During the hypervisor-agnostic validation of network devices, verify
that the interface type is either "network" or "bridge", and that if
there is any <virtualport>, that it doesn't have any type associated
with it.

This needs to be done both for the parse-time validation and for
runtime validation (after a port has been acquired from any associated
network), because an interface with type='network' could have an
actual type at runtime of "hostdev" or "direct", neither of which
support isolated='true' (yet). Likewise, if an interface is
type='network', then at runtime a <virtualport> with a type that
doesn't support isolated='yes' (e.g. "openvswitch", "802.1Qbh" -
currently *none* of the available virtualport types support it)
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

This patch pushes the isolatedPort setting from the <interface> down
all the way to the callers of virNetDevBridgeAddPort(), and sets
BR_ISOLATED on the port (using virNetDevBridgePortSetIsolated()) after
the port has been successfully added to the bridge.
Signed-off-by: NLaine Stump <laine@redhat.com>
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Similar to the way that the <vlan>, <bandwidth>, and <virtualport>
elements and the trustGuestRxFilters attribute in a <network> (or in
the appropriate <portgroup> element of a <network> can be applied to a
port when it is allocated for a domain's network interface, this patch
checks for a configured value of <port isolated="yes|no"/> in
either the domain <interface> or in the network, setting isolatedPort
in the <networkport> to the first one it finds (the setting from the
domain's <interface> is preferred). This, in turn, is passed back to
the domain when a port is allocated, so that the domain will use that
setting.

(One difference from <vlan>, <bandwidth>, <virtualport>, and
trustGuestRxFilters, is that all of those can be set in a <portgroup>
so that they can be applied only to a subset of interfaces connected
to the network. This didn't really make sense for the isolated setting
due to the way that it's implemented in Linux - the BR_ISOLATED flag
will prevent traffic from passing between two ports that both have
BR_ISOLATED set, but traffic can still go between those ports and
other ports that *don't* have BR_ISOLATED. (It would be nice if all
traffic from a BR_ISOLATED port could be blocked except traffic going
to/from a designated egress port or ports, but instead the entire
feature is implemented as a single flag. Because of this, it's really
only useful if all the ports on a network are isolated, so setting it
for a subset has no practical utility.)
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

This is a very simple thing to parse and format, but needs to be done
in 4 places, so two trivial utility functions have been made that can
be called from all the higher level parser/formatters:

  <domain><interface>
  <domain><interface><actual> (only in domain status)
  <network>
  <networkport>
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Implement parsing and formatting of the 'storage' slice.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

This new timer model will be used to control the behavior of the
virtual timer for KVM ARM/virt guests.
Signed-off-by: NAndrea Bolognani <abologna@redhat.com>
Reviewed-by: NMasayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Now that we accept full backing chains on input nothing should prevent
users from also using disk type 'VOLUME' for specifying the backing
images.

Do the translation for the whole backing chain.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Extract all the code setting up one storage source from the rest which
sets up the whole disk. This will allow us to prepare the whole backing
chain.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Only 'def->src' was ever used in this function. Use the source directly.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Only 'def->src' was ever used in this function. Use the source directly.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Only 'def->src' was ever used in this function. Use the source directly.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Use virStringSplitCount instead of virStringSplit so that we can drop
the call to virStringListLength and use VIR_AUTOSTRINGLIST to declare
it and allow removal of the cleanup section.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

This patch adds support for the tpm-spapr device model for ppc64. The XML for
this type of TPM looks as follows:

 <tpm model='tpm-spapr'>
   <backend type='emulator'/>
 </tpm>

Extend the documentation.
Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NJán Tomko <jtomko@redhat.com>

Introduce VIR_DOMAIN_TPM_MODEL_DEFAULT as a default model which we use
in case the user does not provide a model in the device XML. It has
the TIS's previous value of '0'. In the post parsing function
we change this default value to 'TIS' to have the same model as before.
Signed-off-by: NStefan Berger <stefanb@linux.ibm.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NJán Tomko <jtomko@redhat.com>

Technically, there is no memleak here, since the only
allocations are filled by virDomainDeviceInfoParseXML,
which cleans up after itself.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

Simple g_autofree is not enough if we put allocated
data into the device structure.

Define the AUTOPTR_CLEANUP function and use it here.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reported-by: NXu Yandong <xuyandong2@huawei.com>
Reviewed-by: NPeter Krempa <pkrempa@redhat.com>

Always trim the full specified suffix.

All of the callers outside of tests were passing either
strlen or the actual length of the string.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NPeter Krempa <pkrempa@redhat.com>

Also add a space after the start in some of the cases.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NPeter Krempa <pkrempa@redhat.com>

The subelement <teaming> of <interface> devices is used to configure a
simple teaming association between two interfaces in a domain. Example:

  <interface type='bridge'>
    <source bridge='br0'/>
    <model type='virtio'/>
    <mac address='00:11:22:33:44:55'/>
    <alias name='ua-backup0'/>
    <teaming type='persistent'/>
  </interface>
  <interface type='hostdev'>
    <source>
      <address type='pci' bus='0x02' slot='0x10' function='0x4'/>
    </source>
    <mac address='00:11:22:33:44:55'/>
    <teaming type='transient' persistent='ua-backup0'/>
  </interface>

The interface with <teaming type='persistent'/> is assumed to always
be present, while the interface with type='transient' may be be
unplugged and later re-plugged; the persistent='blah' attribute (and
in the one currently available implementation, also the matching MAC
addresses) is what associates the two devices with each other. It is
up to the hypervisor and the guest network drivers to determine what
to do with this information.
Signed-off-by: NLaine Stump <laine@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

Currently it is possible to start a domain which have disks
in same iotune group and at the same time having different iotune
params. Both params set are passed to qemu in command line and the one
that is passed later down command line is get actually set.
Let's prohibit such configurations.
Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

Currently, if only iotune group name is given for some disk and
no any params then later start of domain will fail. I guess it
will be convenient to allow such configuration if there is
another disk in the same iotune group with iotune params set. The
meaning is that the first disk have same iotunes and the latter.
Thus one can easily add a disk to iotune group - just add group
name parameter and no need to copy all the params.

Also let's expand iotunes params in the described case so we don't
need to refer to another disk to know iotunes and this will make
logic in many places simple.
Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

And introduce virDomainBlockIoTuneInfoHasAny.
Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

It is used by the user-alias handling code.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NPeter Krempa <pkrempa@redhat.com>

Some *ParseXML functions have comments stating what kind of device
they parse with an outdated list of parameters, with the exception
of virDomainFSDefParseXML which claims to parse a disk.

Remove them, assuming the function names are descriptive enough.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NPeter Krempa <pkrempa@redhat.com>

Use the virXMLFormatElement helper to format the driver element
to simplify adding further sub-elements.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NPeter Krempa <pkrempa@redhat.com>

The 'builtin' rng backend model can be used as following:
  <rng model='virtio'>
    <backend model='builtin'/>
  </rng>
Signed-off-by: NHan Han <hhan@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

QEMU driver has two functions: qemuGetDHCPInterfaces() and
qemuARPGetInterfaces() that are being used inside only one single
function. They can be turned into generic functions that other drivers
can use. This commit move both from QEMU driver tree to domain conf
tree.
Signed-off-by: NJulio Faracco <jcfaracco@gmail.com>
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

gmtime_r/localtime_r are mostly used in combination with
strftime to format timestamps in libvirt. This can all
be replaced with GDateTime resulting in simpler code
that is also more portable.

There is some boundary condition problem in parsing POSIX
timezone offsets in GLib which tickles our test suite.
The test suite is hacked to avoid the problem. The upsteam
GLib bug report is

  https://gitlab.gnome.org/GNOME/glib/issues/1999Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

Recently CPU hardware vendors have started to support a new structure
inside the CPU package topology known as a "die". Thus the hierarchy
is now:

  sockets > dies > cores > threads

This adds support for "dies" in the XML parser, with the value
defaulting to 1 if not specified for backwards compatibility.

For example a system with 64 logical CPUs might report

   <topology sockets="4" dies="2" cores="4" threads="2"/>
Reviewed-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

As of systemd commit:

commit d65652f1f21a4b0c59711320f34266c635393c89
Author:     Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
CommitDate: 2018-12-10 09:56:56 +0100

    Partially unify hostname_is_valid() and dns_name_is_valid()

Dashes are no longer allowed at the end of machine names.

Trim the trailing dashes from the generated name before passing
it to machined.

https://bugzilla.redhat.com/show_bug.cgi?id=1790409Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NErik Skultety <eskultet@redhat.com>

When trying to specify an input device on s390x without bus like this:

 <input type='keyboard'/>

... then libvirt currently complains:

 error: unsupported configuration: USB is disabled for this domain,
 but USB devices are present in the domain XML

This is somewhat confusing since the user did not specify an USB
device here. Since USB is not available on s390x, we should default
to the "virtio" bus here instead.

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1790189Signed-off-by: NThomas Huth <thuth@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

Historically there are two places where we format authentication and
encryption for a disk. The logich which formats it for backing files was
flawed though and didn't format it at all. This worked if the image
became a backing file through the means of a snapshot but not directly.

Force formatting of the source and encryption for any non-disk case to
fix the issue.

This caused problems in many places as we use the formatter to copy the
definition. Effectively any copy lost the secret definition.

https://bugzilla.redhat.com/show_bug.cgi?id=1789310
https://bugzilla.redhat.com/show_bug.cgi?id=1788898Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NJiri Denemark <jdenemar@redhat.com>

Add an object to hold the private data and call the
allocation function if it's present in xmlopt.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

This will be needed in the future for allocating private data.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

Remove unneeded, easy to remove goto labels (cleanup|error|done|...).
Signed-off-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: NErik Skultety <eskultet@redhat.com>

These functions are meant to replace verbose check for the old
style of specifying UEFI with a simple function call.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

The g_date_time_new_from_iso8601() function was introduced as
a replacement for strptime in

  commit 810613a6
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   Mon Dec 23 15:37:26 2019 +0000

    src: replace strptime()/timegm()/mktime() with GDateTime APIs set

Unfortunately g_date_time_new_from_iso8601 isn't available until
glib 2.56, and backporting it requires alot of code copying and
poking at private glib structs.

This reverts domain_conf.c back to its original parsing logic prior
to 810613a6, but using g_date_time_new()
instead of gmtime(). The other files are then adapted to follow a
similar approach.
Reviewed-by: NPavel Hrdina <phrdina@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>