Adjust args to qemudStartVMDaemon() to also specify path to stdin_fd,
so this can be passed to the AppArmor driver via SetSecurityAllLabel().

This updates all calls to qemudStartVMDaemon() as well as setting up
the non-AppArmor security driver *SetSecurityAllLabel() declarations
for the above. This is required for the following
"apparmor-fix-save-restore" patch since AppArmor resolves the passed
file descriptor to the pathname given to open().

See https://bugzilla.redhat.com/show_bug.cgi?id=599091

Saving a paused 512MB domain took 3m47s with the old block size of 512
bytes. Changing the block size to 1024*1024 decreased the time to 56
seconds. (Doubling again to 2048*1024 yielded 0 improvement; lowering
to 512k increased the save time to 1m10s, about 20%)

The pointer to the xml describing the domain is saved into an object
prior to calling VIR_REALLOC_N() to make the size of the memory it
points to a multiple of QEMU_MONITOR_MIGRATE_TO_FILE_BS. If that
operation needs to allocate new memory, the pointer that was saved is
no longer valid.

To avoid this situation, adjust the size *before* saving the pointer.

(This showed up when experimenting with very large values of
QEMU_MONITOR_MIGRATE_TO_FILE_BS).

Fixes for issues in commit 211dd1e9 noted by by Jim Meyering.

1. Allocate content buffer of size content_length + 1 to ensure
   NUL-termination.
2. Limit content buffer size to 64k
3. Fix whitespace issue

V2:
  - Add comment to clarify allocation of content buffer
  - Add ATTRIBUTE_NONNULL where appropriate
  - User NULLSTR macro

There are cases when a response from xend can exceed 4096 bytes, in
which case anything beyond 4096 is ignored. This patch changes the
current fixed-size, stack-allocated buffer to a dynamically allocated
buffer based on Content-Length in HTTP header.

* It appears that the udev event for HBA creation arrives before the
  associated sysfs data is fully populated, resulting in bogus data
  for the nodedev entry until the entry is refreshed.  This problem is
  particularly troublesome when creating NPIV vHBAs because it results
  in libvirt failing to find the newly created adapter and waiting for
  the full timeout period before erroneously failing the create
  operation.  This patch forces an update before any attempt to use
  any scsi_host nodedev entry.

* Set return value in error cases
* Clarify error message when parent device is not vport capable

This patch that adds support for configuring 802.1Qbg and 802.1Qbh
switches. The 802.1Qbh part has been successfully tested with real
hardware. The 802.1Qbg part has only been tested with a (dummy)
server that 'behaves' similarly to how we expect lldpad to 'behave'.

The following changes were made during the development of this patch:

 - Merging Scott's v13-pre1 patch
 - Fixing endptr related bug while using virStrToLong_ui() pointed out
   by Jim Meyering
 - Addressing Jim Meyering's comments to v11
 - requiring mac address to the vpDisassociateProfileId() function to
   pass it further to the 802.1Qbg disassociate part (802.1Qbh untouched)
 - determining pid of lldpad daemon by reading it from /var/run/libvirt.pid
   (hardcode as is hardcode alson in lldpad sources)
 - merging netlink send code for kernel target and user space target
   (lldpad) using one function nlComm() to send the messages
 - adding a select() after the sending and before the reading of the
   netlink response in case lldpad doesn't respond and so we don't hang
 - when reading the port status, in case of 802.1Qbg, no status may be
   received while things are 'in progress' and only at the end a status
   will be there.
 - when reading the port status, use the given instanceId and vf to pick
   the right IFLA_VF_PORT among those nested under IFLA_VF_PORTS.
 - never sending nor parsing IFLA_PORT_SELF type of messages in the
   802.1Qbg case
 - iterating over the elements in a IFLA_VF_PORTS to pick the right
   IFLA_VF_PORT by either IFLA_PORT_PROFILE and given profileId
   (802.1Qbh) or IFLA_PORT_INSTANCE_UUID and given instanceId (802.1Qbg)
   and reading the current status in IFLA_PORT_RESPONSE.
 - recycling a previous patch that adds functionality to interface.c to
   - get the vlan identifier on an interface
   - get the flags of an interface and some convenience function to
     check whether an interface is 'up' or not (not currently used here)
 - adding function to determine the root physical interface of an
   interface. For example if a macvtap is linked to eth0.100, it will
   find eth0. Also adding a function that finds the vlan on the 'way to
   the root physical interface'
 - conveying the root physical interface name and index in case of 802.1Qbg
 - conveying mac address of macvlan device and vlan identifier in
   IFLA_VFINFO_LIST[ IFLA_VF_INFO[ IFLA_VF_MAC(mac), IFLA_VF_VLAN(vlan) ] ]
   to (future) lldpad via netlink
  - To enable build with --without-macvtap rename the
    [dis|]associatePortProfileId functions, prepend 'vp' before their
    name and make them non-static functions.
  - Renaming variable multicast to nltarget_kernel and inverting
    the logic
  - Addressing Jim Meyering's comments; this also touches existing
    code for example for correcting indentation of break statements or
    simplification of switch statements.
  - Renamed occurrencvirVirtualPortProfileDef to virVirtualPortProfileParamses
  - 802.1Qbg part prepared for sending a RTM_SETLINK and getting
    processing status back plus a subsequent RTM_GETLINK to
    get IFLA_PORT_RESPONSE.
    Note: This interface for 802.1Qbg may still change
  - [David Allan] move getPhysfn inside IFLA_VF_PORT_MAX to avoid
compiler
    warning when latest if_link.h isn't available
  - move from Stefan's 802.1Qb{g|h} XML v8 to v9
  - move hostuuid and vf index calcs to inside doPortProfileOp8021Qbh
  - remove debug fprintfs
  - use virGetHostUUID (thanks Stefan!)
  - fix compile issue when latest if_link.h isn't available
  - change poll timeout to 10s, at 1/8 intervals
     - if polling times out, log msg and return -ETIMEDOUT
  - Add Stefan's code for getPortProfileStatus
  - Poll for up to 2 secs for port-profile status, at 1/8 sec intervals:
     - if status indicates error, abort openMacvtapTap
     - if status indicates success, exit polling
     - if status is "in-progress" after 2 secs of polling, exit
       polling loop silently, without error

My patch finishes out the 802.1Qbh parts, which Stefan had mostly complete.
I've tested using the recent kernel updates for VF_PORT netlink msgs and
enic for Cisco's 10G Ethernet NIC.  I tested many VMs, each with several
direct interfaces, each configured with a port-profile per the XML.  VM-to-VM,
and VM-to-external work as expected.  VM-to-VM on same host (using same NIC)
works same as VM-to-VM where VMs are on diff hosts.  I'm able to change
settings on the port-profile while the VM is running to change the virtual
port behaviour.  For example, adjusting a QoS setting like rate limit.  All
VMs with interfaces using that port-profile immediatly see the effect of the
change to the port-profile.

I don't have a SR-IOV device to test so source dev is a non-SR-IOV device,
but most of the code paths include support for specifing the source dev and
VF index.  We'll need to complete this by discovering the PF given the VF
linkdev.  Once we have the PF, we'll also have the VF index.  All this info-
mation is available from sysfs.

* src/util/bitmap.c (virBitmapAlloc): Tighten sanity check.

Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=598272

Some files under /sys/bus/usb/devices/ have the format 'usbX', where
X is the USB bus number. Use STRPREFIX to correctly parse the bus numbers.

Currently there is no way to opt out of libvirt dropping POSIX
capabilities for qemu. This at least is a useful debugging tool, but
is also wanted by users (and distributors):

https://bugzilla.redhat.com/show_bug.cgi?id=559154
https://bugzilla.redhat.com/show_bug.cgi?id=573850

v2: Clarify qemu.conf comment, warn about security implications

v3: Add .aug changes

* src/storage/storage_backend.h (VIR_STORAGE_VOL_OPEN_DEFAULT):
Adjust s/#define/# define/, and align continued lines.

If a directory pool contains pipes or sockets, a pool start can fail or hang:

https://bugzilla.redhat.com/show_bug.cgi?id=589577

We already try to avoid these special files, but only attempt after
opening the path, which is where the problems lie. Unify volume opening
into helper functions, which use the proper open() flags to avoid error,
followed by fstat to validate storage mode.

Previously, virStorageBackendUpdateVolTargetInfoFD attempted to enforce the
storage mode check, but allowed callers to detect this case and silently
continue. In practice, only the FS backend was using this feature, the rest
were treating unknown mode as an error condition. Unfortunately the InfoFD
function wasn't raising an error message here, so error reporting was
busted.

This patch adds 2 functions: virStorageBackendVolOpen, and
virStorageBackendVolOpenModeSkip. The latter retains the original opt out
semantics, the former now throws an explicit error.

This patch maintains the previous volume mode checks: allowing specific
modes for specific pool types requires a bit of surgery, since VolOpen
is called through several different helper functions.

v2: Use ATTRIBUTE_NONNULL. Drop stat check, just open with
    O_NONBLOCK|O_NOCTTY.

v3: Move mode check logic back to VolOpen. Use 2 VolOpen functions with
    different error semantics.

v4: Make second VolOpen function more extensible. Didn't opt to change
    FS backend defaults, this can just be to fix the original bug.

v5: Prefix default flags with VIR_, use ATTRIBUTE_RETURN_CHECK

Since the macvtap device needs active tear-down and the teardown logic
is based on the interface name, it can happen that if for example 1 out
of 3 interfaces was successfully created, that during the failure path
the macvtap's target device name is used to tear down an interface that
is doesn't own (owned by another VM).

So, in this patch, the target interface name is reset so that there is
no target interface name and the interface name is always cleared after
a tear down.

* If a nodedev has a parent that we don't want to display, we should
  continue walking up the udev device tree to see if any of its
  earlier ancestors are devices that we display.  It makes the tree
  much nicer looking than having a whole lot of devices hanging off
  the root node.

* src/util/hooks.c (virHookLxcOp): Use correct bound.

These files are borrowed from upstream release versions, and should
not need further edits in the context of libvirt (instead, a new
upstream vbox release would entail adding a new header file).  We do
not re-generate these files as part of libvirt, nor do we want to lose
our minor edits (such as cppi cleanups).

* src/vbox/vbox_CAPI_v2_2.h: Clarify file origins.
* src/vbox/vbox_CAPI_v3_0.h: Likewise.
* src/vbox/vbox_CAPI_v3_1.h: Likewise.
* src/vbox/vbox_CAPI_v3_2.h: Likewise.  Reindent with cppi.

Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=235961

If using the default virtual network, an easy way to lose guest network
connectivity is to install libvirt inside the VM. The autostarted
default network inside the guest collides with host virtual network
routing. This is a long standing issue that has caused users quite a
bit of pain and confusion.

On network startup, parse /proc/net/route and compare the requested
IP+netmask against host routing destinations: if any matches are found,
refuse to start the network.

v2: Drop sscanf, fix a comment typo, comment that function could use
    libnl instead of /proc

v3: Consider route netmask. Compare binary data rather than convert to
    string.

v4: Return to using sscanf, drop inet functions in favor of virSocket,
    parsing safety checks. Don't make parse failures fatal, in case
    expected format changes.

v5: Try and continue if we receive unexpected. Delimit parsed lines to
    prevent scanning past newline

'listen' isn't a valid qemu-dm option, as reported a long time ago here:

https://bugzilla.redhat.com/show_bug.cgi?id=492958

Matches the near identical logic in qemu_conf.c

v2: When parsing sexpr, only match on ",server", rather than
    full ',server,nowait'.

Signed-off-by: NCole Robinson <crobinso@redhat.com>

* Incorporated Jim's feedback (v1 & v2)

* Moved case of DEVTYPE == "wlan" up as it's definitive that we have a network interface.

* Made comment more detailed about the wired case to explain better
  how it differentiates between wired network interfaces and USB
  devices.

Eliminate almost all backward jumps by replacing this common pattern:

int
some_random_function(void)
{
    int result = 0;
    ...

  cleanup:
    <unconditional cleanup code>
    return result;

  failure:
    <cleanup code in case of an error>
    result = -1;
    goto cleanup
}

with this simpler pattern:

int
some_random_function(void)
{
    int result = -1;
    ...
    result = 0;

  cleanup:
    if (result < 0) {
        <cleanup code in case of an error>
    }

    <unconditional cleanup code>
    return result;
}

Add a bool success variable in functions that don't have a int result
that can be used for the new pattern.

Also remove some unnecessary memsets in error paths.

Parse the BIOS UUID. This information may not be available, in that
case no host UUID is exposed in the capabilities XML.

The hotplug methods still had the qemuCmdFlags variable declared
as an int, instead of unsigned long long. This caused flag checks
to be incorrect for flags > 31

* src/qemu/qemu_driver.c: Fix integer overflow in hotplug

This allows libvirt to open the PCI device sysfs config file prior
to dropping privileges so qemu can access the full config space.
Without this, a de-privileged qemu can only access the first 64
bytes of config space.

* src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Detect support
  for pci-assign.configfd option. Use this option when formatting
  PCI device string if possible
* src/qemu/qemu_driver.c: Pre-open PCI sysfs config file and pass
  to QEMU

We've been running into a lot of situations where
virGetHostname() is returning "localhost", where a plain
gethostname() would have returned the correct thing.  This
is because virGetHostname() is *always* trying to canonicalize
the name returned from gethostname(), even when it doesn't
have to.

This patch changes virGetHostname so that if the value returned
from gethostname() is already FQDN or localhost, it returns
that string directly.  If the value returned from gethostname()
is a shortened hostname, then we try to canonicalize it.  If
that succeeds, we returned the canonicalized hostname.  If
that fails, and/or returns "localhost", then we just return
the original string we got from gethostname() and hope for
the best.

Note that after this patch it is up to clients to check whether
"localhost" is an allowed return value.  The only place
where it's currently not is in qemu migration.
Signed-off-by: NChris Lalancette <clalance@redhat.com>

The virVirtualPortProfileFormat just went below the
virVirtualPortProfileParamsParseXML function and got inside the

The attached patch moves virVirtualPortProfileFormat below the #ifndef
PROXY block.

Allows listing existing pools and requesting information about them.

Alter the esxVI_ProductVersion enum in a way that allows to check for
product type by masking.

* src/util/macvtap.c: (associatePortProfileId)
(disassociatePortProfileId): Move inside HAVE_MACVTAP
conditional.
Reported by Eduardo Otubo.

This patch parses the following two XML descriptions, one for
802.1Qbg and one for 802.1Qbh, and stores the data internally.
The actual triggering of the switch setup protocol has not been
implemented here but the relevant code to do that should go into
the functions associatePortProfileId() and disassociatePortProfileId().

   <interface type='direct'>
      <source dev='eth0.100' mode='vepa'/>
      <model type='virtio'/>
      <virtualport type='802.1Qbg'>
        <parameters managerid='12' typeid='0x123456' typeidversion='1'
         instanceid='fa9b7fff-b0a0-4893-8e0e-beef4ff18f8f'/>
      </virtualport>
      <filterref filter='clean-traffic'/>
    </interface>

    <interface type='direct'>
      <source dev='eth0.100' mode='vepa'/>
      <model type='virtio'/>
      <virtualport type='802.1Qbh'>
        <parameters profileid='my_profile'/>
      </virtualport>
    </interface>

I'd suggest to use this patch as a base for triggering the setup
protocol with the 802.1Qb{g|h} switch.

Several rounds of changes were made to this patch. The
following is a list of these changes.
- Renamed structure virVirtualPortProfileDef to virVirtualPortProfileParams
  as per Daniel Berrange's request
- Addressing Daniel Berrange's comments:
 - removing macvtap.h's dependency on domain_conf.h by
   moving the virVirtualPortProfileDef structure into macvtap.h
   and not passing virtDomainNetDefPtr to any functions in
   macvtap.c
- Addressed most of Chris Wright's comments:
  - indicating error in case virtualport XML node cannot be parsed
    properly
  - parsing hex and decimal numbers using virStrToLong_ui() with
    parameter '0' for base
  - tgifname (target interface name) variable wasn't necessary
    to pass to openMacvtapTap function anymore
- assigning the virtual port data structure to the virDomainNetDef
  only if it was previously parsed
- make sure that the error code returned by openMacvtapTap() is a negative n
  in case the associatePortProfileId() function failed.
- renaming vsi in the XML to virtualport
- replace all occurrences of vsi in the source as well
- removing mode and MAC address parameters from the functions that
  will communicate with the hareware diretctly or indirectly
- moving the associate and disassociate functions to the end of the
  file for subsequent patches to easier make them generally available
  for export
- passing the macvtap interface name rather than the link device since
  this otherwise gives funny side effects when using netlink messages
  where IFLA_IFNAME and IFLA_ADDRESS are specified and the link dev
  all of a sudden gets the MAC address of the macvtap interface.
- Removing rc = -1 error indications in the case of 802.1Qbg|h setup in case
  we wanted to use hook scripts for the setup and so the setup doesn't fail
  here.
- if instance ID UUID is not supplied it will automatically be generated
  - adapted schema to make instance ID UUID optional
  - added test case
- parser and XML generator have been separated into their own
  functions so they can be re-used elsewhere (passthrough case
  for example)
- Adapted XML parser and generator support the above shown type
  (802.1Qbg, 802.1Qbh).
- Adapted schema to above XML
- Adapted test XML to above XML
- Passing through the VM's UUID which seems to be necessary for
  802.1Qbh -- sorry no host UUID
- adding virtual function ID to association function, in case it's
  necessary to use (for SR-IOV)

This patch introduces a dependency on libnl, which subsequent patches
will then use.

Changes from V1 to V2:
- added diffstats
- following changes in tree

Spurious / in a pool target path makes life difficult for apps using the
GetVolByPath, and doing other path based comparisons with pools. This
has caused a few issues for virt-manager users:

https://bugzilla.redhat.com/show_bug.cgi?id=494005
https://bugzilla.redhat.com/show_bug.cgi?id=593565

Add a new util API which removes spurious /, virFileSanitizePath. Sanitize
target paths when parsing pool XML, and for paths passed to GetVolByPath.

v2: Leading // must be preserved, properly sanitize path=/, sanitize
    away /./ -> /

v3: Properly handle starting ./ and ending /.

v4: Drop all '.' handling, just sanitize / for now.

Allow for a host UUID in the capabilities XML. Local drivers
will initialize this from the SMBIOS data. If a sanity check
shows SMBIOS uuid is invalid, allow an override from the
libvirtd.conf configuration file

* daemon/libvirtd.c, daemon/libvirtd.conf: Support a host_uuid
  configuration option
* docs/schemas/capability.rng: Add optional host uuid field
* src/conf/capabilities.c, src/conf/capabilities.h: Include
  host UUID in XML
* src/libvirt_private.syms: Export new uuid.h functions
* src/lxc/lxc_conf.c, src/qemu/qemu_driver.c,
  src/uml/uml_conf.c: Set host UUID in capabilities
* src/util/uuid.c, src/util/uuid.h: Support for host UUIDs
* src/node_device/node_device_udev.c: Use the host UUID functions
* tests/confdata/libvirtd.conf, tests/confdata/libvirtd.out: Add
  new host_uuid config option to test

The cgroups ACL code was only allowing the primary disk image.
It is possible to chain images together, so we need to search
for backing stores and add them to the ACL too. Since the ACL
only handles block devices, we ignore the EINVAL we get from
plain files. In addition it was missing code to teardown the
cgroup when hot-unplugging a disk

* src/qemu/qemu_driver.c: Allow backing stores in cgroup ACLs
  and add missing teardown code in unplug path

Basic live migration was broken by the commit that added
non-shared block support in two ways:

1)  It added a virCheckFlags() to doNativeMigrate().  Besides
the fact that typical usage of virCheckFlags() is in driver
entry points, and doNativeMigrate() is not an entry point,
it was missing important flags like VIR_MIGRATE_LIVE.  Move
the virCheckFlags to the top-level qemuDomainMigratePrepare2
and friends.

2)  It also added a memory leak in qemuMonitorTextMigrate()
by not freeing the memory used by virBufferContentAndReset().
This is fixed by storing the pointer in a temporary variable
and freeing it at the end.

With this patch in place, normal live migration works again.

v3: Instead of the churn for virCheckFlagsUI and UL, instead
always promote flags to an unsigned long and always use %lx
for the fprintf.
v2: Add back flags check, which required adding virCheckFlagsUI
and virCheckFlagsUL
Signed-off-by: NChris Lalancette <clalance@redhat.com>

Currently all host audio backends are disabled if a VM is using VNC, in
favor of the QEMU VNC audio extension. Unfortunately no released VNC
client supports this extension, so users have no way of getting audio
to work if using VNC.

Add a new config option in qemu.conf which allows changing libvirt's
behavior, but keep the default intact.

v2: Fix doc typos, change name to vnc_allow_host_audio

Signed-off-by: NAlex Williamson <alex.williamson@redhat.com>