This is a variant of EPYC with indirect branch prediction protection.
The only difference between EPYC and EPYC-IBPB is the added "ibpb"
feature.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

This is a variant of Skylake-Server with indirect branch prediction
protection. The only difference between Skylake-Server and
Skylake-Server-IBRS is the added "spec-ctrl" feature.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

This is a variant of Skylake-Client with indirect branch prediction
protection. The only difference between Skylake-Client and
Skylake-Client-IBRS is the added "spec-ctrl" feature.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

This is a variant of Broadwell with indirect branch prediction
protection. The only difference between Broadwell and Broadwell-IBRS is
the added "spec-ctrl" feature.

The Broadwell-IBRS model in QEMU is a bit different since Broadwell got
several additional features since we added it in cpu_map.xml:
    abm, arat, f16c, rdrand, vme, xsaveopt

Adding them only to the -IBRS variant would confuse our CPU detection
code.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

This is a variant of Haswell-noTSX with indirect branch prediction
protection. The only difference between Haswell-noTSX and
Haswell-noTSX-IBRS is the added "spec-ctrl" feature.

The Haswell-noTSX-IBRS model in QEMU is a bit different since
Haswell-noTSX got several additional features since we added it in
cpu_map.xml:
    arat, abm, f16c, rdrand, vme, xsaveopt

Adding them only to the -IBRS variant would confuse our CPU detection
code.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

The CPU contains the updated microcode for CVE-2017-5715.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

The CPU contains the updated microcode for CVE-2017-5715.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

The CPU contains the updated microcode for CVE-2017-5715.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

The CPU contains the updated microcode for CVE-2017-5715.

The *-guest.xml and *-json.xml CPU definitions use Skylake-Client CPU
model rather than Broadwell. This is similar to Xeon-E5-2650-v4 and it
is caused by our CPU model selection code when no model matches the CPU
signature (family + model). We'd need to maintain a complete list of CPU
signatures for our CPU models to fix this.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

The CPU contains the updated microcode for CVE-2017-5715.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

Let's add a test case for S390 with CPU frequency information available.
Test data is sampled from an IBM z13 system running kernel 4.14 on LPAR.
Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Signed-off-by: NBjoern Walk <bwalk@linux.vnet.ibm.com>

distcheck, and possibly more stuff, breaks because of it.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>

Let's add a testcase for a S390 system running kernel version 4.14 on
LPAR.
Reviewed-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Signed-off-by: NBjoern Walk <bwalk@linux.vnet.ibm.com>

The cpuidMap in cpu-cpuid.py was created for converting old data files
(with QEMU's feature-words bits) to the new model-expansion based data.
When I added tests for CPU live update based on disabled/enabled feature
lists I shamelessly used the existing cpuidMap for generating the
*-{enabled,disabled}.xml data files. Thus any new CPUID bits which are
not present in the original cpuidMap would be ignored. The correct thing
to do is to use cpu_map.xml.

All data files were fixed by running the following command:

    ./cpu-cpuid.py diff *.json
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>

Some ARM platforms, such as the original Raspberry Pi, report the
CPU frequency in the BogoMIPS field of /proc/cpuinfo, so libvirt
parsed that field and returned it through its API.

However, not only many more boards don't report any value there,
but several - including ARMv8-based server hardware, and even the
more recent Raspberry Pi 3 - use this field as originally intended:
to report the BogoMIPS value instead of the CPU frequency.

Since we have no way of detecting how the field is being used,
it's better to report no information at all rather than something
ludicrous like "your shiny 96-core aarch64 virtualization host's
CPUs are running at a whopping 100 MHz".

Partially-resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1206353Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

Make the parser both more strict, by not ignoring errors reported
by virStrToLong_ui(), and more permissive, by not failing due to
unrelated fields which just happen to have a know prefix and
accepting any amount of whitespace before the numeric value.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NBjoern Walk <bwalk@linux.vnet.ibm.com>

Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

When the -machine pseries,max-cpu-compat=X is supported use
machine parameter instead of -cpu host,compat=X parameter as
that is deprecated now with qemu >= v2.10.

Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1519146Signed-off-by: NShivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
Reviewed-by: NAndrea Bolognani <abologna@redhat.com>

Signed-off-by: NShivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
Reviewed-by: NAndrea Bolognani <abologna@redhat.com>

A microcode update can cause the CPUID bits to change; an example
from the past was the update that disabled TSX on several Haswell
and Broadwell machines.

Therefore, place microcode version in the virQEMUCaps struct and
XML, and rebuild the cache if the versions do not match.
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>

In virDomainDefMaybeAddHostdevSCSIcontroller when we add a new
controller because someone neglected to add one or we're adding
one because the existing one is full, we should copy over the
model number from the existing controller since whatever we
create should at least have the same characteristics as the one
we cannot use because it's full.

NB: This affects the existing hostdev-scsi-autogen-address test
which would add a default ('lsi') SCSI controller for the various
scsi_host's that would create a controller for the hostdev.

Enable testing for 'auth_pending' in the virnetdaemon test case.
Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

There is a race between virNetServerProcessClients (main thread) and
remoteDispatchAuthList/remoteDispatchAuthPolkit/remoteSASLFinish (worker
thread) that can lead to decrementing srv->nclients_unauth when it's
zero. Since virNetServerCheckLimits relies on the value
srv->nclients_unauth the underrun causes libvirtd to stop accepting
new connections forever.

Example race scenario (assuming libvirtd is using policykit and the
client is privileged):
  1. The client calls the RPC remoteDispatchAuthList =>
     remoteDispatchAuthList is executed on a worker thread (Thread
     T1). We're assuming now the execution stops for some time before
     the line 'virNetServerClientSetAuth(client, 0)'
  2. The client closes the connection irregularly. This causes the
     event loop to wake up and virNetServerProcessClient to be
     called (on the main thread T0). During the
     virNetServerProcessClients the srv lock is hold. The condition
     virNetServerClientNeedAuth(client) will be checked and as the
     authentication is not finished right now
     virNetServerTrackCompletedAuthLocked(srv) will be called =>
     --srv->nclients_unauth => 0
  3. The Thread T1 continues, marks the client as authenticated, and
     calls virNetServerTrackCompletedAuthLocked(srv) =>
     --srv->nclients_unauth => --0 => wrap around as nclient_unauth is
     unsigned
  4. virNetServerCheckLimits(srv) will disable the services forever

To fix it, add an auth_pending field to the client struct so that it
is now possible to determine if the authentication process has already
been handled for this client.

Setting the authentication method to none for the client in
virNetServerProcessClients is not a proper way to indicate that the
counter has been decremented, as this would imply that the client is
authenticated.

Additionally, adjust the existing test cases for this new field.
Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>

Direct leak of 104 byte(s) in 1 object(s) allocated from:
    #0 0x7f904bfbe12b  (/lib64/liblsan.so.0+0xe12b)
    #1 0x7f904ba0ad67 in virAlloc ../../src/util/viralloc.c:144
    #2 0x7f904bbc11a4 in virNetMessageNew ../../src/rpc/virnetmessage.c:42
    #3 0x7f904bbb8e77 in virNetServerClientNewInternal ../../src/rpc/virnetserverclient.c:392
    #4 0x7f904bbb9921 in virNetServerClientNew ../../src/rpc/virnetserverclient.c:440
    #5 0x402ce5 in testIdentity ../../tests/virnetserverclienttest.c:55
    #6 0x403bed in virTestRun ../../tests/testutils.c:180
    #7 0x402c1e in mymain ../../tests/virnetserverclienttest.c:146
    #8 0x404c80 in virTestMain ../../tests/testutils.c:1119
    #9 0x4030d5 in main ../../tests/virnetserverclienttest.c:152
    #10 0x7f9047f7f889 in __libc_start_main (/lib64/libc.so.6+0x20889)

Indirect leak of 4 byte(s) in 1 object(s) allocated from:
    #0 0x7f904bfbe12b  (/lib64/liblsan.so.0+0xe12b)
    #1 0x7f904ba0adc7 in virAllocN ../../src/util/viralloc.c:191
    #2 0x7f904bbb8ec7 in virNetServerClientNewInternal ../../src/rpc/virnetserverclient.c:395
    #3 0x7f904bbb9921 in virNetServerClientNew ../../src/rpc/virnetserverclient.c:440
    #4 0x402ce5 in testIdentity ../../tests/virnetserverclienttest.c:55
    #5 0x403bed in virTestRun ../../tests/testutils.c:180
    #6 0x402c1e in mymain ../../tests/virnetserverclienttest.c:146
    #7 0x404c80 in virTestMain ../../tests/testutils.c:1119
    #8 0x4030d5 in main ../../tests/virnetserverclienttest.c:152
    #9 0x7f9047f7f889 in __libc_start_main (/lib64/libc.so.6+0x20889)

SUMMARY: LeakSanitizer: 108 byte(s) leaked in 2 allocation(s).
Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

We don't try to right align the backslashes anymore.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1448149

If a domain has no numa nodes, that means we don't put any
memory-backend-file onto the qemu command line. That in turn
means we can't set access='shared'. Therefore, we should produce
an error instead of ignoring the setting silently.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

Add a function to filter a string based on a list of valid characters.

QEMU 2.7 and newer don't allow guests to start unless the initial
vCPUs count is a multiple of the vCPU hotplug granularity, so
validate it and report an error if needed.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1283700Signed-off-by: NAndrea Bolognani <abologna@redhat.com>

VM drivers may need to store additional private data to the status XML
so that it can be restored after libvirtd restart. Since not everything
is needed add a callback infrastructure, where VM drivers can add only
stuff they need.

Note that the private data is formatted as a <privateData> sub-element
of the <disk> or <backingStore> <source> sub-element. This is done since
storing it out of band (in the VM private data) would require a complex
matching process to allow to put the data into correct place.

Commit id '70249927' neglected to cover this case because the test
had taken the "shortcut" to already add the <address>; however, when
the PCI address assignment code was adjusted by commit id '70249927'
the vhost-scsi (VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_SCSI_HOST) wasn't
covered thus returning a 0 for pciFlags. So I altered the tests too
to make sure it doesn't happen again.

Previously the qemuxml2xmloutdata was a softlink to the source
qemuxml2argvdata, so I unlinked and recreated the output file to
force generation of the adddress. Without the test changes, an
address generation returns:

    libvirt: Domain Config error : internal error: Cannot automatically
    add a new PCI bus for a device with connect flags 00

if an address was supplied in the test, a restart of libvirtd or
edit of a guest would display the following opaque message:

    warning : qemuDomainCollectPCIAddress:1237 :
    qemuDomainDeviceCalculatePCIConnectFlags() thinks that the device
     with PCI address 0000:00:09.0 should not have a PCI address

where the address is related to the guest PCI address provided.

Reviewed-by: NAndrea Bolognani <abologna@redhat.com>
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

==25251== 5 bytes in 1 blocks are definitely lost in loss record 7 of 81
==25251==    at 0x4C2BEDF: malloc (vg_replace_malloc.c:299)
==25251==    by 0x967E379: strdup (in /lib64/libc-2.25.so)
==25251==    by 0x5366F9F: virStrdup (virstring.c:941)
==25251==    by 0x538BF1D: virDomainCapsNew (domain_capabilities.c:121)
==25251==    by 0x10EACE: test_virDomainCapsFormat (domaincapstest.c:295)
==25251==    by 0x10FBD2: virTestRun (testutils.c:180)
==25251==    by 0x10F192: mymain (domaincapstest.c:457)
==25251==    by 0x111C7F: virTestMain (testutils.c:1119)
==25251==    by 0x10FA3C: main (domaincapstest.c:528)
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>

Test conversion of multiple IP addresses to/from xl format and
domXML. Also test libxl_domain_config generator handling of
multiple IP addresses.
Reviewed-by: NJim Fehlig <jfehlig@suse.com>

Various example XML documents for arp/rarp filtering have a protocolid
XML attribute defined. This is never parsed or output by the libvirt XML
handling code, so shouldn't be present in example XML files either
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>

Adding an IDE controller for a machinetype that has no built-in IDE
controller, libvirt will log an error. Currently the machinetype list
which returns by qemuDomainMachineHasBuiltinIDE only includes 440fx,
malta, sun4u and g3beige.
Signed-off-by: NLin Ma <lma@suse.com>
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

Adding an IDE controller for a machinetype that has no built-in IDE
controller, libvirt will log an error. Currently the machinetype list
which returns by qemuDomainMachineHasBuiltinIDE only includes 440fx,
malta, sun4u and g3beige.

Remove the disk and the .args file since the expectation is the test
will fail in qemuxml2argvtest because floppy is not supported on pseries
and thus no disk is necessary and no .args file would be created to
compare against.
Signed-off-by: NLin Ma <lma@suse.com>
Signed-off-by: NJohn Ferlan <jferlan@redhat.com>

There's no reason for the files to have generic- prefix
since they all live under genericxml2xmlindata and
genericxml2xmloutdata directories.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

There's no reason for the files to have qemuxml2xmlout- prefix
since they all live under qemuxml2xmloutdata directory.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

There's no reason for the files to have qemuargv2xml- prefix
since they all live under qemuargv2xmldata directory.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>

There's no reason for the files to have qemuagent- prefix
since they all live under qemuagentdata directory.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>