Similarly to the DEVICE_DELETED event we will be able to tell when
unplug of certain device types will be rejected by the guest OS. Wire up
the device deletion signalling code to allow handling this.

No need to keep two separate conditions. A slight juggling of return
values is needed to accomodate virDomainObjWaitUntil.

Neither of the callers cares whether the DEVICE_DELETED event isn't
supported or the event was received. Simplify the code and callers by
unifying the two values and changing the return value constants so that
a temporary variable can be omitted.

Callers ignore if this function returns -1 and continue as though the
DEVICE_DELETED event was not received. Since we can't be sure that the
event was not received we should behave as if the event was not
supported and remove the device definition right away. The error
fortunately won't really happen here.

The address assigning code might add new pci bridges.
We need them to have an alias when building the command line.

In real word usage, this is not a problem because all the code
paths already call qemuDomainAssignAddresses. However moving
this call lets us remove one extra call from qemuxml2argvtest.

Essentially revert commit 3a6204cb which added these to allow the test
suite to pass without depending on the host system state.

Since commit 4b527c1a we already mock virSCSIDeviceGetSgName, so these
callbacks are useless.

There is no point the use two different getters on the same listen
structure few lines apart.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

This effectively removes virDomainGraphicsListenSetAddress which was
used only to change the address of listen structure and possible change
the listen type.  The new function will auto-expand the listens array
and append a new listen.

The old function was used on pre-allocated array of listens and in most
cases it only "add" a new listen.  The two remaining uses can access the
listen structure directly.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

Commit c3bd0019 forgot to cleanup after itself.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1325043Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Replace the nonsensical debug statement by adding the expected event
code into the existing debug statement.

Since the monitor code always notifies the agent on guest
reboot/shutdown even if that was not initiated by the agent the warning
emitted later is bogus and pollutes the logs in such cases. Delete it
and keep just the original debug message where this info can be
inferred.

Move including of gnutls/gnutls.h in qemu/qemu_domain.c under the
"ifdef WITH_GNUTLS" check because otherwise it fails like this:

  CC       qemu/libvirt_driver_qemu_impl_la-qemu_domain.lo
qemu/qemu_domain.c:50:10: fatal error: 'gnutls/gnutls.h' file not found

in case if gnutls is not installed on the system.

Some places already check for "virt-" prefix as well as plain "virt".
virQEMUCapsHasPCIMultiBus did not, resulting in multiple PCI devices
having assigned the same unnumbered "pci" alias.

Add a test for the "virt-2.6" machine type which also omits the
<model type='virtio'/> in <interface>, to check if
qemuDomainDefaultNetModel works too.

https://bugzilla.redhat.com/show_bug.cgi?id=1325085

Signed-off-by: NVasiliy Tolstov <v.tolstov@selfip.ru>

Our use of gnutls_rnd(), introduced with commit ad7520e8, is
conditional to the availability of the <gnutls/crypto.h> header
file.

Such check, however, turns out not to be strict enough, as there
are some versions of GnuTLS (eg. 2.8.5 from CentOS 6) that provide
the header file, but not the function itself, which was introduced
only in GnuTLS 2.12.0.

Introduce an explicit check for the function.

The new perf code didn't bother to clear a pointer in 'priv' causing a
double free or other memory corruption goodness if a VM failed to start.

Clear the pointer after freeing the memory.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1324757

For device hotplug, the new alias ID needs to be checked in the list
rather than using the count of devices. Unplugging a device that is not
last in the array will make further hotplug impossible due to alias
collision.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1324551

For device hotplug, the new alias ID needs to be checked in the list
rather than using the count of devices. Unplugging a device that is not
last in the array will make further hotplug impossible due to alias
collision.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1324551

Commit id 'fb2bd208' essentially copied the qemuGetSecretString
creating an libxlGetSecretString.  Rather than have multiple copies
of the same code, create src/secret/secret_util.{c,h} files and
place the common function in there.

Modify the the build in order to build the module as a library
which is then pulled in by both the qemu and libxl drivers for
usage from both qemu_command.c and libxl_conf.c

If the -object secret capability exists, then get the path to the
masterKey file and provide that to qemu. Checking for the existence
of the file before passing to qemu could be done, but causes issues
in mock test environment.

Since the qemuDomainObjPrivate is not available when building the
command line, the qemuBuildHasMasterKey API will have to suffice
as the primary arbiter for whether the capability exists in order
to find/return the path to the master key for usage.

Created the qemuDomainGetMasterKeyAlias API which will be used by
later patches to define the 'keyid' (eg, masterKey) to be used by
other secrets to provide the id to qemu for the master key.

Add a masterKey and masterKeyLen to _qemuDomainObjPrivate to store a
random domain master key and its length in order to support the ability
to encrypt/decrypt sensitive data shared between libvirt and qemu. The
key will be base64 encoded and written to a file to be used by the
command line building code to share with qemu.

New API's from this patch:

  qemuDomainGetMasterKeyFilePath:
    Return a path to where the key is located

  qemuDomainWriteMasterKeyFile: (private)
    Open (create/trunc) the masterKey path and write the masterKey

  qemuDomainMasterKeyReadFile:
    Using the master key path, open/read the file, and store the
    masterKey and masterKeyLen. Expected use only from qemuProcessReconnect

  qemuDomainGenerateRandomKey: (private)
    Generate a random key using available algorithms

    The key is generated either from the gnutls_rnd function if it
    exists or a less cryptographically strong mechanism using
    virGenerateRandomBytes

   qemuDomainMasterKeyRemove:
    Remove traces of the master key, remove the *KeyFilePath

  qemuDomainMasterKeyCreate:
    Generate the domain master key and save the key in the location
    returned by qemuDomainGetMasterKeyFilePath.

    This API will first ensure the QEMU_CAPS_OBJECT_SECRET is set
    in the capabilities. If not, then there's no need to generate
    the secret or file.

The creation of the key will be attempted from qemuProcessPrepareHost
once the libDir directory structure exists.

The removal of the key will handled from qemuProcessStop just prior
to deleting the libDir tree.

Since the key will not be written out to the domain object XML file,
the qemuProcessReconnect will read the saved file and restore the
masterKey and masterKeyLen.

Add a capability bit for the qemu secret object.

Adjust the 2.6.0-1 caps/replies to add the secret object. For the
.replies it's take from the '{"execute":"qom-list-types"}' output.

When a hostdev is attached to the guest (and removed from the host),
the order of operations is call qemuHostdevPreparePCIDevices to remove
the device from the host, call qemuSetupHostdevCgroup to setup the cgroups,
and virSecurityManagerSetHostdevLabel to set the labels.

When the device is removed from the guest, the code didn't use the
reverse order leading to possible issues (especially if the path to
the device no longer exists). This patch will move the call to
qemuTeardownHostdevCgroup to prior to reattaching the device to
the host.

When a hostdev is attached to the guest (and removed from the host),
the order of operations is call qemuHostdevPreparePCIDevices to remove
the device from the host, call qemuSetupHostdevCgroup to setup the cgroups,
and virSecurityManagerSetHostdevLabel to set the labels.

When the device is removed from the guest, the code didn't use the
reverse order leading to possible issues (especially if the path to
the device no longer exists). This patch will move the call to
virSecurityManagerRestoreHostdevLabel to prior to reattaching the
device to the host.

The value is never negative thus there's no need to store it in a signed
type.

Commit id '59e7ef3c' misapplied a merge of commit id '01924475'
to place the "-chardev" command after formatting the character
backend value.

Commit id 'e6944a52' misapplied a merge of commit id '01924475'
to place the "-chardev" command after formatting the character
backend value.

Commit id '3cdcc910' misapplied a merge of commit id '01924475'
to place the "-chardev" command after formatting the character
backend value.

Commit id '0e1e7ade' misapplied a merge of commit id '01924475'
to place the "-chardev" command after formatting the character
backend value.

Commit id '5ab86400' misapplied a merge of commit id '01924475'
to place the "-chardev" command after formatting the character
backend value.

Commit id '858bafeb' misapplied a merge of commit id '01924475'
to place the "-chardev" command after formatting the character
backend value.

Starting with commit f8e712fe, if you start a domain that has an
<interface type='hostdev' (or that has <interface type='network'>
where the network is a pool of devices for hostdev assignment), when
you later try to add *another* interface (of any kind) with hotplug,
the function qemuAssignDeviceNetAlias() fails as soon as it sees a
"hostdevN" alias in the list of interfaces), causing the attach to
fail.

This is because (starting with f8e712fe) the device alias names are
assigned during the new function qemuProcessPrepareDomain(), which is
called *before* networkAllocateActualDevice() (which is called from
qemuProcessPrepareHost(), which is called from
qemuProcessLaunch()). Prior to that commit,
networkAllocateActualDevice() was called first.

The problem with this is that the alias for interfaces that are really
a hostdev (<interface type='hostdev'>) is of the form "hostdevN" (just
like other hostdevs), while other interfaces are "netN". But if you
don't know that the interface is going to be a hostdev at the time you
assign the alias name, you can't name it differently. (As far as I've
seen so far, the change in name by itself wouldn't have been a problem
(other than just an outwardly noticeable change in behavior) except
for the abovementioned failure to attach/detach new interfaces.

Rather than take the chance that there may be other not-yet-revealed
problems associated with changing the alias name, this patch changes
the way that aliases are assigned to restore the old behavior.

Old: In the past, assigning an alias to an interface was skipped if it
was seen that the interface was type='hostdev' - we knew that the
hostdev part of the interface was also in the list of hostdevs (that's
part of what happens in networkAllocateActualDevice()) and it would be
assigned when all the other hostdev aliases were assigned.

New: When assigning an alias to an interface, we haven't yet called
networkAllocateActualDevice() to construct the hostdev part of the
interface, so we can't just wait for the loop that creates aliases for
all the hostdevs (there's nothing on that list for this device
yet!). Instead we handle it immediately in the loop creating interface
aliases, by calling the new function networkGetActualType() to
determine if it is going to be hostdev, and if so calling
qemuAssignDeviceHostdevAlias() instead.

Some adjustments have to be made to both
qemuAssignDeviceHostdevAlias() and to qemuAssignDeviceNetAlias() to
accommodate this. In both of them, an error return from
qemuDomainDeviceAliasIndex() is no longer considered an error; instead
it's just ignored (because it almost certainly means that the alias
string for the device was "net" when we expected "hostdev" or vice
versa). in qemuAssignDeviceHostdevAlias() we have to look at all
interface aliases for hostdevN in addition to looking at all hostdev
aliases (this wasn't necessary in the past, because both the interface
entry and the hostdev entry for the device already pointed at the
device info; no longer the case since the hostdev entry hasn't yet
been setup).

Fortunately the buggy behavior hasn't yet been in any official release
of libvirt.

In certain cases, we need to assign a hostdevN-style alias in a case
when we don't have a virDomainHostdevDefPtr (instead we have a
virDomainNetDefPtr). Since qemuAssignDeviceHostdevAlias() doesn't use
anything in the virDomainHostdevDef except the alias string itself
anyway, this patch just changes the arguments to pass a pointer to the
alias pointer instead.

The paths have the domain ID in them.  Without cleaning them, they would
contain the same ID even after multiple restarts.  That could cause
various problems, e.g. with access.

Add function qemuDomainClearPrivatePaths() for this as a counterpart of
qemuDomainSetPrivatePaths().
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Since commit 9dca74ee, the function can take driver and a vm, no
need to overcomplicate.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Commit 08cc14f7 moved the conversion of MiB/s to B/s out of the
qemuMonitor APIs, but forgot to adjust the qemuMigrationDriveMirror
caller.

This patch will convert the migrate_speed value from MiB/s to its
mirror_speed equivalent in bytes/s.
Signed-off-by: NRudy Zhang <rudyflyzhang@gmail.com>
Signed-off-by: NJán Tomko <jtomko@redhat.com>

@flags have a valid modification impact only after calling
virDomainObjUpdateModificationImpact. virDomainObjGetOneDef calls it but
doesn't update them in the caller.

We use _LAST items in enums to mark the last position in given
enum. Now, if and enum is passed to switch(), compiler checks
that all the values from enum occur in 'case' enumeration.
Including _LAST. But coverity spots it's a dead code. And it
really is. So to resolve this, we tend to put a comment just
above 'case ..._LAST' notifying coverity that we know this is a
dead code but we want to have it that way.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Even though we have the machine locked throughout whole APIs we
are querying/modifying domain internal state. We should grab a
job whilst doing that.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Now that we have @flags we can support changing perf events just
in active or inactive configuration regardless of the other.
Previously, calling virDomainSetPerfEvents set events in both
active and inactive configuration at once. Even though we allow
users to set perf events that are to be enabled once domain is
started up. The virDomainGetPerfEvents API was flawed too. It
returned just runtime info.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

I've noticed that these APIs are missing @flags argument. Even
though we don't have a use for them, it's our policy that every
new API must have @flags.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>