This an ubuntu/debian packaging convention. At one point it may have
been an actually different binary, but at least as of ubuntu precise
(the oldest supported ubuntu distro, released april 2012) kvm-img is
just a symlink to qemu-img for back compat.

I think it's safe to drop support for it

It already labels abritrary paths, so it's just the naming that was
wrong.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

When creating the master key, we used mode 0600 (which we should) but
because we were creating it as root, the file is not readable by any
qemu running as non-root.  Fortunately, it's just a matter of labelling
the file.  We are generating the file path few times already, so let's
label it in the same function that has access to the path already.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

This is backed by the qemu device pxb-pcie, which will be available in
qemu 2.6.0.

As with pci-expander-bus (which uses qemu's pxb device), the busNr
attribute and <node> subelement of <target> are used to set the bus_nr
and numa_node options.

During post-parse we validate that the domain's machinetype is
q35-based (since the device shows up for 440fx-based machinetypes, but
is unusable), as well as checking that <node> specifies a node that is
actually configured on the guest.

This is backed by the qemu device "pxb".

The pxb device always includes a pci-bridge that is at the bus number
of the pxb + 1.

busNr and <node> from the <target> subelement are used to set the
bus_nr and numa_node options for pxb.

During post-parse we validate that the domain's machinetype is
440fx-based (since the pxb device only works on 440fx-based machines),
and <node> also gets a sanity check to assure that the NUMA node
specified for the pxb (if any - it's optional) actually exists on the
guest.

No need to keep two separate conditions. A slight juggling of return
values is needed to accomodate virDomainObjWaitUntil.

Move including of gnutls/gnutls.h in qemu/qemu_domain.c under the
"ifdef WITH_GNUTLS" check because otherwise it fails like this:

  CC       qemu/libvirt_driver_qemu_impl_la-qemu_domain.lo
qemu/qemu_domain.c:50:10: fatal error: 'gnutls/gnutls.h' file not found

in case if gnutls is not installed on the system.

Some places already check for "virt-" prefix as well as plain "virt".
virQEMUCapsHasPCIMultiBus did not, resulting in multiple PCI devices
having assigned the same unnumbered "pci" alias.

Add a test for the "virt-2.6" machine type which also omits the
<model type='virtio'/> in <interface>, to check if
qemuDomainDefaultNetModel works too.

https://bugzilla.redhat.com/show_bug.cgi?id=1325085

Our use of gnutls_rnd(), introduced with commit ad7520e8, is
conditional to the availability of the <gnutls/crypto.h> header
file.

Such check, however, turns out not to be strict enough, as there
are some versions of GnuTLS (eg. 2.8.5 from CentOS 6) that provide
the header file, but not the function itself, which was introduced
only in GnuTLS 2.12.0.

Introduce an explicit check for the function.

Add a masterKey and masterKeyLen to _qemuDomainObjPrivate to store a
random domain master key and its length in order to support the ability
to encrypt/decrypt sensitive data shared between libvirt and qemu. The
key will be base64 encoded and written to a file to be used by the
command line building code to share with qemu.

New API's from this patch:

  qemuDomainGetMasterKeyFilePath:
    Return a path to where the key is located

  qemuDomainWriteMasterKeyFile: (private)
    Open (create/trunc) the masterKey path and write the masterKey

  qemuDomainMasterKeyReadFile:
    Using the master key path, open/read the file, and store the
    masterKey and masterKeyLen. Expected use only from qemuProcessReconnect

  qemuDomainGenerateRandomKey: (private)
    Generate a random key using available algorithms

    The key is generated either from the gnutls_rnd function if it
    exists or a less cryptographically strong mechanism using
    virGenerateRandomBytes

   qemuDomainMasterKeyRemove:
    Remove traces of the master key, remove the *KeyFilePath

  qemuDomainMasterKeyCreate:
    Generate the domain master key and save the key in the location
    returned by qemuDomainGetMasterKeyFilePath.

    This API will first ensure the QEMU_CAPS_OBJECT_SECRET is set
    in the capabilities. If not, then there's no need to generate
    the secret or file.

The creation of the key will be attempted from qemuProcessPrepareHost
once the libDir directory structure exists.

The removal of the key will handled from qemuProcessStop just prior
to deleting the libDir tree.

Since the key will not be written out to the domain object XML file,
the qemuProcessReconnect will read the saved file and restore the
masterKey and masterKeyLen.

The paths have the domain ID in them.  Without cleaning them, they would
contain the same ID even after multiple restarts.  That could cause
various problems, e.g. with access.

Add function qemuDomainClearPrivatePaths() for this as a counterpart of
qemuDomainSetPrivatePaths().
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Since commit 9dca74ee, the function can take driver and a vm, no
need to overcomplicate.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Move the function to qemu_domain.c and export them for further use.

The function has terrible semantics. Split it into two functions.

The postParse callback is the correct place to generate default values
that should be present in offline XML.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>

Signed-off-by: NCristian Klein <cristiklein@gmail.com>
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

If use of virtlogd is enabled, then use it for backing the
character device log files too. This avoids the possibility
of a guest denial of service by writing too much data to
the log file.

Allow pinning for inactive vcpus. The pinning mask will be automatically
applied as we would apply the default mask in case of a cpu hotplug.

Setting the scheduler settings for a vcpu has the same semantics.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1306556

Introduce a helper to check supported device and domain config and move
the memory hotplug checks to it.

The advantage of this approach is that by default all new features are
considered unsupported by all hypervisors unless specifically changed
rather than the previous approach where every hypervisor would need to
declare that a given feature is unsupported.

Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

Per-domain directories were introduced in order to be able to
completely separate security labels for each domain (commit
f1f68ca3).  However when the domain
name is long (let's say a ridiculous 110 characters), we cannot
connect to the monitor socket because on length of UNIX socket address
is limited.  In order to get around this, let's shorten it in similar
fashion and in order to avoid conflicts, throw in an ID there as well.
Also save that into the status XML and load the old status XMLs
properly (to clean up after older domains).  That way we can change it
in the future.

The shortening can be seen in qemuxml2argv tests, for example in the
hugepages-pages2 case.
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>

Commit f1a89a8b allowed parsing configs from /etc/libvirt
without validating the emulator capabilities.

Check for the presence of a machine type in the qemu driver's
post parse function instead of crashing.

https://bugzilla.redhat.com/show_bug.cgi?id=1267256

GIC v2 is the default, but checking against that specific version when
we want to know whether the default has been selected is potentially
error prone; using an alias instead makes it safer.

Ending a nested job is no different from ending any other (non-async)
job, after all the code in qemuDomainBeginJobInternal does not handle
them differently either. Thus we should call qemuDomainObjEndJob to stop
nested jobs.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

Our existing virHashForEach method iterates through all items disregarding the
fact, that some of the iterators might have actually failed. Errors are usually
dispatched through an error element in opaque data which then causes the
original caller of virHashForEach to return -1. In that case, virHashForEach
could return as soon as one of the iterators fail. This patch changes the
iterator return type and adjusts all of its instances accordingly, so the
actual refactor of virHashForEach method can be dealt with later.
Signed-off-by: NErik Skultety <eskultet@redhat.com>

Move function into qemu_domain.c.

Move qemuDomainSupportsNicdev and qemuDomainSupportsNetdev into qemu_domain.c
and expose from there.
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

GIC is always available to ARM virt machines, and the domain XML should
reflect this fact.

When a domain is configured to use GIC but no version has been
specified by the user, default to GIC v2.

Extract out the qemuParseCommandLine{String|Pid} into their own
separate module - taking with it all the various static functions.

Causes a ripple effect with a few other modules to include the
new qemu_parse_command.h.

Narrowed down the list of #include's in the split out module to
those that are necessary for build.

Some callers will need to behave differently when the detection failed
and when the VM crashed during the redetection. Return -2 if it crashed.

The virDomainSnapshotDefFormat calls into virDomainDefFormat,
so should be providing a non-NULL virCapsPtr instance. On the
qemu driver we change qemuDomainSnapshotWriteMetadata to also
include caps since it calls virDomainSnapshotDefFormat.
Signed-off-by: NJoao Martins <joao.m.martins@oracle.com>

The virDomainObjFormat and virDomainSaveStatus methods
both call into virDomainDefFormat, so should be providing
a non-NULL virCapsPtr instance.
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

And use the newly added caps->host.netprefix (if it exists) for
interface names that match the autogenerated target names.
Signed-off-by: NJoao Martins <joao.m.martins@oracle.com>

Free the old vcpupids array in case when this function is called again
during the run of the VM. It will be later reused in the vCPU hotplug
code. The function now returns the number of detected VCPUs.

Future patches will tweak and reuse the function in different places so
move it separately first.

The current code was a little bit odd.  At first we've removed all
possible implicit input devices from domain definition to add them later
back if there was any graphics device defined while parsing XML
description.  That's not all, while formating domain definition to XML
description we at first ignore any input devices with bus different to
USB and VIRTIO and few lines later we add implicit input devices to XML.

This seems to me as a lot of code for nothing.  This patch may look
to be more complicated than original approach, but this is a preferred
way to modify/add driver specific stuff only in those drivers and not
deal with them in common parsing/formating functions.

The update is to add those implicit input devices into config XML to
follow the real HW configuration visible by guest OS.

There was also inconsistence between our behavior and QEMU's in the way,
that in QEMU there is no way how to disable those implicit input devices
for x86 architecture and they are available always, even without graphics
device.  This applies also to XEN hypervisor.  VZ driver already does its
part by putting correct implicit devices into live XML.
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>