
9434 qemuDomainObjPrivate *priv = vm->privateData;
9435
9436 return virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_QUERY_HOTPLUGGABLE_CPUS);
9437 }
9438
9439
9440 /**
9441 * qemuDomainRefreshVcpuInfo:
9442 * @driver: qemu driver data
9443 * @vm: domain object
9444 * @asyncJob: current asynchronous job type
9445 * @state: refresh vcpu state
9446 *
9447 * Updates vCPU information private data of @vm. Due to historical reasons this
9448 * function returns success even if some data were not reported by qemu.
9449 *
9450 * If @state is true, the vcpu state is refreshed as reported by the monitor.
9451 *
9452 * Returns 0 on success and -1 on fatal error.
9453 */
9454 int
qemuDomainRefreshVcpuInfo(virQEMUDriver * driver,virDomainObj * vm,int asyncJob,bool state)9455 qemuDomainRefreshVcpuInfo(virQEMUDriver *driver,
9456 virDomainObj *vm,
9457 int asyncJob,
9458 bool state)
9459 {
9460 virDomainVcpuDef *vcpu;
9461 qemuDomainVcpuPrivate *vcpupriv;
9462 qemuMonitorCPUInfo *info = NULL;
9463 size_t maxvcpus = virDomainDefGetVcpusMax(vm->def);
9464 size_t i, j;
9465 bool hotplug;
9466 bool fast;
9467 bool validTIDs = true;
9468 int rc;
9469 int ret = -1;
9470
9471 hotplug = qemuDomainSupportsNewVcpuHotplug(vm);
9472 fast = virQEMUCapsGet(QEMU_DOMAIN_PRIVATE(vm)->qemuCaps,
9473 QEMU_CAPS_QUERY_CPUS_FAST);
9474
9475 VIR_DEBUG("Maxvcpus %zu hotplug %d fast query %d", maxvcpus, hotplug, fast);
9476
9477 if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
9478 return -1;
9479
9480 rc = qemuMonitorGetCPUInfo(qemuDomainGetMonitor(vm), &info, maxvcpus,
9481 hotplug, fast);
9482
9483 if (qemuDomainObjExitMonitor(driver, vm) < 0)
9484 goto cleanup;
9485
9486 if (rc < 0)
9487 goto cleanup;
9488
9489 /*
9490 * The query-cpus[-fast] commands return information
9491 * about the vCPUs, including the OS level PID that
9492 * is executing the vCPU.
9493 *
9494 * For KVM there is always a 1-1 mapping between
9495 * vCPUs and host OS PIDs.
9496 *
9497 * For TCG things are a little more complicated.
9498 *
9499 * - In some cases the vCPUs will all have the same
9500 * PID as the main emulator thread.
9501 * - In some cases the first vCPU will have a distinct
9502 * PID, but other vCPUs will share the emulator thread
9503 *
9504 * For MTTCG, things work the same as KVM, with each
9505 * vCPU getting its own PID.
9506 *
9507 * We use the Host OS PIDs for doing vCPU pinning
9508 * and reporting. The TCG data reporting will result
9509 * in bad behaviour such as pinning the wrong PID.
9510 * We must thus detect and discard bogus PID info
9511 * from TCG, while still honouring the modern MTTCG
9512 * impl which we can support.
9513 */
9514 for (i = 0; i < maxvcpus && validTIDs; i++) {
9515 if (info[i].tid == vm->pid) {
9516 VIR_DEBUG("vCPU[%zu] PID %llu duplicates process",
9517 i, (unsigned long long)info[i].tid);
9518 validTIDs = false;
9519 }
9520
9521 for (j = 0; j < i; j++) {
9522 if (info[i].tid != 0 && info[i].tid == info[j].tid) {
9523 VIR_DEBUG("vCPU[%zu] PID %llu duplicates vCPU[%zu]",
9524 i, (unsigned long long)info[i].tid, j);
9525 validTIDs = false;
9526 }
9527 }
9528
9529 if (validTIDs)
9530 VIR_DEBUG("vCPU[%zu] PID %llu is valid "
9531 "(node=%d socket=%d die=%d core=%d thread=%d)",
9532 i, (unsigned long long)info[i].tid,
9533 info[i].node_id,
9534 info[i].socket_id,
9535 info[i].die_id,
9536 info[i].core_id,
9537 info[i].thread_id);
9538 }
9539
9540 VIR_DEBUG("Extracting vCPU information validTIDs=%d", validTIDs);
9541 for (i = 0; i < maxvcpus; i++) {
9542 vcpu = virDomainDefGetVcpu(vm->def, i);
9543 vcpupriv = QEMU_DOMAIN_VCPU_PRIVATE(vcpu);
9544
9545 if (validTIDs)
9546 vcpupriv->tid = info[i].tid;
9547
9548 vcpupriv->socket_id = info[i].socket_id;
9549 vcpupriv->core_id = info[i].core_id;
9550 vcpupriv->thread_id = info[i].thread_id;
9551 vcpupriv->node_id = info[i].node_id;
9552 vcpupriv->vcpus = info[i].vcpus;
9553 VIR_FREE(vcpupriv->type);
9554 vcpupriv->type = g_steal_pointer(&info[i].type);
9555 VIR_FREE(vcpupriv->alias);
9556 vcpupriv->alias = g_steal_pointer(&info[i].alias);
9557 virJSONValueFree(vcpupriv->props);
9558 vcpupriv->props = g_steal_pointer(&info[i].props);
9559 vcpupriv->enable_id = info[i].id;
9560 vcpupriv->qemu_id = info[i].qemu_id;
9561
9562 if (hotplug && state) {
9563 vcpu->online = info[i].online;
9564 if (info[i].hotpluggable)
9565 vcpu->hotpluggable = VIR_TRISTATE_BOOL_YES;
9566 else
9567 vcpu->hotpluggable = VIR_TRISTATE_BOOL_NO;
9568 }
9569 }
9570
9571 ret = 0;
9572
9573 cleanup:
9574 qemuMonitorCPUInfoFree(info, maxvcpus);
9575 return ret;
9576 }
9577
9578 /**
9579 * qemuDomainGetVcpuHalted:
9580 * @vm: domain object
9581 * @vcpu: cpu id
9582 *
9583 * Returns the vCPU halted state.
9584 */
9585 bool
qemuDomainGetVcpuHalted(virDomainObj * vm,unsigned int vcpuid)9586 qemuDomainGetVcpuHalted(virDomainObj *vm,
9587 unsigned int vcpuid)
9588 {
9589 virDomainVcpuDef *vcpu = virDomainDefGetVcpu(vm->def, vcpuid);
9590 return QEMU_DOMAIN_VCPU_PRIVATE(vcpu)->halted;
9591 }
9592
9593 /**
9594 * qemuDomainRefreshVcpuHalted:
9595 * @driver: qemu driver data
9596 * @vm: domain object
9597 * @asyncJob: current asynchronous job type
9598 *
9599 * Updates vCPU halted state in the private data of @vm.
9600 *
9601 * Returns 0 on success and -1 on error
9602 */
9603 int
qemuDomainRefreshVcpuHalted(virQEMUDriver * driver,virDomainObj * vm,int asyncJob)9604 qemuDomainRefreshVcpuHalted(virQEMUDriver *driver,
9605 virDomainObj *vm,
9606 int asyncJob)
9607 {
9608 virDomainVcpuDef *vcpu;
9609 qemuDomainVcpuPrivate *vcpupriv;
9610 size_t maxvcpus = virDomainDefGetVcpusMax(vm->def);
9611 g_autoptr(virBitmap) haltedmap = NULL;
9612 size_t i;
9613 bool fast;
9614
9615 /* Not supported currently for TCG, see qemuDomainRefreshVcpuInfo */
9616 if (vm->def->virtType == VIR_DOMAIN_VIRT_QEMU)
9617 return 0;
9618
9619 /* The halted state is interesting only on s390(x). On other platforms
9620 * the data would be stale at the time when it would be used.
9621 * Calling qemuMonitorGetCpuHalted() can adversely affect the running
9622 * VM's performance unless QEMU supports query-cpus-fast.
9623 */
9624 if (!ARCH_IS_S390(vm->def->os.arch) ||
9625 !virQEMUCapsGet(QEMU_DOMAIN_PRIVATE(vm)->qemuCaps,
9626 QEMU_CAPS_QUERY_CPUS_FAST))
9627 return 0;
9628
9629 if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
9630 return -1;
9631
9632 fast = virQEMUCapsGet(QEMU_DOMAIN_PRIVATE(vm)->qemuCaps,
9633 QEMU_CAPS_QUERY_CPUS_FAST);
9634 haltedmap = qemuMonitorGetCpuHalted(qemuDomainGetMonitor(vm), maxvcpus,
9635 fast);
9636 if (qemuDomainObjExitMonitor(driver, vm) < 0 || !haltedmap)
9637 return -1;
9638
9639 for (i = 0; i < maxvcpus; i++) {
9640 vcpu = virDomainDefGetVcpu(vm->def, i);
9641 vcpupriv = QEMU_DOMAIN_VCPU_PRIVATE(vcpu);
9642 vcpupriv->halted = virTristateBoolFromBool(virBitmapIsBitSet(haltedmap,
9643 vcpupriv->qemu_id));
9644 }
9645
9646 return 0;
9647 }
9648
9649 bool
qemuDomainSupportsNicdev(virDomainDef * def,virDomainNetDef * net)9650 qemuDomainSupportsNicdev(virDomainDef *def,
9651 virDomainNetDef *net)
9652 {
9653 /* non-virtio ARM nics require legacy -net nic */
9654 if (((def->os.arch == VIR_ARCH_ARMV6L) ||
9655 (def->os.arch == VIR_ARCH_ARMV7L) ||
9656 (def->os.arch == VIR_ARCH_AARCH64)) &&
9657 net->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_MMIO &&
9658 net->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI)
9659 return false;
9660
9661 return true;
9662 }
9663
9664 bool
qemuDomainNetSupportsMTU(virDomainNetType type)9665 qemuDomainNetSupportsMTU(virDomainNetType type)
9666 {
9667 switch (type) {
9668 case VIR_DOMAIN_NET_TYPE_NETWORK:
9669 case VIR_DOMAIN_NET_TYPE_BRIDGE:
9670 case VIR_DOMAIN_NET_TYPE_ETHERNET:
9671 case VIR_DOMAIN_NET_TYPE_VHOSTUSER:
9672 return true;
9673 case VIR_DOMAIN_NET_TYPE_USER:
9674 case VIR_DOMAIN_NET_TYPE_SERVER:
9675 case VIR_DOMAIN_NET_TYPE_CLIENT:
9676 case VIR_DOMAIN_NET_TYPE_MCAST:
9677 case VIR_DOMAIN_NET_TYPE_INTERNAL:
9678 case VIR_DOMAIN_NET_TYPE_DIRECT:
9679 case VIR_DOMAIN_NET_TYPE_HOSTDEV:
9680 case VIR_DOMAIN_NET_TYPE_UDP:
9681 case VIR_DOMAIN_NET_TYPE_VDPA:
9682 case VIR_DOMAIN_NET_TYPE_LAST:
9683 break;
9684 }
9685 return false;
9686 }
9687
9688
9689 virDomainDiskDef *
qemuDomainDiskByName(virDomainDef * def,const char * name)9690 qemuDomainDiskByName(virDomainDef *def,
9691 const char *name)
9692 {
9693 virDomainDiskDef *ret;
9694
9695 if (!(ret = virDomainDiskByName(def, name, true))) {
9696 virReportError(VIR_ERR_INVALID_ARG,
9697 _("disk '%s' not found in domain"), name);
9698 return NULL;
9699 }
9700
9701 return ret;
9702 }
9703
9704
9705 int
qemuDomainPrepareChannel(virDomainChrDef * channel,const char * domainChannelTargetDir)9706 qemuDomainPrepareChannel(virDomainChrDef *channel,
9707 const char *domainChannelTargetDir)
9708 {
9709 if (channel->targetType != VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO ||
9710 channel->source->type != VIR_DOMAIN_CHR_TYPE_UNIX ||
9711 channel->source->data.nix.path)
9712 return 0;
9713
9714 if (channel->target.name) {
9715 channel->source->data.nix.path = g_strdup_printf("%s/%s",
9716 domainChannelTargetDir,
9717 channel->target.name);
9718 } else {
9719 /* Generate a unique name */
9720 channel->source->data.nix.path = g_strdup_printf("%s/vioser-%02d-%02d-%02d.sock",
9721 domainChannelTargetDir,
9722 channel->info.addr.vioserial.controller,
9723 channel->info.addr.vioserial.bus,
9724 channel->info.addr.vioserial.port);
9725 }
9726
9727 return 0;
9728 }
9729
9730
9731 /* qemuDomainPrepareChardevSourceTLS:
9732 * @source: pointer to host interface data for char devices
9733 * @cfg: driver configuration
9734 *
9735 * Updates host interface TLS encryption setting based on qemu.conf
9736 * for char devices. This will be presented as "tls='yes|no'" in
9737 * live XML of a guest.
9738 */
9739 void
qemuDomainPrepareChardevSourceTLS(virDomainChrSourceDef * source,virQEMUDriverConfig * cfg)9740 qemuDomainPrepareChardevSourceTLS(virDomainChrSourceDef *source,
9741 virQEMUDriverConfig *cfg)
9742 {
9743 if (source->type == VIR_DOMAIN_CHR_TYPE_TCP) {
9744 if (source->data.tcp.haveTLS == VIR_TRISTATE_BOOL_ABSENT) {
9745 if (cfg->chardevTLS)
9746 source->data.tcp.haveTLS = VIR_TRISTATE_BOOL_YES;
9747 else
9748 source->data.tcp.haveTLS = VIR_TRISTATE_BOOL_NO;
9749 source->data.tcp.tlsFromConfig = true;
9750 }
9751 }
9752 }
9753
9754
9755 /* qemuDomainPrepareChardevSource:
9756 * @def: live domain definition
9757 * @cfg: driver configuration
9758 *
9759 * Iterate through all devices that use virDomainChrSourceDef *as host
9760 * interface part.
9761 */
9762 void
qemuDomainPrepareChardevSource(virDomainDef * def,virQEMUDriverConfig * cfg)9763 qemuDomainPrepareChardevSource(virDomainDef *def,
9764 virQEMUDriverConfig *cfg)
9765 {
9766 size_t i;
9767
9768 for (i = 0; i < def->nserials; i++)
9769 qemuDomainPrepareChardevSourceTLS(def->serials[i]->source, cfg);
9770
9771 for (i = 0; i < def->nparallels; i++)
9772 qemuDomainPrepareChardevSourceTLS(def->parallels[i]->source, cfg);
9773
9774 for (i = 0; i < def->nchannels; i++)
9775 qemuDomainPrepareChardevSourceTLS(def->channels[i]->source, cfg);
9776
9777 for (i = 0; i < def->nconsoles; i++)
9778 qemuDomainPrepareChardevSourceTLS(def->consoles[i]->source, cfg);
9779
9780 for (i = 0; i < def->nrngs; i++)
9781 if (def->rngs[i]->backend == VIR_DOMAIN_RNG_BACKEND_EGD)
9782 qemuDomainPrepareChardevSourceTLS(def->rngs[i]->source.chardev, cfg);
9783
9784 for (i = 0; i < def->nsmartcards; i++)
9785 if (def->smartcards[i]->type == VIR_DOMAIN_SMARTCARD_TYPE_PASSTHROUGH)
9786 qemuDomainPrepareChardevSourceTLS(def->smartcards[i]->data.passthru,
9787 cfg);
9788
9789 for (i = 0; i < def->nredirdevs; i++)
9790 qemuDomainPrepareChardevSourceTLS(def->redirdevs[i]->source, cfg);
9791 }
9792
9793
9794 static int
qemuProcessPrepareStorageSourceTLSVxhs(virStorageSource * src,virQEMUDriverConfig * cfg,qemuDomainObjPrivate * priv,const char * parentAlias)9795 qemuProcessPrepareStorageSourceTLSVxhs(virStorageSource *src,
9796 virQEMUDriverConfig *cfg,
9797 qemuDomainObjPrivate *priv,
9798 const char *parentAlias)
9799 {
9800 /* VxHS uses only client certificates and thus has no need for
9801 * the server-key.pem nor a secret that could be used to decrypt
9802 * the it, so no need to add a secinfo for a secret UUID. */
9803 if (src->haveTLS == VIR_TRISTATE_BOOL_ABSENT) {
9804 if (cfg->vxhsTLS)
9805 src->haveTLS = VIR_TRISTATE_BOOL_YES;
9806 else
9807 src->haveTLS = VIR_TRISTATE_BOOL_NO;
9808 src->tlsFromConfig = true;
9809 }
9810
9811 if (src->haveTLS == VIR_TRISTATE_BOOL_YES) {
9812 src->tlsAlias = qemuAliasTLSObjFromSrcAlias(parentAlias);
9813 src->tlsCertdir = g_strdup(cfg->vxhsTLSx509certdir);
9814
9815 if (cfg->vxhsTLSx509secretUUID) {
9816 qemuDomainStorageSourcePrivate *srcpriv = qemuDomainStorageSourcePrivateFetch(src);
9817
9818 if (!(srcpriv->tlsKeySecret = qemuDomainSecretInfoTLSNew(priv, src->tlsAlias,
9819 cfg->vxhsTLSx509secretUUID)))
9820 return -1;
9821 }
9822 }
9823
9824 return 0;
9825 }
9826
9827
9828 static int
qemuProcessPrepareStorageSourceTLSNBD(virStorageSource * src,virQEMUDriverConfig * cfg,qemuDomainObjPrivate * priv,const char * parentAlias)9829 qemuProcessPrepareStorageSourceTLSNBD(virStorageSource *src,
9830 virQEMUDriverConfig *cfg,
9831 qemuDomainObjPrivate *priv,
9832 const char *parentAlias)
9833 {
9834 if (src->haveTLS == VIR_TRISTATE_BOOL_ABSENT) {
9835 if (cfg->nbdTLS)
9836 src->haveTLS = VIR_TRISTATE_BOOL_YES;
9837 else
9838 src->haveTLS = VIR_TRISTATE_BOOL_NO;
9839 src->tlsFromConfig = true;
9840 }
9841
9842 if (src->haveTLS == VIR_TRISTATE_BOOL_YES) {
9843 if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_NBD_TLS)) {
9844 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
9845 _("this qemu does not support TLS transport for NBD"));
9846 return -1;
9847 }
9848
9849 src->tlsAlias = qemuAliasTLSObjFromSrcAlias(parentAlias);
9850 src->tlsCertdir = g_strdup(cfg->nbdTLSx509certdir);
9851
9852 if (cfg->nbdTLSx509secretUUID) {
9853 qemuDomainStorageSourcePrivate *srcpriv = qemuDomainStorageSourcePrivateFetch(src);
9854
9855 if (!(srcpriv->tlsKeySecret = qemuDomainSecretInfoTLSNew(priv, src->tlsAlias,
9856 cfg->nbdTLSx509secretUUID)))
9857 return -1;
9858 }
9859 }
9860
9861 return 0;
9862 }
9863
9864
9865 /* qemuPrepareStorageSourceNFS:
9866 * @src: source for a disk
9867 *
9868 * If src is an NFS source, translate nfs_user and nfs_group
9869 * into a uid and gid field. If these strings are empty (ie "")
9870 * then provide the hypervisor default uid and gid.
9871 */
9872 static int
qemuDomainPrepareStorageSourceNFS(virStorageSource * src)9873 qemuDomainPrepareStorageSourceNFS(virStorageSource *src)
9874 {
9875 if (virStorageSourceGetActualType(src) != VIR_STORAGE_TYPE_NETWORK)
9876 return 0;
9877
9878 if (src->protocol != VIR_STORAGE_NET_PROTOCOL_NFS)
9879 return 0;
9880
9881 if (src->nfs_user) {
9882 if (virGetUserID(src->nfs_user, &src->nfs_uid) < 0)
9883 return -1;
9884 } else {
9885 /* -1 indicates default UID */
9886 src->nfs_uid = -1;
9887 }
9888
9889 if (src->nfs_group) {
9890 if (virGetGroupID(src->nfs_group, &src->nfs_gid) < 0)
9891 return -1;
9892 } else {
9893 /* -1 indicates default GID */
9894 src->nfs_gid = -1;
9895 }
9896
9897 return 0;
9898 }
9899
9900
9901 /* qemuProcessPrepareStorageSourceTLS:
9902 * @source: source for a disk
9903 * @cfg: driver configuration
9904 * @parentAlias: alias of the parent device
9905 *
9906 * Updates host interface TLS encryption setting based on qemu.conf
9907 * for disk devices. This will be presented as "tls='yes|no'" in
9908 * live XML of a guest.
9909 *
9910 * Returns 0 on success, -1 on bad config/failure
9911 */
9912 static int
qemuDomainPrepareStorageSourceTLS(virStorageSource * src,virQEMUDriverConfig * cfg,const char * parentAlias,qemuDomainObjPrivate * priv)9913 qemuDomainPrepareStorageSourceTLS(virStorageSource *src,
9914 virQEMUDriverConfig *cfg,
9915 const char *parentAlias,
9916 qemuDomainObjPrivate *priv)
9917 {
9918 if (virStorageSourceGetActualType(src) != VIR_STORAGE_TYPE_NETWORK)
9919 return 0;
9920
9921 switch ((virStorageNetProtocol) src->protocol) {
9922 case VIR_STORAGE_NET_PROTOCOL_VXHS:
9923 if (qemuProcessPrepareStorageSourceTLSVxhs(src, cfg, priv, parentAlias) < 0)
9924 return -1;
9925 break;
9926
9927 case VIR_STORAGE_NET_PROTOCOL_NBD:
9928 if (qemuProcessPrepareStorageSourceTLSNBD(src, cfg, priv, parentAlias) < 0)
9929 return -1;
9930 break;
9931
9932 case VIR_STORAGE_NET_PROTOCOL_RBD:
9933 case VIR_STORAGE_NET_PROTOCOL_SHEEPDOG:
9934 case VIR_STORAGE_NET_PROTOCOL_GLUSTER:
9935 case VIR_STORAGE_NET_PROTOCOL_ISCSI:
9936 case VIR_STORAGE_NET_PROTOCOL_HTTP:
9937 case VIR_STORAGE_NET_PROTOCOL_HTTPS:
9938 case VIR_STORAGE_NET_PROTOCOL_FTP:
9939 case VIR_STORAGE_NET_PROTOCOL_FTPS:
9940 case VIR_STORAGE_NET_PROTOCOL_TFTP:
9941 case VIR_STORAGE_NET_PROTOCOL_NFS:
9942 /* Assumed NFS doesn't support TLS (needs Kerberos) */
9943 case VIR_STORAGE_NET_PROTOCOL_SSH:
9944 if (src->haveTLS == VIR_TRISTATE_BOOL_YES) {
9945 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
9946 _("TLS transport is not supported for disk protocol '%s'"),
9947 virStorageNetProtocolTypeToString(src->protocol));
9948 return -1;
9949 }
9950 break;
9951
9952 case VIR_STORAGE_NET_PROTOCOL_NONE:
9953 case VIR_STORAGE_NET_PROTOCOL_LAST:
9954 default:
9955 virReportEnumRangeError(virStorageNetProtocol, src->protocol);
9956 return -1;
9957 }
9958
9959 return 0;
9960 }
9961
9962
9963 void
qemuDomainPrepareShmemChardev(virDomainShmemDef * shmem)9964 qemuDomainPrepareShmemChardev(virDomainShmemDef *shmem)
9965 {
9966 if (!shmem->server.enabled ||
9967 shmem->server.chr->data.nix.path)
9968 return;
9969
9970 shmem->server.chr->data.nix.path = g_strdup_printf("/var/lib/libvirt/shmem-%s-sock",
9971 shmem->name);
9972 }
9973
9974
9975 /**
9976 * qemuDomainVcpuHotplugIsInOrder:
9977 * @def: domain definition
9978 *
9979 * Returns true if online vcpus were added in order (clustered behind vcpu0
9980 * with increasing order).
9981 */
9982 bool
qemuDomainVcpuHotplugIsInOrder(virDomainDef * def)9983 qemuDomainVcpuHotplugIsInOrder(virDomainDef *def)
9984 {
9985 size_t maxvcpus = virDomainDefGetVcpusMax(def);
9986 virDomainVcpuDef *vcpu;
9987 unsigned int prevorder = 0;
9988 size_t seenonlinevcpus = 0;
9989 size_t i;
9990
9991 for (i = 0; i < maxvcpus; i++) {
9992 vcpu = virDomainDefGetVcpu(def, i);
9993
9994 if (!vcpu->online)
9995 break;
9996
9997 if (vcpu->order < prevorder)
9998 break;
9999
10000 if (vcpu->order > prevorder)
10001 prevorder = vcpu->order;
10002
10003 seenonlinevcpus++;
10004 }
10005
10006 return seenonlinevcpus == virDomainDefGetVcpus(def);
10007 }
10008
10009
10010 /**
10011 * qemuDomainVcpuPersistOrder:
10012 * @def: domain definition
10013 *
10014 * Saves the order of vcpus detected from qemu to the domain definition.
10015 * The private data note the order only for the entry describing the
10016 * hotpluggable entity. This function copies the order into the definition part
10017 * of all sub entities.
10018 */
10019 void
qemuDomainVcpuPersistOrder(virDomainDef * def)10020 qemuDomainVcpuPersistOrder(virDomainDef *def)
10021 {
10022 size_t maxvcpus = virDomainDefGetVcpusMax(def);
10023 virDomainVcpuDef *vcpu;
10024 qemuDomainVcpuPrivate *vcpupriv;
10025 unsigned int prevorder = 0;
10026 size_t i;
10027
10028 for (i = 0; i < maxvcpus; i++) {
10029 vcpu = virDomainDefGetVcpu(def, i);
10030 vcpupriv = QEMU_DOMAIN_VCPU_PRIVATE(vcpu);
10031
10032 if (!vcpu->online) {
10033 vcpu->order = 0;
10034 } else {
10035 if (vcpupriv->enable_id != 0)
10036 prevorder = vcpupriv->enable_id;
10037
10038 vcpu->order = prevorder;
10039 }
10040 }
10041 }
10042
10043
10044 int
qemuDomainCheckMonitor(virQEMUDriver * driver,virDomainObj * vm,qemuDomainAsyncJob asyncJob)10045 qemuDomainCheckMonitor(virQEMUDriver *driver,
10046 virDomainObj *vm,
10047 qemuDomainAsyncJob asyncJob)
10048 {
10049 qemuDomainObjPrivate *priv = vm->privateData;
10050 int ret;
10051
10052 if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0)
10053 return -1;
10054
10055 ret = qemuMonitorCheck(priv->mon);
10056
10057 if (qemuDomainObjExitMonitor(driver, vm) < 0)
10058 return -1;
10059
10060 return ret;
10061 }
10062
10063
10064 bool
qemuDomainSupportsVideoVga(const virDomainVideoDef * video,virQEMUCaps * qemuCaps)10065 qemuDomainSupportsVideoVga(const virDomainVideoDef *video,
10066 virQEMUCaps *qemuCaps)
10067 {
10068 if (video->type == VIR_DOMAIN_VIDEO_TYPE_VIRTIO) {
10069 if (video->backend == VIR_DOMAIN_VIDEO_BACKEND_TYPE_VHOSTUSER) {
10070 if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VHOST_USER_VGA))
10071 return false;
10072 } else if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VIRTIO_VGA)) {
10073 return false;
10074 }
10075 }
10076
10077 return true;
10078 }
10079
10080
10081 bool
qemuDomainNeedsVFIO(const virDomainDef * def)10082 qemuDomainNeedsVFIO(const virDomainDef *def)
10083 {
10084 return virDomainDefHasVFIOHostdev(def) ||
10085 virDomainDefHasMdevHostdev(def) ||
10086 virDomainDefHasNVMeDisk(def);
10087 }
10088
10089
10090 /**
10091 * qemuDomainGetHostdevPath:
10092 * @dev: host device definition
10093 * @path: resulting path to @dev
10094 * @perms: Optional pointer to VIR_CGROUP_DEVICE_* perms
10095 *
10096 * For given device @dev fetch its host path and store it at
10097 * @path. Optionally, caller can get @perms on the path (e.g.
10098 * rw/ro). When called on a missing device, the function will return success
10099 * and store NULL at @path.
10100 *
10101 * The caller is responsible for freeing the @path when no longer
10102 * needed.
10103 *
10104 * Returns 0 on success, -1 otherwise.
10105 */
10106 int
qemuDomainGetHostdevPath(virDomainHostdevDef * dev,char ** path,int * perms)10107 qemuDomainGetHostdevPath(virDomainHostdevDef *dev,
10108 char **path,
10109 int *perms)
10110 {
10111 virDomainHostdevSubsysUSB *usbsrc = &dev->source.subsys.u.usb;
10112 virDomainHostdevSubsysPCI *pcisrc = &dev->source.subsys.u.pci;
10113 virDomainHostdevSubsysSCSI *scsisrc = &dev->source.subsys.u.scsi;
10114 virDomainHostdevSubsysSCSIVHost *hostsrc = &dev->source.subsys.u.scsi_host;
10115 virDomainHostdevSubsysMediatedDev *mdevsrc = &dev->source.subsys.u.mdev;
10116 g_autoptr(virUSBDevice) usb = NULL;
10117 g_autoptr(virSCSIDevice) scsi = NULL;
10118 g_autoptr(virSCSIVHostDevice) host = NULL;
10119 g_autofree char *tmpPath = NULL;
10120 int perm = 0;
10121
10122 switch ((virDomainHostdevMode) dev->mode) {
10123 case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS:
10124 switch ((virDomainHostdevSubsysType)dev->source.subsys.type) {
10125 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI:
10126 if (pcisrc->backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO) {
10127 if (!(tmpPath = virPCIDeviceAddressGetIOMMUGroupDev(&pcisrc->addr)))
10128 return -1;
10129
10130 perm = VIR_CGROUP_DEVICE_RW;
10131 }
10132 break;
10133
10134 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB:
10135 if (dev->missing)
10136 break;
10137 usb = virUSBDeviceNew(usbsrc->bus,
10138 usbsrc->device,
10139 NULL);
10140 if (!usb)
10141 return -1;
10142
10143 tmpPath = g_strdup(virUSBDeviceGetPath(usb));
10144 perm = VIR_CGROUP_DEVICE_RW;
10145 break;
10146
10147 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI:
10148 if (scsisrc->protocol == VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI) {
10149 virDomainHostdevSubsysSCSIiSCSI *iscsisrc = &scsisrc->u.iscsi;
10150 VIR_DEBUG("Not updating /dev for hostdev iSCSI path '%s'", iscsisrc->src->path);
10151 } else {
10152 virDomainHostdevSubsysSCSIHost *scsihostsrc = &scsisrc->u.host;
10153 scsi = virSCSIDeviceNew(NULL,
10154 scsihostsrc->adapter,
10155 scsihostsrc->bus,
10156 scsihostsrc->target,
10157 scsihostsrc->unit,
10158 dev->readonly,
10159 dev->shareable);
10160
10161 if (!scsi)
10162 return -1;
10163
10164 tmpPath = g_strdup(virSCSIDeviceGetPath(scsi));
10165 perm = virSCSIDeviceGetReadonly(scsi) ?
10166 VIR_CGROUP_DEVICE_READ : VIR_CGROUP_DEVICE_RW;
10167 }
10168 break;
10169
10170 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI_HOST: {
10171 if (hostsrc->protocol ==
10172 VIR_DOMAIN_HOSTDEV_SUBSYS_SCSI_HOST_PROTOCOL_TYPE_VHOST) {
10173 if (!(host = virSCSIVHostDeviceNew(hostsrc->wwpn)))
10174 return -1;
10175
10176 tmpPath = g_strdup(virSCSIVHostDeviceGetPath(host));
10177 perm = VIR_CGROUP_DEVICE_RW;
10178 }
10179 break;
10180 }
10181
10182 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_MDEV:
10183 if (!(tmpPath = virMediatedDeviceGetIOMMUGroupDev(mdevsrc->uuidstr)))
10184 return -1;
10185
10186 perm = VIR_CGROUP_DEVICE_RW;
10187 break;
10188 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_LAST:
10189 break;
10190 }
10191 break;
10192
10193 case VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES:
10194 case VIR_DOMAIN_HOSTDEV_MODE_LAST:
10195 /* nada */
10196 break;
10197 }
10198
10199 *path = g_steal_pointer(&tmpPath);
10200 if (perms)
10201 *perms = perm;
10202 return 0;
10203 }
10204
10205
10206 /**
10207 * qemuDomainDiskLookupByNodename:
10208 * @def: domain definition to look for the disk
10209 * @backupdef: definition of the backup job of the domain (optional)
10210 * @nodename: block backend node name to find
10211 * @src: filled with the specific backing store element if provided
10212 *
10213 * Looks up the disk in the domain via @nodename and returns its definition.
10214 * Optionally fills @src and @idx if provided with the specific backing chain
10215 * element which corresponds to the node name.
10216 */
10217 virDomainDiskDef *
qemuDomainDiskLookupByNodename(virDomainDef * def,virDomainBackupDef * backupdef,const char * nodename,virStorageSource ** src)10218 qemuDomainDiskLookupByNodename(virDomainDef *def,
10219 virDomainBackupDef *backupdef,
10220 const char *nodename,
10221 virStorageSource **src)
10222 {
10223 size_t i;
10224 virStorageSource *tmp = NULL;
10225
10226 if (!src)
10227 src = &tmp;
10228
10229 for (i = 0; i < def->ndisks; i++) {
10230 virDomainDiskDef *domdisk = def->disks[i];
10231
10232 if ((*src = qemuDomainVirStorageSourceFindByNodeName(domdisk->src, nodename)))
10233 return domdisk;
10234
10235 if (domdisk->mirror &&
10236 (*src = qemuDomainVirStorageSourceFindByNodeName(domdisk->mirror, nodename)))
10237 return domdisk;
10238 }
10239
10240 if (backupdef) {
10241 for (i = 0; i < backupdef->ndisks; i++) {
10242 virDomainBackupDiskDef *backupdisk = backupdef->disks + i;
10243
10244 if (backupdisk->store &&
10245 (*src = qemuDomainVirStorageSourceFindByNodeName(backupdisk->store, nodename)))
10246 return virDomainDiskByTarget(def, backupdisk->name);
10247 }
10248 }
10249
10250 return NULL;
10251 }
10252
10253
10254 /**
10255 * qemuDomainDiskBackingStoreGetName:
10256 *
10257 * Creates a name using the indexed syntax (vda[1])for the given backing store
10258 * entry for a disk.
10259 */
10260 char *
qemuDomainDiskBackingStoreGetName(virDomainDiskDef * disk,unsigned int idx)10261 qemuDomainDiskBackingStoreGetName(virDomainDiskDef *disk,
10262 unsigned int idx)
10263 {
10264 if (idx)
10265 return g_strdup_printf("%s[%d]", disk->dst, idx);
10266
10267 return g_strdup(disk->dst);
10268 }
10269
10270
10271 virStorageSource *
qemuDomainGetStorageSourceByDevstr(const char * devstr,virDomainDef * def,virDomainBackupDef * backupdef)10272 qemuDomainGetStorageSourceByDevstr(const char *devstr,
10273 virDomainDef *def,
10274 virDomainBackupDef *backupdef)
10275 {
10276 virDomainDiskDef *disk = NULL;
10277 virStorageSource *n;
10278 g_autofree char *target = NULL;
10279 unsigned int idx;
10280
10281 if (virStorageFileParseBackingStoreStr(devstr, &target, &idx) < 0) {
10282 virReportError(VIR_ERR_INVALID_ARG,
10283 _("failed to parse block device '%s'"), devstr);
10284 return NULL;
10285 }
10286
10287 if (!(disk = virDomainDiskByTarget(def, target))) {
10288 virReportError(VIR_ERR_INVALID_ARG,
10289 _("failed to find disk '%s'"), target);
10290 return NULL;
10291 }
10292
10293 if (idx == 0)
10294 return disk->src;
10295
10296 for (n = disk->src; virStorageSourceIsBacking(n); n = n->backingStore) {
10297 if (n->id == idx)
10298 return n;
10299 }
10300
10301 if (disk->mirror) {
10302 for (n = disk->mirror; virStorageSourceIsBacking(n); n = n->backingStore) {
10303 if (n->id == idx)
10304 return n;
10305 }
10306 }
10307
10308 if (backupdef) {
10309 size_t i;
10310
10311 for (i = 0; i < backupdef->ndisks; i++) {
10312 virDomainBackupDiskDef *backupdisk = backupdef->disks + i;
10313
10314 if (STRNEQ(target, backupdisk->name))
10315 continue;
10316
10317 for (n = backupdisk->store; virStorageSourceIsBacking(n); n = n->backingStore) {
10318 if (n->id == idx)
10319 return n;
10320 }
10321 }
10322 }
10323
10324 virReportError(VIR_ERR_INVALID_ARG,
10325 _("failed to find disk '%s'"), devstr);
10326 return NULL;
10327 }
10328
10329
10330 static void
qemuDomainSaveCookieDispose(void * obj)10331 qemuDomainSaveCookieDispose(void *obj)
10332 {
10333 qemuDomainSaveCookie *cookie = obj;
10334
10335 VIR_DEBUG("cookie=%p", cookie);
10336
10337 virCPUDefFree(cookie->cpu);
10338 }
10339
10340
10341 qemuDomainSaveCookie *
qemuDomainSaveCookieNew(virDomainObj * vm)10342 qemuDomainSaveCookieNew(virDomainObj *vm)
10343 {
10344 qemuDomainObjPrivate *priv = vm->privateData;
10345 g_autoptr(qemuDomainSaveCookie) cookie = NULL;
10346
10347 if (qemuDomainInitialize() < 0)
10348 return NULL;
10349
10350 if (!(cookie = virObjectNew(qemuDomainSaveCookieClass)))
10351 return NULL;
10352
10353 if (priv->origCPU && !(cookie->cpu = virCPUDefCopy(vm->def->cpu)))
10354 return NULL;
10355
10356 cookie->slirpHelper = qemuDomainGetSlirpHelperOk(vm);
10357
10358 VIR_DEBUG("Save cookie %p, cpu=%p, slirpHelper=%d",
10359 cookie, cookie->cpu, cookie->slirpHelper);
10360
10361 return g_steal_pointer(&cookie);
10362 }
10363
10364
10365 static int
qemuDomainSaveCookieParse(xmlXPathContextPtr ctxt G_GNUC_UNUSED,virObject ** obj)10366 qemuDomainSaveCookieParse(xmlXPathContextPtr ctxt G_GNUC_UNUSED,
10367 virObject **obj)
10368 {
10369 g_autoptr(qemuDomainSaveCookie) cookie = NULL;
10370
10371 if (qemuDomainInitialize() < 0)
10372 return -1;
10373
10374 if (!(cookie = virObjectNew(qemuDomainSaveCookieClass)))
10375 return -1;
10376
10377 if (virCPUDefParseXML(ctxt, "./cpu[1]", VIR_CPU_TYPE_GUEST,
10378 &cookie->cpu, false) < 0)
10379 return -1;
10380
10381 cookie->slirpHelper = virXPathBoolean("boolean(./slirpHelper)", ctxt) > 0;
10382
10383 *obj = (virObject *) g_steal_pointer(&cookie);
10384 return 0;
10385 }
10386
10387
10388 static int
qemuDomainSaveCookieFormat(virBuffer * buf,virObject * obj)10389 qemuDomainSaveCookieFormat(virBuffer *buf,
10390 virObject *obj)
10391 {
10392 qemuDomainSaveCookie *cookie = (qemuDomainSaveCookie *) obj;
10393
10394 if (cookie->cpu &&
10395 virCPUDefFormatBufFull(buf, cookie->cpu, NULL) < 0)
10396 return -1;
10397
10398 if (cookie->slirpHelper)
10399 virBufferAddLit(buf, "<slirpHelper/>\n");
10400
10401 return 0;
10402 }
10403
10404
10405 virSaveCookieCallbacks virQEMUDriverDomainSaveCookie = {
10406 .parse = qemuDomainSaveCookieParse,
10407 .format = qemuDomainSaveCookieFormat,
10408 };
10409
10410
10411 /**
10412 * qemuDomainUpdateCPU:
10413 * @vm: domain which is being started
10414 * @cpu: CPU updated when the domain was running previously (before migration,
10415 * snapshot, or save)
10416 * @origCPU: where to store the original CPU from vm->def in case @cpu was
10417 * used instead
10418 *
10419 * Replace the CPU definition with the updated one when QEMU is new enough to
10420 * allow us to check extra features it is about to enable or disable when
10421 * starting a domain. The original CPU is stored in @origCPU.
10422 *
10423 * Returns 0 on success, -1 on error.
10424 */
10425 int
qemuDomainUpdateCPU(virDomainObj * vm,virCPUDef * cpu,virCPUDef ** origCPU)10426 qemuDomainUpdateCPU(virDomainObj *vm,
10427 virCPUDef *cpu,
10428 virCPUDef **origCPU)
10429 {
10430 qemuDomainObjPrivate *priv = vm->privateData;
10431
10432 *origCPU = NULL;
10433
10434 if (!cpu || !vm->def->cpu ||
10435 !virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION) ||
10436 virCPUDefIsEqual(vm->def->cpu, cpu, false))
10437 return 0;
10438
10439 if (!(cpu = virCPUDefCopy(cpu)))
10440 return -1;
10441
10442 VIR_DEBUG("Replacing CPU def with the updated one");
10443
10444 *origCPU = vm->def->cpu;
10445 vm->def->cpu = cpu;
10446
10447 return 0;
10448 }
10449
10450
10451 /**
10452 * qemuDomainFixupCPUS:
10453 * @vm: domain object
10454 * @origCPU: original CPU used when the domain was started
10455 *
10456 * Libvirt older than 3.9.0 could have messed up the expansion of host-model
10457 * CPU when reconnecting to a running domain by adding features QEMU does not
10458 * support (such as cmt). This API fixes both the actual CPU provided by QEMU
10459 * (stored in the domain object) and the @origCPU used when starting the
10460 * domain.
10461 *
10462 * This is safe even if the original CPU definition used mode='custom' (rather
10463 * than host-model) since we know QEMU was able to start the domain and thus
10464 * the CPU definitions do not contain any features unknown to QEMU.
10465 *
10466 * This function can only be used on an active domain or when restoring a
10467 * domain which was running.
10468 *
10469 * Returns 0 on success, -1 on error.
10470 */
10471 int
qemuDomainFixupCPUs(virDomainObj * vm,virCPUDef ** origCPU)10472 qemuDomainFixupCPUs(virDomainObj *vm,
10473 virCPUDef **origCPU)
10474 {
10475 g_autoptr(virCPUDef) fixedCPU = NULL;
10476 g_autoptr(virCPUDef) fixedOrig = NULL;
10477 virArch arch = vm->def->os.arch;
10478
10479 if (!ARCH_IS_X86(arch))
10480 return 0;
10481
10482 if (!vm->def->cpu ||
10483 vm->def->cpu->mode != VIR_CPU_MODE_CUSTOM ||
10484 !vm->def->cpu->model)
10485 return 0;
10486
10487 /* Missing origCPU means QEMU created exactly the same virtual CPU which
10488 * we asked for or libvirt was too old to mess up the translation from
10489 * host-model.
10490 */
10491 if (!*origCPU)
10492 return 0;
10493
10494 if (virCPUDefFindFeature(vm->def->cpu, "cmt") &&
10495 (!(fixedCPU = virCPUDefCopyWithoutModel(vm->def->cpu)) ||
10496 virCPUDefCopyModelFilter(fixedCPU, vm->def->cpu, false,
10497 virQEMUCapsCPUFilterFeatures, &arch) < 0))
10498 return -1;
10499
10500 if (virCPUDefFindFeature(*origCPU, "cmt") &&
10501 (!(fixedOrig = virCPUDefCopyWithoutModel(*origCPU)) ||
10502 virCPUDefCopyModelFilter(fixedOrig, *origCPU, false,
10503 virQEMUCapsCPUFilterFeatures, &arch) < 0))
10504 return -1;
10505
10506 if (fixedCPU) {
10507 virCPUDefFree(vm->def->cpu);
10508 vm->def->cpu = g_steal_pointer(&fixedCPU);
10509 }
10510
10511 if (fixedOrig) {
10512 virCPUDefFree(*origCPU);
10513 *origCPU = g_steal_pointer(&fixedOrig);
10514 }
10515
10516 return 0;
10517 }
10518
10519
10520 char *
qemuDomainGetMachineName(virDomainObj * vm)10521 qemuDomainGetMachineName(virDomainObj *vm)
10522 {
10523 qemuDomainObjPrivate *priv = vm->privateData;
10524 virQEMUDriver *driver = priv->driver;
10525 char *ret = NULL;
10526
10527 if (vm->pid > 0) {
10528 ret = virSystemdGetMachineNameByPID(vm->pid);
10529 if (!ret)
10530 virResetLastError();
10531 }
10532
10533 if (!ret)
10534 ret = virDomainDriverGenerateMachineName("qemu",
10535 driver->embeddedRoot,
10536 vm->def->id, vm->def->name,
10537 driver->privileged);
10538
10539 return ret;
10540 }
10541
10542
10543 /**
10544 * qemuDomainPrepareDiskSourceData:
10545 *
10546 * @disk: Disk config object
10547 * @src: source to start from
10548 *
10549 * Prepares various aspects of a storage source belonging to a disk backing
10550 * chain based on the disk configuration. This function should be also called
10551 * for detected backing chain members.
10552 */
10553 void
qemuDomainPrepareDiskSourceData(virDomainDiskDef * disk,virStorageSource * src)10554 qemuDomainPrepareDiskSourceData(virDomainDiskDef *disk,
10555 virStorageSource *src)
10556 {
10557 if (!disk)
10558 return;
10559
10560 /* transfer properties valid only for the top level image */
10561 if (src == disk->src)
10562 src->detect_zeroes = disk->detect_zeroes;
10563
10564 /* transfer properties valid for the full chain */
10565 src->iomode = disk->iomode;
10566 src->cachemode = disk->cachemode;
10567 src->discard = disk->discard;
10568
10569 if (disk->device == VIR_DOMAIN_DISK_DEVICE_FLOPPY)
10570 src->floppyimg = true;
10571 }
10572
10573
10574 static void
qemuDomainPrepareDiskCachemode(virDomainDiskDef * disk)10575 qemuDomainPrepareDiskCachemode(virDomainDiskDef *disk)
10576 {
10577 if (disk->cachemode == VIR_DOMAIN_DISK_CACHE_DEFAULT &&
10578 disk->src->shared && !disk->src->readonly)
10579 disk->cachemode = VIR_DOMAIN_DISK_CACHE_DISABLE;
10580 }
10581
10582
10583 static int
qemuDomainPrepareStorageSourcePR(virStorageSource * src,qemuDomainObjPrivate * priv,const char * parentalias)10584 qemuDomainPrepareStorageSourcePR(virStorageSource *src,
10585 qemuDomainObjPrivate *priv,
10586 const char *parentalias)
10587 {
10588 if (!src->pr)
10589 return 0;
10590
10591 if (virStoragePRDefIsManaged(src->pr)) {
10592 VIR_FREE(src->pr->path);
10593 if (!(src->pr->path = qemuDomainGetManagedPRSocketPath(priv)))
10594 return -1;
10595 src->pr->mgralias = g_strdup(qemuDomainGetManagedPRAlias());
10596 } else {
10597 if (!(src->pr->mgralias = qemuDomainGetUnmanagedPRAlias(parentalias)))
10598 return -1;
10599 }
10600
10601 return 0;
10602 }
10603
10604
10605 /**
10606 * qemuDomainPrepareDiskSourceLegacy:
10607 * @disk: disk to prepare
10608 * @priv: VM private data
10609 * @cfg: qemu driver config
10610 *
10611 * Prepare any disk source relevant data for use with the -drive command line.
10612 */
10613 static int
qemuDomainPrepareDiskSourceLegacy(virDomainDiskDef * disk,qemuDomainObjPrivate * priv,virQEMUDriverConfig * cfg)10614 qemuDomainPrepareDiskSourceLegacy(virDomainDiskDef *disk,
10615 qemuDomainObjPrivate *priv,
10616 virQEMUDriverConfig *cfg)
10617 {
10618 if (qemuDomainValidateStorageSource(disk->src, priv->qemuCaps, true) < 0)
10619 return -1;
10620
10621 qemuDomainPrepareStorageSourceConfig(disk->src, cfg, priv->qemuCaps);
10622 qemuDomainPrepareDiskSourceData(disk, disk->src);
10623
10624 if (qemuDomainSecretStorageSourcePrepare(priv, disk->src,
10625 disk->info.alias,
10626 disk->info.alias) < 0)
10627 return -1;
10628
10629 if (qemuDomainPrepareStorageSourcePR(disk->src, priv, disk->info.alias) < 0)
10630 return -1;
10631
10632 if (qemuDomainPrepareStorageSourceTLS(disk->src, cfg, disk->info.alias,
10633 priv) < 0)
10634 return -1;
10635
10636 return 0;
10637 }
10638
10639
10640 int
qemuDomainPrepareStorageSourceBlockdev(virDomainDiskDef * disk,virStorageSource * src,qemuDomainObjPrivate * priv,virQEMUDriverConfig * cfg)10641 qemuDomainPrepareStorageSourceBlockdev(virDomainDiskDef *disk,
10642 virStorageSource *src,
10643 qemuDomainObjPrivate *priv,
10644 virQEMUDriverConfig *cfg)
10645 {
10646 src->id = qemuDomainStorageIdNew(priv);
10647
10648 src->nodestorage = g_strdup_printf("libvirt-%u-storage", src->id);
10649 src->nodeformat = g_strdup_printf("libvirt-%u-format", src->id);
10650
10651 if (qemuBlockStorageSourceNeedsStorageSliceLayer(src))
10652 src->sliceStorage->nodename = g_strdup_printf("libvirt-%u-slice-sto", src->id);
10653
10654 if (src->encryption && src->encryption->engine == VIR_STORAGE_ENCRYPTION_ENGINE_DEFAULT)
10655 src->encryption->engine = VIR_STORAGE_ENCRYPTION_ENGINE_QEMU;
10656
10657 if (qemuDomainValidateStorageSource(src, priv->qemuCaps, false) < 0)
10658 return -1;
10659
10660 qemuDomainPrepareStorageSourceConfig(src, cfg, priv->qemuCaps);
10661 qemuDomainPrepareDiskSourceData(disk, src);
10662
10663 if (qemuDomainSecretStorageSourcePrepare(priv, src,
10664 src->nodestorage,
10665 src->nodeformat) < 0)
10666 return -1;
10667
10668 if (qemuDomainPrepareStorageSourcePR(src, priv, src->nodestorage) < 0)
10669 return -1;
10670
10671 if (qemuDomainPrepareStorageSourceTLS(src, cfg, src->nodestorage,
10672 priv) < 0)
10673 return -1;
10674
10675 if (qemuDomainPrepareStorageSourceNFS(src) < 0)
10676 return -1;
10677
10678 return 0;
10679 }
10680
10681
10682 static int
qemuDomainPrepareDiskSourceBlockdev(virDomainDiskDef * disk,qemuDomainObjPrivate * priv,virQEMUDriverConfig * cfg)10683 qemuDomainPrepareDiskSourceBlockdev(virDomainDiskDef *disk,
10684 qemuDomainObjPrivate *priv,
10685 virQEMUDriverConfig *cfg)
10686 {
10687 qemuDomainDiskPrivate *diskPriv = QEMU_DOMAIN_DISK_PRIVATE(disk);
10688 virStorageSource *n;
10689
10690 if (disk->copy_on_read == VIR_TRISTATE_SWITCH_ON &&
10691 !diskPriv->nodeCopyOnRead)
10692 diskPriv->nodeCopyOnRead = g_strdup_printf("libvirt-CoR-%s", disk->dst);
10693
10694 for (n = disk->src; virStorageSourceIsBacking(n); n = n->backingStore) {
10695 if (qemuDomainPrepareStorageSourceBlockdev(disk, n, priv, cfg) < 0)
10696 return -1;
10697 }
10698
10699 return 0;
10700 }
10701
10702
10703 int
qemuDomainPrepareDiskSource(virDomainDiskDef * disk,qemuDomainObjPrivate * priv,virQEMUDriverConfig * cfg)10704 qemuDomainPrepareDiskSource(virDomainDiskDef *disk,
10705 qemuDomainObjPrivate *priv,
10706 virQEMUDriverConfig *cfg)
10707 {
10708 /* Nothing to prepare as it will use -chardev instead
10709 * of -blockdev/-drive option. */
10710 if (disk->src->type == VIR_STORAGE_TYPE_VHOST_USER)
10711 return 0;
10712
10713 qemuDomainPrepareDiskCachemode(disk);
10714
10715 /* set default format for storage pool based disks */
10716 if (disk->src->type == VIR_STORAGE_TYPE_VOLUME &&
10717 disk->src->format <= VIR_STORAGE_FILE_NONE) {
10718 int actualType = virStorageSourceGetActualType(disk->src);
10719
10720 if (actualType == VIR_STORAGE_TYPE_DIR)
10721 disk->src->format = VIR_STORAGE_FILE_FAT;
10722 else
10723 disk->src->format = VIR_STORAGE_FILE_RAW;
10724 }
10725
10726 if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV) &&
10727 !qemuDiskBusIsSD(disk->bus)) {
10728 if (qemuDomainPrepareDiskSourceBlockdev(disk, priv, cfg) < 0)
10729 return -1;
10730 } else {
10731 if (qemuDomainPrepareDiskSourceLegacy(disk, priv, cfg) < 0)
10732 return -1;
10733 }
10734
10735 return 0;
10736 }
10737
10738
10739 int
qemuDomainPrepareHostdev(virDomainHostdevDef * hostdev,qemuDomainObjPrivate * priv)10740 qemuDomainPrepareHostdev(virDomainHostdevDef *hostdev,
10741 qemuDomainObjPrivate *priv)
10742 {
10743 if (virHostdevIsSCSIDevice(hostdev)) {
10744 virDomainHostdevSubsysSCSI *scsisrc = &hostdev->source.subsys.u.scsi;
10745 virStorageSource *src = NULL;
10746
10747 switch ((virDomainHostdevSCSIProtocolType) scsisrc->protocol) {
10748 case VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_NONE:
10749 virObjectUnref(scsisrc->u.host.src);
10750 scsisrc->u.host.src = virStorageSourceNew();
10751 src = scsisrc->u.host.src;
10752
10753 src->type = VIR_STORAGE_TYPE_BLOCK;
10754
10755 break;
10756
10757 case VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_ISCSI:
10758 src = scsisrc->u.iscsi.src;
10759 break;
10760
10761 case VIR_DOMAIN_HOSTDEV_SCSI_PROTOCOL_TYPE_LAST:
10762 default:
10763 virReportEnumRangeError(virDomainHostdevSCSIProtocolType, scsisrc->protocol);
10764 return -1;
10765 }
10766
10767 if (src) {
10768 const char *backendalias = hostdev->info->alias;
10769
10770 src->readonly = hostdev->readonly;
10771
10772 if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV_HOSTDEV_SCSI)) {
10773 src->id = qemuDomainStorageIdNew(priv);
10774 src->nodestorage = g_strdup_printf("libvirt-%d-backend", src->id);
10775 backendalias = src->nodestorage;
10776 }
10777
10778 if (src->auth) {
10779 virSecretUsageType usageType = VIR_SECRET_USAGE_TYPE_ISCSI;
10780 qemuDomainStorageSourcePrivate *srcPriv = qemuDomainStorageSourcePrivateFetch(src);
10781
10782 if (!(srcPriv->secinfo = qemuDomainSecretInfoSetupFromSecret(priv,
10783 backendalias,
10784 NULL,
10785 usageType,
10786 src->auth->username,
10787 &src->auth->seclookupdef)))
10788 return -1;
10789 }
10790 }
10791 }
10792
10793 return 0;
10794 }
10795
10796
10797 /**
10798 * qemuDomainDiskCachemodeFlags:
10799 *
10800 * Converts disk cachemode to the cache mode options for qemu. Returns -1 for
10801 * invalid @cachemode values and fills the flags and returns 0 on success.
10802 * Flags may be NULL.
10803 */
10804 int
qemuDomainDiskCachemodeFlags(int cachemode,bool * writeback,bool * direct,bool * noflush)10805 qemuDomainDiskCachemodeFlags(int cachemode,
10806 bool *writeback,
10807 bool *direct,
10808 bool *noflush)
10809 {
10810 bool dummy;
10811
10812 if (!writeback)
10813 writeback = &dummy;
10814
10815 if (!direct)
10816 direct = &dummy;
10817
10818 if (!noflush)
10819 noflush = &dummy;
10820
10821 /* Mapping of cache modes to the attributes according to qemu-options.hx
10822 * │ cache.writeback cache.direct cache.no-flush
10823 * ─────────────┼─────────────────────────────────────────────────
10824 * writeback │ true false false
10825 * none │ true true false
10826 * writethrough │ false false false
10827 * directsync │ false true false
10828 * unsafe │ true false true
10829 */
10830 switch ((virDomainDiskCache) cachemode) {
10831 case VIR_DOMAIN_DISK_CACHE_DISABLE: /* 'none' */
10832 *writeback = true;
10833 *direct = true;
10834 *noflush = false;
10835 break;
10836
10837 case VIR_DOMAIN_DISK_CACHE_WRITETHRU:
10838 *writeback = false;
10839 *direct = false;
10840 *noflush = false;
10841 break;
10842
10843 case VIR_DOMAIN_DISK_CACHE_WRITEBACK:
10844 *writeback = true;
10845 *direct = false;
10846 *noflush = false;
10847 break;
10848
10849 case VIR_DOMAIN_DISK_CACHE_DIRECTSYNC:
10850 *writeback = false;
10851 *direct = true;
10852 *noflush = false;
10853 break;
10854
10855 case VIR_DOMAIN_DISK_CACHE_UNSAFE:
10856 *writeback = true;
10857 *direct = false;
10858 *noflush = true;
10859 break;
10860
10861 case VIR_DOMAIN_DISK_CACHE_DEFAULT:
10862 case VIR_DOMAIN_DISK_CACHE_LAST:
10863 default:
10864 virReportEnumRangeError(virDomainDiskCache, cachemode);
10865 return -1;
10866 }
10867
10868 return 0;
10869 }
10870
10871
10872 void
qemuProcessEventFree(struct qemuProcessEvent * event)10873 qemuProcessEventFree(struct qemuProcessEvent *event)
10874 {
10875 if (!event)
10876 return;
10877
10878 switch (event->eventType) {
10879 case QEMU_PROCESS_EVENT_GUESTPANIC:
10880 qemuMonitorEventPanicInfoFree(event->data);
10881 break;
10882 case QEMU_PROCESS_EVENT_RDMA_GID_STATUS_CHANGED:
10883 qemuMonitorEventRdmaGidStatusFree(event->data);
10884 break;
10885 case QEMU_PROCESS_EVENT_WATCHDOG:
10886 case QEMU_PROCESS_EVENT_DEVICE_DELETED:
10887 case QEMU_PROCESS_EVENT_NIC_RX_FILTER_CHANGED:
10888 case QEMU_PROCESS_EVENT_SERIAL_CHANGED:
10889 case QEMU_PROCESS_EVENT_BLOCK_JOB:
10890 case QEMU_PROCESS_EVENT_MONITOR_EOF:
10891 case QEMU_PROCESS_EVENT_GUEST_CRASHLOADED:
10892 g_free(event->data);
10893 break;
10894 case QEMU_PROCESS_EVENT_JOB_STATUS_CHANGE:
10895 virObjectUnref(event->data);
10896 break;
10897 case QEMU_PROCESS_EVENT_MEMORY_DEVICE_SIZE_CHANGE:
10898 qemuMonitorMemoryDeviceSizeChangeFree(event->data);
10899 break;
10900 case QEMU_PROCESS_EVENT_PR_DISCONNECT:
10901 case QEMU_PROCESS_EVENT_LAST:
10902 break;
10903 }
10904 g_free(event);
10905 }
10906
10907
10908 char *
qemuDomainGetManagedPRSocketPath(qemuDomainObjPrivate * priv)10909 qemuDomainGetManagedPRSocketPath(qemuDomainObjPrivate *priv)
10910 {
10911 return g_strdup_printf("%s/%s.sock", priv->libDir,
10912 qemuDomainGetManagedPRAlias());
10913 }
10914
10915
10916 /**
10917 * qemuDomainStorageIdNew:
10918 * @priv: qemu VM private data object.
10919 *
10920 * Generate a new unique id for a storage object. Useful for node name generation.
10921 */
10922 unsigned int
qemuDomainStorageIdNew(qemuDomainObjPrivate * priv)10923 qemuDomainStorageIdNew(qemuDomainObjPrivate *priv)
10924 {
10925 return ++priv->nodenameindex;
10926 }
10927
10928
10929 /**
10930 * qemuDomainStorageIdReset:
10931 * @priv: qemu VM private data object.
10932 *
10933 * Resets the data for the node name generator. The node names need to be unique
10934 * for a single instance, so can be reset on VM shutdown.
10935 */
10936 void
qemuDomainStorageIdReset(qemuDomainObjPrivate * priv)10937 qemuDomainStorageIdReset(qemuDomainObjPrivate *priv)
10938 {
10939 priv->nodenameindex = 0;
10940 }
10941
10942
10943 virDomainEventResumedDetailType
qemuDomainRunningReasonToResumeEvent(virDomainRunningReason reason)10944 qemuDomainRunningReasonToResumeEvent(virDomainRunningReason reason)
10945 {
10946 switch (reason) {
10947 case VIR_DOMAIN_RUNNING_RESTORED:
10948 case VIR_DOMAIN_RUNNING_FROM_SNAPSHOT:
10949 return VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT;
10950
10951 case VIR_DOMAIN_RUNNING_MIGRATED:
10952 case VIR_DOMAIN_RUNNING_MIGRATION_CANCELED:
10953 return VIR_DOMAIN_EVENT_RESUMED_MIGRATED;
10954
10955 case VIR_DOMAIN_RUNNING_POSTCOPY:
10956 return VIR_DOMAIN_EVENT_RESUMED_POSTCOPY;
10957
10958 case VIR_DOMAIN_RUNNING_UNKNOWN:
10959 case VIR_DOMAIN_RUNNING_SAVE_CANCELED:
10960 case VIR_DOMAIN_RUNNING_BOOTED:
10961 case VIR_DOMAIN_RUNNING_UNPAUSED:
10962 case VIR_DOMAIN_RUNNING_WAKEUP:
10963 case VIR_DOMAIN_RUNNING_CRASHED:
10964 case VIR_DOMAIN_RUNNING_LAST:
10965 break;
10966 }
10967
10968 return VIR_DOMAIN_EVENT_RESUMED_UNPAUSED;
10969 }
10970
10971
10972 bool
qemuDomainDiskIsMissingLocalOptional(virDomainDiskDef * disk)10973 qemuDomainDiskIsMissingLocalOptional(virDomainDiskDef *disk)
10974 {
10975 return disk->startupPolicy == VIR_DOMAIN_STARTUP_POLICY_OPTIONAL &&
10976 virStorageSourceIsLocalStorage(disk->src) && disk->src->path &&
10977 !virFileExists(disk->src->path);
10978 }
10979
10980
10981 void
qemuDomainNVRAMPathFormat(virQEMUDriverConfig * cfg,virDomainDef * def,char ** path)10982 qemuDomainNVRAMPathFormat(virQEMUDriverConfig *cfg,
10983 virDomainDef *def,
10984 char **path)
10985 {
10986 *path = g_strdup_printf("%s/%s_VARS.fd", cfg->nvramDir, def->name);
10987 }
10988
10989
10990 void
qemuDomainNVRAMPathGenerate(virQEMUDriverConfig * cfg,virDomainDef * def)10991 qemuDomainNVRAMPathGenerate(virQEMUDriverConfig *cfg,
10992 virDomainDef *def)
10993 {
10994 if (virDomainDefHasOldStyleROUEFI(def) &&
10995 !def->os.loader->nvram)
10996 qemuDomainNVRAMPathFormat(cfg, def, &def->os.loader->nvram);
10997 }
10998
10999
11000 virDomainEventSuspendedDetailType
qemuDomainPausedReasonToSuspendedEvent(virDomainPausedReason reason)11001 qemuDomainPausedReasonToSuspendedEvent(virDomainPausedReason reason)
11002 {
11003 switch (reason) {
11004 case VIR_DOMAIN_PAUSED_MIGRATION:
11005 return VIR_DOMAIN_EVENT_SUSPENDED_MIGRATED;
11006
11007 case VIR_DOMAIN_PAUSED_FROM_SNAPSHOT:
11008 return VIR_DOMAIN_EVENT_SUSPENDED_FROM_SNAPSHOT;
11009
11010 case VIR_DOMAIN_PAUSED_POSTCOPY_FAILED:
11011 return VIR_DOMAIN_EVENT_SUSPENDED_POSTCOPY_FAILED;
11012
11013 case VIR_DOMAIN_PAUSED_POSTCOPY:
11014 return VIR_DOMAIN_EVENT_SUSPENDED_POSTCOPY;
11015
11016 case VIR_DOMAIN_PAUSED_UNKNOWN:
11017 case VIR_DOMAIN_PAUSED_USER:
11018 case VIR_DOMAIN_PAUSED_SAVE:
11019 case VIR_DOMAIN_PAUSED_DUMP:
11020 case VIR_DOMAIN_PAUSED_IOERROR:
11021 case VIR_DOMAIN_PAUSED_WATCHDOG:
11022 case VIR_DOMAIN_PAUSED_SHUTTING_DOWN:
11023 case VIR_DOMAIN_PAUSED_SNAPSHOT:
11024 case VIR_DOMAIN_PAUSED_CRASHED:
11025 case VIR_DOMAIN_PAUSED_STARTING_UP:
11026 case VIR_DOMAIN_PAUSED_LAST:
11027 break;
11028 }
11029
11030 return VIR_DOMAIN_EVENT_SUSPENDED_PAUSED;
11031 }
11032
11033
11034 static int
qemuDomainDefHasManagedPRBlockjobIterator(void * payload,const char * name G_GNUC_UNUSED,void * opaque)11035 qemuDomainDefHasManagedPRBlockjobIterator(void *payload,
11036 const char *name G_GNUC_UNUSED,
11037 void *opaque)
11038 {
11039 qemuBlockJobData *job = payload;
11040 bool *hasPR = opaque;
11041
11042 if (job->disk)
11043 return 0;
11044
11045 if ((job->chain && virStorageSourceChainHasManagedPR(job->chain)) ||
11046 (job->mirrorChain && virStorageSourceChainHasManagedPR(job->mirrorChain)))
11047 *hasPR = true;
11048
11049 return 0;
11050 }
11051
11052
11053 /**
11054 * qemuDomainDefHasManagedPR:
11055 * @vm: domain object
11056 *
11057 * @vm must be an active VM. Returns true if @vm has any storage source with
11058 * managed persistent reservations.
11059 */
11060 bool
qemuDomainDefHasManagedPR(virDomainObj * vm)11061 qemuDomainDefHasManagedPR(virDomainObj *vm)
11062 {
11063 qemuDomainObjPrivate *priv = vm->privateData;
11064 bool jobPR = false;
11065
11066 if (virDomainDefHasManagedPR(vm->def))
11067 return true;
11068
11069 virHashForEach(priv->blockjobs, qemuDomainDefHasManagedPRBlockjobIterator, &jobPR);
11070
11071 return jobPR;
11072 }
11073
11074
11075 /**
11076 * qemuDomainSupportsCheckpointsBlockjobs:
11077 * @vm: domain object
11078 *
11079 * Checks whether a block job is supported in possible combination with
11080 * checkpoints (qcow2 bitmaps). Returns -1 if unsupported and reports an error
11081 * 0 in case everything is supported.
11082 */
11083 int
qemuDomainSupportsCheckpointsBlockjobs(virDomainObj * vm)11084 qemuDomainSupportsCheckpointsBlockjobs(virDomainObj *vm)
11085 {
11086 qemuDomainObjPrivate *priv = vm->privateData;
11087
11088 if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_INCREMENTAL_BACKUP) &&
11089 virDomainListCheckpoints(vm->checkpoints, NULL, NULL, NULL, 0) > 0) {
11090 virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
11091 _("cannot perform block operations while checkpoint exists"));
11092 return -1;
11093 }
11094
11095 return 0;
11096 }
11097
11098 /**
11099 * qemuDomainInitializePflashStorageSource:
11100 *
11101 * This helper converts the specification of the source of the 'loader' in case
11102 * PFLASH is required to virStorageSources in case QEMU_CAPS_BLOCKDEV is present.
11103 *
11104 * This helper is used in the intermediate state when we don't support full
11105 * backing chains for pflash drives in the XML.
11106 *
11107 * The nodenames used here have a different prefix to allow for a later
11108 * conversion. The prefixes are 'libvirt-pflash0-storage',
11109 * 'libvirt-pflash0-format' for pflash0 and 'libvirt-pflash1-storage' and
11110 * 'libvirt-pflash1-format' for pflash1.
11111 */
11112 int
qemuDomainInitializePflashStorageSource(virDomainObj * vm)11113 qemuDomainInitializePflashStorageSource(virDomainObj *vm)
11114 {
11115 qemuDomainObjPrivate *priv = vm->privateData;
11116 virDomainDef *def = vm->def;
11117 g_autoptr(virStorageSource) pflash0 = NULL;
11118 g_autoptr(virStorageSource) pflash1 = NULL;
11119
11120 if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV))
11121 return 0;
11122
11123 if (!virDomainDefHasOldStyleUEFI(def))
11124 return 0;
11125
11126 pflash0 = virStorageSourceNew();
11127 pflash0->type = VIR_STORAGE_TYPE_FILE;
11128 pflash0->format = VIR_STORAGE_FILE_RAW;
11129 pflash0->path = g_strdup(def->os.loader->path);
11130 pflash0->readonly = def->os.loader->readonly;
11131 pflash0->nodeformat = g_strdup("libvirt-pflash0-format");
11132 pflash0->nodestorage = g_strdup("libvirt-pflash0-storage");
11133
11134
11135 if (def->os.loader->nvram) {
11136 pflash1 = virStorageSourceNew();
11137 pflash1->type = VIR_STORAGE_TYPE_FILE;
11138 pflash1->format = VIR_STORAGE_FILE_RAW;
11139 pflash1->path = g_strdup(def->os.loader->nvram);
11140 pflash1->readonly = false;
11141 pflash1->nodeformat = g_strdup("libvirt-pflash1-format");
11142 pflash1->nodestorage = g_strdup("libvirt-pflash1-storage");
11143 }
11144
11145 priv->pflash0 = g_steal_pointer(&pflash0);
11146 priv->pflash1 = g_steal_pointer(&pflash1);
11147
11148 return 0;
11149 }
11150
11151
11152 /**
11153 * qemuDomainDiskBlockJobIsSupported:
11154 *
11155 * Returns true if block jobs are supported on @disk by @vm or false and reports
11156 * an error otherwise.
11157 *
11158 * Note that this does not verify whether other block jobs are running etc.
11159 */
11160 bool
qemuDomainDiskBlockJobIsSupported(virDomainObj * vm,virDomainDiskDef * disk)11161 qemuDomainDiskBlockJobIsSupported(virDomainObj *vm,
11162 virDomainDiskDef *disk)
11163 {
11164 qemuDomainObjPrivate *priv = vm->privateData;
11165
11166 if (virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_BLOCKDEV) &&
11167 qemuDiskBusIsSD(disk->bus)) {
11168 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
11169 _("block jobs are not supported on disk '%s' using bus 'sd'"),
11170 disk->dst);
11171 return false;
11172 }
11173
11174 if (disk->transient) {
11175 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
11176 _("block jobs are not supported on transient disk '%s'"),
11177 disk->dst);
11178 return false;
11179 }
11180
11181 if (virStorageSourceGetActualType(disk->src) == VIR_STORAGE_TYPE_VHOST_USER) {
11182 virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
11183 _("block jobs are not supported on vhostuser disk '%s'"),
11184 disk->dst);
11185 return false;
11186 }
11187
11188 return true;
11189 }
11190
11191
11192 int
virQEMUFileOpenAs(uid_t fallback_uid,gid_t fallback_gid,bool dynamicOwnership,const char * path,int oflags,bool * needUnlink)11193 virQEMUFileOpenAs(uid_t fallback_uid,
11194 gid_t fallback_gid,
11195 bool dynamicOwnership,
11196 const char *path,
11197 int oflags,
11198 bool *needUnlink)
11199 {
11200 struct stat sb;
11201 bool is_reg = true;
11202 bool need_unlink = false;
11203 unsigned int vfoflags = 0;
11204 int fd = -1;
11205 int path_shared = virFileIsSharedFS(path);
11206 uid_t uid = geteuid();
11207 gid_t gid = getegid();
11208
11209 /* path might be a pre-existing block dev, in which case
11210 * we need to skip the create step, and also avoid unlink
11211 * in the failure case */
11212 if (oflags & O_CREAT) {
11213 need_unlink = true;
11214
11215 /* Don't force chown on network-shared FS
11216 * as it is likely to fail. */
11217 if (path_shared <= 0 || dynamicOwnership)
11218 vfoflags |= VIR_FILE_OPEN_FORCE_OWNER;
11219
11220 if (stat(path, &sb) == 0) {
11221 /* It already exists, we don't want to delete it on error */
11222 need_unlink = false;
11223
11224 is_reg = !!S_ISREG(sb.st_mode);
11225 /* If the path is regular file which exists
11226 * already and dynamic_ownership is off, we don't
11227 * want to change its ownership, just open it as-is */
11228 if (is_reg && !dynamicOwnership) {
11229 uid = sb.st_uid;
11230 gid = sb.st_gid;
11231 }
11232 }
11233 }
11234
11235 /* First try creating the file as root */
11236 if (!is_reg) {
11237 if ((fd = open(path, oflags & ~O_CREAT)) < 0) {
11238 fd = -errno;
11239 goto error;
11240 }
11241 } else {
11242 if ((fd = virFileOpenAs(path, oflags, S_IRUSR | S_IWUSR, uid, gid,
11243 vfoflags | VIR_FILE_OPEN_NOFORK)) < 0) {
11244 /* If we failed as root, and the error was permission-denied
11245 (EACCES or EPERM), assume it's on a network-connected share
11246 where root access is restricted (eg, root-squashed NFS). If the
11247 qemu user is non-root, just set a flag to
11248 bypass security driver shenanigans, and retry the operation
11249 after doing setuid to qemu user */
11250 if ((fd != -EACCES && fd != -EPERM) || fallback_uid == geteuid())
11251 goto error;
11252
11253 /* On Linux we can also verify the FS-type of the directory. */
11254 switch (path_shared) {
11255 case 1:
11256 /* it was on a network share, so we'll continue
11257 * as outlined above
11258 */
11259 break;
11260
11261 case -1:
11262 virReportSystemError(-fd, oflags & O_CREAT
11263 ? _("Failed to create file "
11264 "'%s': couldn't determine fs type")
11265 : _("Failed to open file "
11266 "'%s': couldn't determine fs type"),
11267 path);
11268 goto cleanup;
11269
11270 case 0:
11271 default:
11272 /* local file - log the error returned by virFileOpenAs */
11273 goto error;
11274 }
11275
11276 /* If we created the file above, then we need to remove it;
11277 * otherwise, the next attempt to create will fail. If the
11278 * file had already existed before we got here, then we also
11279 * don't want to delete it and allow the following to succeed
11280 * or fail based on existing protections
11281 */
11282 if (need_unlink)
11283 unlink(path);
11284
11285 /* Retry creating the file as qemu user */
11286
11287 /* Since we're passing different modes... */
11288 vfoflags |= VIR_FILE_OPEN_FORCE_MODE;
11289
11290 if ((fd = virFileOpenAs(path, oflags,
11291 S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP,
11292 fallback_uid, fallback_gid,
11293 vfoflags | VIR_FILE_OPEN_FORK)) < 0) {
11294 virReportSystemError(-fd, oflags & O_CREAT
11295 ? _("Error from child process creating '%s'")
11296 : _("Error from child process opening '%s'"),
11297 path);
11298 goto cleanup;
11299 }
11300 }
11301 }
11302 cleanup:
11303 if (needUnlink)
11304 *needUnlink = need_unlink;
11305 return fd;
11306
11307 error:
11308 virReportSystemError(-fd, oflags & O_CREAT
11309 ? _("Failed to create file '%s'")
11310 : _("Failed to open file '%s'"),
11311 path);
11312 goto cleanup;
11313 }
11314
11315
11316 /**
11317 * qemuDomainOpenFile:
11318 * @cfg: driver config object
11319 * @def: domain definition
11320 * @path: path to file to open
11321 * @oflags: flags for opening/creation of the file
11322 * @needUnlink: set to true if file was created by this function
11323 *
11324 * Internal function to properly create or open existing files, with
11325 * ownership affected by qemu driver setup and domain DAC label.
11326 *
11327 * Returns the file descriptor on success and negative errno on failure.
11328 *
11329 * This function should not be used on storage sources. Use
11330 * qemuDomainStorageFileInit and storage driver APIs if possible.
11331 **/
11332 int
qemuDomainOpenFile(virQEMUDriverConfig * cfg,const virDomainDef * def,const char * path,int oflags,bool * needUnlink)11333 qemuDomainOpenFile(virQEMUDriverConfig *cfg,
11334 const virDomainDef *def,
11335 const char *path,
11336 int oflags,
11337 bool *needUnlink)
11338 {
11339 uid_t user = cfg->user;
11340 gid_t group = cfg->group;
11341 bool dynamicOwnership = cfg->dynamicOwnership;
11342 virSecurityLabelDef *seclabel;
11343
11344 /* TODO: Take imagelabel into account? */
11345 if (def &&
11346 (seclabel = virDomainDefGetSecurityLabelDef(def, "dac")) != NULL &&
11347 seclabel->label != NULL &&
11348 (virParseOwnershipIds(seclabel->label, &user, &group) < 0))
11349 return -EINVAL;
11350
11351 return virQEMUFileOpenAs(user, group, dynamicOwnership,
11352 path, oflags, needUnlink);
11353 }
11354
11355
11356 int
qemuDomainFileWrapperFDClose(virDomainObj * vm,virFileWrapperFd * fd)11357 qemuDomainFileWrapperFDClose(virDomainObj *vm,
11358 virFileWrapperFd *fd)
11359 {
11360 int ret;
11361
11362 /* virFileWrapperFd uses iohelper to write data onto disk.
11363 * However, iohelper calls fdatasync() which may take ages to
11364 * finish. Therefore, we shouldn't be waiting with the domain
11365 * object locked. */
11366
11367 /* XXX Currently, this function is intended for *Save() only
11368 * as restore needs some reworking before it's ready for
11369 * this. */
11370
11371 virObjectUnlock(vm);
11372 ret = virFileWrapperFdClose(fd);
11373 virObjectLock(vm);
11374 if (!virDomainObjIsActive(vm)) {
11375 if (virGetLastErrorCode() == VIR_ERR_OK)
11376 virReportError(VIR_ERR_OPERATION_FAILED, "%s",
11377 _("domain is no longer running"));
11378 ret = -1;
11379 }
11380 return ret;
11381 }
11382
11383
11384 /**
11385 * qemuDomainInterfaceSetDefaultQDisc:
11386 * @driver: QEMU driver
11387 * @net: domain interface
11388 *
11389 * Set the noqueue qdisc on @net if running as privileged. The
11390 * noqueue qdisc is a lockless transmit and thus faster than the
11391 * default pfifo_fast (at least in theory). But we can modify
11392 * root qdisc only if we have CAP_NET_ADMIN.
11393 *
11394 * Returns: 0 on success,
11395 * -1 otherwise.
11396 */
11397 int
qemuDomainInterfaceSetDefaultQDisc(virQEMUDriver * driver,virDomainNetDef * net)11398 qemuDomainInterfaceSetDefaultQDisc(virQEMUDriver *driver,
11399 virDomainNetDef *net)
11400 {
11401 virDomainNetType actualType = virDomainNetGetActualType(net);
11402
11403 if (!driver->privileged || !net->ifname)
11404 return 0;
11405
11406 /* We want only those types which are represented as TAP
11407 * devices in the host. */
11408 if (actualType == VIR_DOMAIN_NET_TYPE_ETHERNET ||
11409 actualType == VIR_DOMAIN_NET_TYPE_NETWORK ||
11410 actualType == VIR_DOMAIN_NET_TYPE_BRIDGE ||
11411 actualType == VIR_DOMAIN_NET_TYPE_DIRECT) {
11412 if (!virDomainNetDefIsOvsport(net) &&
11413 virNetDevBandwidthSetRootQDisc(net->ifname, "noqueue") < 0)
11414 return -1;
11415 }
11416
11417 return 0;
11418 }
11419
11420
11421 int
qemuDomainNamePathsCleanup(virQEMUDriverConfig * cfg,const char * name,bool bestEffort)11422 qemuDomainNamePathsCleanup(virQEMUDriverConfig *cfg,
11423 const char *name,
11424 bool bestEffort)
11425 {
11426 g_autofree char *cfg_file = NULL;
11427 g_autofree char *autostart_link = NULL;
11428 g_autofree char *snap_dir = NULL;
11429 g_autofree char *chk_dir = NULL;
11430
11431 cfg_file = virDomainConfigFile(cfg->configDir, name);
11432 autostart_link = virDomainConfigFile(cfg->autostartDir, name);
11433 snap_dir = g_strdup_printf("%s/%s", cfg->snapshotDir, name);
11434 chk_dir = g_strdup_printf("%s/%s", cfg->checkpointDir, name);
11435
11436 if (virFileExists(cfg_file) &&
11437 unlink(cfg_file) < 0) {
11438 virReportSystemError(errno, _("Failed to unlink '%s'"), cfg_file);
11439 if (!bestEffort)
11440 return -1;
11441 }
11442
11443 if (virFileIsLink(autostart_link) == 1 &&
11444 unlink(autostart_link) < 0) {
11445 virReportSystemError(errno, _("Failed to unlink '%s'"), autostart_link);
11446 if (!bestEffort)
11447 return -1;
11448 }
11449
11450 if (virFileIsDir(snap_dir) &&
11451 virFileDeleteTree(snap_dir) < 0 &&
11452 !bestEffort)
11453 return -1;
11454
11455 if (virFileIsDir(chk_dir) &&
11456 virFileDeleteTree(chk_dir) < 0 &&
11457 !bestEffort)
11458 return -1;
11459
11460 return 0;
11461 }
11462
11463
11464 char *
qemuDomainGetVHostUserFSSocketPath(qemuDomainObjPrivate * priv,const virDomainFSDef * fs)11465 qemuDomainGetVHostUserFSSocketPath(qemuDomainObjPrivate *priv,
11466 const virDomainFSDef *fs)
11467 {
11468 if (fs->sock)
11469 return g_strdup(fs->sock);
11470
11471 return virFileBuildPath(priv->libDir, fs->info.alias, "-fs.sock");
11472 }
11473