Currently we only describe setting the CN field for server certs. This leads
to inevitable pain for users who set it to the fully qualified hostname and
then use a unqualified hostname or IP address to connect in the URI. Describe
the usage of Subject Alt Name extensions, to provide multiple hostnames and
IP addresses. This will help users avoid the classic mistake and is important
future proofing, since at least in browsers, TLS libraries no longer use the
CN field for validation, mandating use of SAN info instead.
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Various example XML documents for arp/rarp filtering have a protocolid
XML attribute defined. This is never parsed or output by the libvirt XML
handling code, so shouldn't be present in example XML files either
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

The contents of a <rule> are a choice of exactly one union member. The
RNG schema, however, was allowing an arbitrary number of instances of every
union member at once.
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Adding an IDE controller for a machinetype that has no built-in IDE
controller, libvirt will log an error. Currently the machinetype list
which returns by qemuDomainMachineHasBuiltinIDE only includes 440fx,
malta, sun4u and g3beige.
Signed-off-by: NLin Ma <lma@suse.com>
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Adding an IDE controller for a machinetype that has no built-in IDE
controller, libvirt will log an error. Currently the machinetype list
which returns by qemuDomainMachineHasBuiltinIDE only includes 440fx,
malta, sun4u and g3beige.

Remove the disk and the .args file since the expectation is the test
will fail in qemuxml2argvtest because floppy is not supported on pseries
and thus no disk is necessary and no .args file would be created to
compare against.
Signed-off-by: NLin Ma <lma@suse.com>
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Make sure all types of virDomainControllerType are handled in the
switch statement.

The underlying function which needs the driver gets it from the
passed virDomainObj object anyway.

Use it in every qemuDomainNamespaceTeardown* function that only
wants to unlink one device.

Split out the logic of unlinking devices from
qemuDomainNamespaceTeardownHostdev for reuse in other functions.

Use this function in qemuDomainNamespaceSetup* functions which
only require creating one device.

Separate the logic of creating devices from their gathering.

Use this new function in qemuDomainNamespaceSetupHostdev and
qemuDomainNamespaceSetupDisk.

To match the "things/nthings" pattern used in virDomainDef.

To match the "things/nthings" pattern used in virDomainDef.

Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

This patch pass event error up to the place where we can
use it. Error is passed only for sync blockjob event mode
as we can't use the error in async mode. In async mode we
just pass the event details to the client thru event API
but current blockjob event API can not carry extra parameter.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

The unprivileged libvirtd does not support nwfilter config, by leaves the
driver active. It is supposed to result in all APIs being an effective
no-op, but several APIs rely on driver->nwfilters being non-NULL, or they
will reference a NULL pointer. Rather than adding checks for NULL in many
places, just make sure  driver->nwfilters is always initialized.
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

There's no reason for the files to have generic- prefix
since they all live under genericxml2xmlindata and
genericxml2xmloutdata directories.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

There's no reason for the files to have qemuxml2xmlout- prefix
since they all live under qemuxml2xmloutdata directory.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

There's no reason for the files to have qemuargv2xml- prefix
since they all live under qemuargv2xmldata directory.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

There's no reason for the files to have qemuagent- prefix
since they all live under qemuagentdata directory.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Commit e93d844b was not enough to fix the permission denied
issue.  We need to apply security labels as well.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1465833Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

SELinux and DAC drivers already have both functions but they were not
exported as public API of security manager.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

gettext, gnutls and libgcrypt are already installed on the
system, so we don't need to request their installation.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NDaniel P. Berrange <berrange@redhat.com>

Installed packages might be outdated by the time the build
runs, so we should update them.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NDaniel P. Berrange <berrange@redhat.com>

The manual page clearly states that

  gettid() is Linux-specific and should not be used in programs
  that are intended to be portable.

Unfortunately, it looks like macOS implemented the functionality
and defined SYS_gettid accordingly, only to deprecate syscall()
altogether with 10.12 (Sierra), released last late year.

To avoid compilation errors, call gettid() on Linux only.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NDaniel P. Berrange <berrange@redhat.com>

As documented in

  https://libvirt.org/downloads.html#schedule
  https://libvirt.org/downloads.html#numbering

the next release will happen in the middle of January 2018 and,
being the first release of a new year, will bring a brand new
major version number with it.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>

Similarly to the previous commit, rename .args files.

The files were renamed using the following commands. From
qemuxml2argvdata:

  for i in qemuxml2argv-*.args; do mv $i ${i#qemuxml2argv-}; done

and then (to fix broken symlinks) from qemuxml2argvdata and
qemuxml2xmloutdata:

  for i in $(find . -xtype l); do \
      ln -sf $(readlink $i | sed 's/qemuxml2argv-//') $i;
  done
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

These XMLs live in a separate directory, there's no need for them
to have a special prefix in addition. It also doesn't play nicely
with ':e' completion in Vim, finding proper file based on
qemuxml2argvtest.c is also needlessly complicated.

The files were renamed using the following commands. From
qemuxml2argvdata:

  for i in qemuxml2argv-*.xml; do mv $i ${i#qemuxml2argv-}; done

and then (to fix broken symlinks) from qemuxml2argvdata and
qemuxml2xmloutdata:

  for i in $(find . -xtype l); do \
      ln -sf $(readlink $i | sed 's/qemuxml2argv-//') $i;
  done
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Noticed the following denial in audit.log when shutting down
an apparmor confined domain

type=AVC msg=audit(1512002299.742:131): apparmor="DENIED"
operation="open" profile="libvirt-66154842-e926-4f92-92f0-1c1bf61dd1ff"
name="/proc/1475/cmdline" pid=2958 comm="qemu-system-x86"
requested_mask="r" denied_mask="r" fsuid=469 ouid=0

Squelch the denial by allowing read access to /proc/<pid>/cmdline.

Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Commit id '74119a03' neglected to clean up @distances when
the numa definition is cleaned up.

Don't use a unary comparison for an int value - compare against zero
directly instead.

Clean up the style a bit w/r/t to not using a unary operator on an
integer value that could be zero - compare vs. zero instead.

Set the def->mem_nodes[*].distances to rdist or ldist inside the
if condition - no need to set outside since the value being set
to is what was fetched.

During cleanup, be sure to initialize the ndistances on error and
use the < 0 comparison not the unary one.

==899== 39 bytes in 1 blocks are definitely lost in loss record 732 of 1,003
==899==    at 0x4C2AEDF: malloc (vg_replace_malloc.c:299)
==899==    by 0x8B68CE7: vasprintf (in /lib64/libc-2.25.so)
==899==    by 0x55498D2: virVasprintfInternal (virstring.c:708)
==899==    by 0x55499E7: virAsprintfInternal (virstring.c:729)
==899==    by 0x2BECFFF0: qemuGetMemoryBackingBasePath (qemu_conf.c:1757)
==899==    by 0x2BF23225: qemuStateInitialize (qemu_driver.c:893)
==899==    by 0x563073D: virStateInitialize (libvirt.c:770)
==899==    by 0x124CC4: daemonRunStateInit (libvirtd.c:834)
==899==    by 0x55521CD: virThreadHelper (virthread.c:206)
==899==    by 0x88D9686: start_thread (in /lib64/libpthread-2.25.so)
==899==    by 0x8BEAEFE: clone (in /lib64/libc-2.25.so)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

==1277== 8 bytes in 4 blocks are definitely lost in loss record 39 of 131
==1277==    at 0x4C2AEDF: malloc (vg_replace_malloc.c:299)
==1277==    by 0x68BBBC8: xmlStrndup (in /usr/lib64/libxml2.so.2.9.4)
==1277==    by 0x53B1DC2: virXMLPropString (virxml.c:510)
==1277==    by 0x53D696A: virDomainDiskBackingStoreParse (domain_conf.c:8639)
==1277==    by 0x53DA684: virDomainDiskDefParseXML (domain_conf.c:9590)
==1277==    by 0x53F619F: virDomainDefParseXML (domain_conf.c:19233)
==1277==    by 0x53F96EE: virDomainDefParseNode (domain_conf.c:20083)
==1277==    by 0x53F9540: virDomainDefParse (domain_conf.c:20027)
==1277==    by 0x53F95E6: virDomainDefParseFile (domain_conf.c:20053)
==1277==    by 0x44D1D4: testCompareDomXML2XMLFiles (testutils.c:1265)
==1277==    by 0x42FC7C: testXML2XMLActive (qemuxml2xmltest.c:71)
==1277==    by 0x44AD20: virTestRun (testutils.c:180)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

==861== 3 bytes in 1 blocks are definitely lost in loss record 3 of 168
==861==    at 0x4C2AEDF: malloc (vg_replace_malloc.c:299)
==861==    by 0x8C7FBC8: xmlStrndup (in /usr/lib64/libxml2.so.2.9.4)
==861==    by 0x5DCCDC2: virXMLPropString (virxml.c:510)
==861==    by 0x5DF1232: virDomainDiskSourceNetworkParse (domain_conf.c:8445)
==861==    by 0x5DF1728: virDomainDiskSourceParse (domain_conf.c:8576)
==861==    by 0x5DF41A5: virDomainDiskDefParseXML (domain_conf.c:9238)
==861==    by 0x5E1119F: virDomainDefParseXML (domain_conf.c:19233)
==861==    by 0x5E146EE: virDomainDefParseNode (domain_conf.c:20083)
==861==    by 0x5E14540: virDomainDefParse (domain_conf.c:20027)
==861==    by 0x5E145E6: virDomainDefParseFile (domain_conf.c:20053)
==861==    by 0x4053CC: testCompareXMLToArgv (qemuxml2argvtest.c:455)
==861==    by 0x41F135: virTestRun (testutils.c:180)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Raw local files do not pass through the backing store detector and thus
the code did not allocate the required backing store terminator for
them. Previously the terminating element would be formatted into the XML
since the default values used for the metadata allowed that. This is a
regression since a693fdba which was not detected in the review.

This patch also reverts all the changes in the test files.

Until now we would skip loading of the backing chain for files which
don't support backing chains only when starting up the VM. Move the
check from qemuProcessPrepareHostStorage with some adaptations so that's
always applied.