Since the virStorageEncryptionPtr encryption; is a member of
 _virStorageSource it really should be allowed to be a subelement
of the disk <source> for various disk formats:

   Source{File|Dir|Block|Volume}
   SourceProtocol{RBD|ISCSI|NBD|Gluster|Simple|HTTP}

NB: Simple includes sheepdog, ftp, ftps, tftp

That way we can set up to allow the <encryption> element to be
formatted within the disk source, but we still need to be wary
from whence the element was read - see keep track and when it
comes to format the data, ensure it's written in the correct place.

Modify the qemuxml2argvtest to add a parse failure when there is an
<encryption> as a child of <disk> *and* an <encryption> as a child
of <source>.

The virschematest will read the new test files and validate from a
RNG viewpoint things are fine.

Since the virStorageAuthDefPtr auth; is a member of _virStorageSource
it really should be allowed to be a subelement of the disk <source>
for the RBD and iSCSI prototcols. That way we can set up to allow
the <auth> element to be formatted within the disk source.

Since we've allowed the <auth> to be a child of <disk>, we'll need
to keep track of how it was read so that when writing out we'll know
whether to format as child of <disk> or <source>. For the argv2xml
parsing, let's format under <source> as a preference. Do not allow
<auth> to be both a child of <disk> and <source>.

Modify the qemuxml2argvtest to add a parse failure when there is an
<auth> as a child of <disk> *and* an <auth> as a child of <source>.

Add tests to validate that if the <auth> was found in <source>, then
the resulting xml2xml and xml2arg works just fine.  The two new .args
file are exact copies of the non "-source" version of the file.

The virschematest will read the new test files and validate from a
RNG viewpoint things are fine

Update the virstoragefile, virstoragetest, and args2xml file to show
the "preference" to place <auth> as a child of <source>.

Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

The original description from commit id '24e0171b' got it backwards.

This adds a rule to require https links for the libvirt, qemu
and kvm websites.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

qemu 2.7.0 introduces multiqueue virtio-blk(commit 2f27059).
This patch introduces a new attribute "queues". An example of
the XML:

<disk type='file' device='disk'>
  <driver name='qemu' type='qcow2' queues='4'/>

The corresponding QEMU command line:

-device virtio-blk-pci,scsi=off,num-queues=4,id=virtio-disk0
Signed-off-by: NLin Ma <lma@suse.com>
Signed-off-by: NJán Tomko <jtomko@redhat.com>

We get a question every now and then about why hibernation works when
suspend-to-disk is disabled and similar.  Let's hope that, by documenting the
obvious more blatantly, people will get more informed.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
Reviewed-by: NErik Skultety <eskultet@redhat.com>

Add an optional virTristateBool haveTLS to virStorageSource to
manage whether a storage source will be using TLS.

Sample XML for a VxHS disk:

<disk type='network' device='disk'>
  <driver name='qemu' type='raw' cache='none'/>
  <source protocol='vxhs' name='eb90327c-8302-4725-9e1b-4e85ed4dc251' tls='yes'>
    <host name='192.168.0.1' port='9999'/>
  </source>
  <target dev='vda' bus='virtio'/>
</disk>

Additionally add a tlsFromConfig boolean to control whether the TLS
setting was due to domain configuration or qemu.conf global setting
in order to decide whether to Format the haveTLS setting for either
a live or saved domain configuration file.

Update the qemuxml2xmltest in order to add a test to show the proper
parsing.

Also update the docs to describe the tls attribute.
Signed-off-by: NAshish Mittal <Ashish.Mittal@veritas.com>
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Clean up the description a bit to make it more readable and not
appear as one long run-on paragraph.

Signed-off-by: NErik Skultety <eskultet@redhat.com>

This reverts commit edaf4ebe.

This uses "reconnect" as attribute for <source> element, but we already
have a <reconnect> element for <source> element for chardev devices.

Since this is the same feature for different device it should be
presented in XML the same way.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

For vhost-user ports, Open vSwitch acts as the server and QEMU the client.
When OVS crashed or restart, QEMU shoule be reconnect to OVS.
Signed-off-by: NZhiPeng Lu <lu.zhipeng@zte.com.cn>
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Alter the schema to allow a VxHS block device. Sample XML is:

  <disk type='network' device='disk'>
    <driver name='qemu' type='raw' cache='none'/>
    <source protocol='vxhs' name='eb90327c-8302-4725-9e1b-4e85ed4dc251'>
      <host name='192.168.0.1' port='9999'/>
    </source>
    <target dev='vda' bus='virtio'/>
    <serial>eb90327c-8302-4725-9e1b-4e85ed4dc251</serial>
    <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
  </disk>

Update the html docs to describe the capability for VxHS.

Alter the qemuxml2xmltest to validate the formatting.
Signed-off-by: NAshish Mittal <Ashish.Mittal@veritas.com>
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1075520

Currently, all that users can specify for an interface type of
'user' is the common attributes: PCI address, NIC model (and
that's basically it). However, some need to configure other
address range than the default one.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: laine@laine.org

Alter the example to remove the <auth> from:

  <disk type='volume' device='disk'>
    <driver name='qemu' type='raw'/>
    <source pool='iscsi-pool' volume='unit:0:0:1' mode='host'/>
    <auth username='myuser'>
      <secret type='iscsi' usage='libvirtiscsi'/>
    </auth>
    <target dev='vdb' bus='virtio'/>
  </disk>

and

  <disk type='volume' device='disk'>
    <driver name='qemu' type='raw'/>
    <source pool='iscsi-pool' volume='unit:0:0:2' mode='direct'/>
    <auth username='myuser'>
      <secret type='iscsi' usage='libvirtiscsi'/>
    </auth>
    <target dev='vdc' bus='virtio'/>
  </disk>

The reality is, it's not even used. For a <source pool> the authdef
from the storage source pool will supercede whatever is in the <disk>
definition during virStorageTranslateDiskSourcePool processing. In fact,
if the pool doesn't have/need authentication, then the authdef would
be removed anyway as the storage pool would be handling things.

The "proof" for this is in the adjustment to the test to add an
<auth> for a disk. The resulting .args file won't add what normally
would be added "myname:encodedpassword@" prior to the hostname in
the IQN (e.g. iscsi://myname:encodedpassword@iscsi.example.org:3260/...

https://bugzilla.redhat.com/show_bug.cgi?id=1484234

Turns out, only vhostuser type of interfaces are supported
currently.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

For all machine types except i440fx, making a guest hotplug
capable requires some sort of planning. Add some information
to help users make educated choices when defining the PCI
topology of guests.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>

The HTML5 doctype is simply

  <!DOCTYPE html>

no DTD is present because HTML5 is no longer defined as an
extension of SGML.

XSL has no way to natively output a doctype without a public
or system identifier, so we have to use an <xsl:text> hack
instead.

See also

  https://dev.w3.org/html5/html-author/#doctype-declarationSigned-off-by: NDaniel P. Berrange <berrange@redhat.com>

A handful of places in the docs choose to use — instead
of '-' for no clear reason. Remove this inconsistency.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

The 'name' attribute on <a...> elements is deprecated in favour
of the 'id' attribute which is allowed on any element. HTML5
drops 'name' support entirely.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1462653

Just like I've added support for setting rx_queue_size (in
c56cdf25 and friends), qemu just gained support for setting tx
ring size.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Signed-off-by: NNitesh Konkar <nitkon12@linux.vnet.ibm.com>
Signed-off-by: NJán Tomko <jtomko@redhat.com>

This patch addresses the same aspects on PPC the bug 1103314 addressed
on x86.

PCI expander bus creates multiple primary PCI busses, where each of these
busses can be assigned a specific NUMA affinity, which, on x86 is
advertised through ACPI on a per-bus basis.

For SPAPR, a PHB's NUMA affinities are assigned on a per-PHB basis, and
there is no mechanism for advertising NUMA affinities to a guest on a
per-bus basis. So, even if qemu-ppc manages to get some sort of multi-bus
topology working using PXB, there is no way to expose the affinities
of these busses to the guest. It can only be exposed on a per-PHB/per-domain
basis.

So patch enables NUMA node tag in pci-root controller on PPC.

The way to set the NUMA node is through the numa_node option of
spapr-pci-host-bridge device. However for the implicit PHB, the only way
to set the numa_node is from the -global option. The -global option applies
to all the PHBs unless explicitly specified with the option on the
respective PHB of CLI. The default PHB has the emulated devices only, so
the patch prevents setting the NUMA node for the default PHB.
Signed-off-by: NShivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
Reviewed-by: NAndrea Bolognani <abologna@redhat.com>

Change from

  'controls whether to discard ... requests are ignored'

to

  'controls whether discard requests ... are ignored'

Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NLaine Stump <laine@laine.org>

Users may want to run the init command of a container as a special
user / group. This is achieved by adding <inituser> and <initgroup>
elements. Note that the user can either provide a name or an ID to
specify the user / group to be used.

This commit also fixes a side effect of being able to run the command
as a non-root user: the user needs rights on the tty to allow shell
job control.
Reviewed-by: NDaniel P. Berrange <berrange@redhat.com>

Some containers may want the application to run in a special directory.
Add <initdir> element in the domain configuration to handle this case
and use it in the lxc driver.
Reviewed-by: NDaniel P. Berrange <berrange@redhat.com>

When running an application container, setting environment variables
could be important.

The newly introduced <initenv> tag in domain configuration will allow
setting environment variables to the init program.
Reviewed-by: NDaniel P. Berrange <berrange@redhat.com>

Add support for vgaconf driver configuration. In domain xml it looks like
this:

  <video>
    <driver vgaconf='io|on|off'>
    <model .../>
  </video>

It was added with bhyve gop video in mind to allow users control how the
video device is exposed to the guest, specifically, how VGA I/O is
handled.

One can refer to the bhyve manual page to get more detailed description
of the possible VGA configuration options:

https://www.freebsd.org/cgi/man.cgi?query=bhyve&manpath=FreeBSD+12-current

The relevant part could be found using the 'vgaconf' keyword.

Also, add some tests for this new feature.
Signed-off-by: NRoman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

Update the per device boot schema to add an optional loadparm parameter.

eg: <boot order='1' loadparm='2'/>

Extend the virDomainDeviceInfo to support loadparm option.
Modify the appropriate functions to parse loadparm from boot device xml.
Add the xml2xml test to validate the field.
Signed-off-by: NFarhan Ali <alifm@linux.vnet.ibm.com>
Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com>
Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

<interface type='user'>
  <mac address='52:54:56:5a:5c:5e'/>
  <model type='virtio'/>
  <driver iommu='on' ats='on'/>
</interface>

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

Add a new iotlb attribute to the iommu device
to control the device IOTLB support for intel-iommu.

https://bugzilla.redhat.com/show_bug.cgi?id=1283251Reviewed-by: NPavel Hrdina <phrdina@redhat.com>