Scan the parsed VMX file, and gather the biggest index of the network
interfaces there: this way, it is possible to parse all the available
network interfaces, instead of just 4 maximum.

Add the VMX file attached to RHBZ#1560917 as testcase esx-in-the-wild-8.

https://bugzilla.redhat.com/show_bug.cgi?id=1560917Signed-off-by: NPino Toscano <ptoscano@redhat.com>

Simple macro to check the prefix of a string in a case-insensitive way.
Signed-off-by: NPino Toscano <ptoscano@redhat.com>

Dynamically grow the array of network interfaces for each interface
read, instead of using a single array of size 4.  This way, in the
future it will be easier to not limit the number of network interfaces
(which this patch still does not change).
Signed-off-by: NPino Toscano <ptoscano@redhat.com>

When parsing filesystems, network interfaces, serial ports, and
parallel ports, check earlier whether they are present/enabled, delaying
the allocation of the objects.

This is mostly a small optimization, with no behaviour change.
Signed-off-by: NPino Toscano <ptoscano@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1560976

For historical reasons we've used 32 bytes long static buffer for
storing PTY aliases. This breaks users scenario where they try to
start a machine with user alias consisting of "ua-$uuid".
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

When removing a conditional in:

  commit da1ade7a
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Fri Mar 23 10:50:59 2018 +0000

    remote: remove some __sun conditionals

the corresponding comment was mistakenly left behind.
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Some of the indents were only 2 spaces, make consistent w/ 4 spaces.
Also some indents didn't align properly. Fix them all up.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>
Reviewed-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>

If someone set a user alias or pcihole64 on an implicit controller,
we need to format it to migrate the domain properly.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reported-by: NJoseph Richard <Joseph.Richard@windriver.com>

Do not crash in virDomainDeviceInfoParseXML if someone provides
an 'alias' element without a 'name' attribute.
Signed-off-by: NJán Tomko <jtomko@redhat.com>

QEMU on S390 (since v2.11) can support virtio input ccw devices.
So build the qemu command line for ccw devices.

Also add test cases for virtio-{keyboard, mouse, tablet}-ccw.
Signed-off-by: NFarhan Ali <alifm@linux.vnet.ibm.com>
Signed-off-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>

QEMU on S390 (since v2.11) can support virtio input ccw devices.
Introduce qemu capabilities for these devices.
Signed-off-by: NFarhan Ali <alifm@linux.vnet.ibm.com>
Signed-off-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>

S390 guests can only support a virtio-gpu-ccw device as a video
device. So set default video model type to VIR_DOMAIN_VIDEO_TYPE_VIRTIO
for S390 guests.
Signed-off-by: NFarhan Ali <alifm@linux.vnet.ibm.com>

QEMU on S390 (since v2.11) can support the virtio-gpu-ccw device,
which can be used as a video device.
Signed-off-by: NFarhan Ali <alifm@linux.vnet.ibm.com>

QEMU on S390 (since v2.11) can support virtio-gpu-ccw device.
Let's introduce a new qemu capability for the device.
Signed-off-by: NFarhan Ali <alifm@linux.vnet.ibm.com>
Signed-off-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>

In previous releases all these methods were a no-op if the network
driver is disabled. These helper methods are called unconditionally for
all types of network interface, so must be no-ops if missing. Other code
will already generate an error if the network driver is disabled and a
NIC with type=network is used.
Reviewed-by: NLaine Stump <laine@laine.org>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The libvirtd daemon has some arbitrary logic to drop privileges, but
only on Solaris platforms. This was added during Xen days, when Xen was
the only driver running in libvirtd. There's no expectation or testing
that this works with the new libxl stack, nor whether dropping
privileges breaks any of the secondary drivers. Finally, we'll be
splitting drivers out into their own independant daemons, so this won't
be applicable to libvirtd in future anyway.

The remote driver client meanwhile arbitrarily disables daemon
auto-spawn when connecting as non-root, breaking a key feature of
libvirt unprivileged connections.

Since we've not had any contributions for Solaris since circa 2012
and we don't do any CI testing we should consider this platform
unmaintained and thus reasonable to remove this cruft. If someone steps
forward to maintain Solaris again, this code would need re-evaluating to
come up with something more targetted.

There's various __sun conditionals in the Xen driver code, but those are
not touched. This is all for the legacy Xen driver, which will be
entirely removed at some point in future, so not benefit to hacking out
just the Solaris parts.
Reviewed-by: NAndrea Bolognani <abologna@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1558317

Similarly to b133fac3 we need to look up alias of CCID
controller when constructing smartcard command line instead of
relying on broken assumption it will always be 'ccid0'. After
user aliases it can be anything.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NAndrea Bolognani <abologna@redhat.com>

Starting with commit id 'fab9d6e1' the formatting of:

{ "command-name", QEMU_CAPS_NAME },

was altered to:

{ "command-name", QEMU_CAPS_NAME},

and then commit id 'e2b05c9a' altered that to:

{ "command-name", QEMU_CAPS_NAME}

So, let's just fix that up to make things consistent with the
rest of the structures.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

There is no such function in our code. Commit abca72fa added it
spuriously.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>

virQEMUQAPISchemaTraverse would return previous-to-last queried item on
a query. It would not be a problem if checking if the given path exists
since error reporting works properly but if the caller is interested in
the result, it would be wrong.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>

Signed-off-by: NPeter Krempa <pkrempa@redhat.com>

The JSON array was processed to the hash table used by the query apis in
the monitor code. Move it to a new helper in qemu_qapi.c.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>

Change the prefix of the functions to 'virQEMUQapi' and rename the two
public APIs so that the verb is put last.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>

Extract the code into qemu_qapi.c/h so that we separate it from various
parts of the code.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>

Most other buffer APIs tolerate the buffer being NULL.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>

The code that calls VIR_WARN after a function fails, doesn't
report the error message raised by the failing function.
Such error messages are now reported in lxc/lxc_driver.c
Signed-off-by: NPrafullkumar Tale <talep158@gmail.com>

Most of the augeas test files use ::CONFIG:: to pull in the master
config file for testing. This ensures that entries added to the config
file are actually tested by augeas.

This identified the missing admin_max_clients example in the virtlogd
config file, which in turn prompted a change in description of the
max_clients parameter, since these daemons don't have separate
readonly & readwrite sockets.
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The global log buffer feature was deleted in:

  commit c0c8c1d7
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Mon Mar 3 14:54:33 2014 +0000

    Remove global log buffer feature entirely

    A earlier commit changed the global log buffer so that it only
    records messages that are explicitly requested via the log
    filters setting. This removes the performance burden, and
    improves the signal/noise ratio for messages in the global
    buffer. At the same time though, it is somewhat pointless, since
    all the recorded log messages are already going to be sent to an
    explicit log output like syslog, stderr or the journal. The
    global log buffer is thus just duplicating this data on stderr
    upon crash.

    The log_buffer_size config parameter is left in the augeas
    lens to prevent breakage for users on upgrade. It is however
    completely ignored hereafter.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

This was in the 1.2.3 release, and 4 years is sufficient time for a
graceful upgrade path for augeas, so all remaining traces are now
removed.
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Adding this for completeness
Signed-off-by: NKaterina Koukiou <kkoukiou@redhat.com>

nvdimm memory is backed by a path on the host. This currently works only via
hotplug where the AppArmor label is created via the domain label callbacks.

This adds the virt-aa-helper support for nvdimm memory devices to generate
rules for the needed paths from the initial guest definition as well.

Example in domain xml:
  <memory model='nvdimm'>
    <source>
      <path>/tmp/nvdimm-base</path>
    </source>
    <target>
     <size unit='KiB'>524288</size>
     <node>0</node>
    </target>
  </memory>
Works to start now and creates:
  "/tmp/nvdimm-base" rw,

Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1757085Acked-by: NJamie Strandboge <jamie@canonical.com>
Signed-off-by: NChristian Ehrhardt <christian.ehrhardt@canonical.com>

Input devices can passthrough an event device. This currently works only via
hotplug where the AppArmor label is created via the domain label callbacks.

This adds the virt-aa-helper support for passthrough input devices to generate
rules for the needed paths from the initial guest definition as well.

Example in domain xml:
  <input type='passthrough' bus='virtio'>
          <source evdev='/dev/input/event0' />
  </input>
Works to start now and creates:
  "/dev/input/event0" rw,

Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1757085Acked-by: NJamie Strandboge <jamie@canonical.com>
Signed-off-by: NChristian Ehrhardt <christian.ehrhardt@canonical.com>

d8116b5a "security: Introduce functions for input device hot(un)plug"
implemented the code (Set|Restore)InputLabel for several security modules,
this patch adds an AppArmor implementation for it as well.

That fixes hot-plugging event input devices by generating a rule for the
path that needs to be accessed.

Example hot adding:
  <input type='passthrough' bus='virtio'>
     <source evdev='/dev/input/event0' />
  </input>
Creates now:
  "/dev/input/event0" rwk,

Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1755153Acked-by: NJamie Strandboge <jamie@canonical.com>
Signed-off-by: NChristian Ehrhardt <christian.ehrhardt@canonical.com>

Recent changes have made implementing this mandatory to hot add any
memory.
Implementing this in apparmor fixes this as well as allows hot-add of nvdimm
tpye memory with an nvdimmPath set generating a AppArmor rule for that
path.

Example hot adding:
  <memory model='nvdimm'>
    <source>
      <path>/tmp/nvdimm-test</path>
    </source>
    <target>
      <size unit='KiB'>524288</size>
      <node>0</node>
    </target>
  </memory>
Creates now:
  "/tmp/nvdimm-test" rwk,

Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1755153Acked-by: NJamie Strandboge <jamie@canonical.com>
Signed-off-by: NChristian Ehrhardt <christian.ehrhardt@canonical.com>

The set of arguments was changed a long time ago (040d9963
which dates back to July 2013)  but the corresponding
documentation was not updated.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NLaine Stump <laine@laine.org>

The flags passed to virCommandPassFD() are unnamed and
documentation to this function doesn't list them either.
Give them name and mention it in documentation to functions
using them.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NLaine Stump <laine@laine.org>

Long ago in commit dfa1e1dd the scheduler weight was accidentally
hardcoded to 1000. Weight is a setting with no unit since it is
relative to the weight of other domains. If no weight is specified,
libxl defaults to 256.

Instead of hardcoding the weight to 1000, honor any <shares> specified
in <cputune>. libvirt's notion of shares is synonomous to libxl's
scheduler weight setting. If shares is unspecified, defer default
weight setting to libxl.

Removing the hardcoded weight required some test fixup. While at it,
add an explicit test for <shares> conversion to scheduler weight.
Signed-off-by: NJim Fehlig <jfehlig@suse.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

Inspired by commit ffb7954f to improve readability of the libxl
migration APIs.
Signed-off-by: NJim Fehlig <jfehlig@suse.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

Signed-off-by: NJim Fehlig <jfehlig@suse.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

In libxlDomainMigrationPrepare it is possible to dereference a NULL
libxlDomainObjPrivatePtr in early error paths. Check for a valid
'priv' before using it.
Signed-off-by: NJim Fehlig <jfehlig@suse.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

Similar to other uses of virDomainObjListAdd, on success add a ref to the
virDomainObj so that virDomainObjEndAPI can be called as usual.
Signed-off-by: NJim Fehlig <jfehlig@suse.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>