The current virt-host-validate command has a bunch of checks
defined in the source code which are thus only extensible by
the upstream project, or downstream code modification.
The checks are implemented by a fairly simple set of rules,
mostly matching the contents of files, or output from commands,
against some expected state or regex.
This lends itself very well to having the checks defined as
metadata rules, which can be processed by a generic engine.
This patch thus converts the virt-host-validate command to be
data driven, with the desired checks defined by a set of XML
files.
Parsing XML from C is incredibly tedious, which has long put
me off doing this conversion to XML defined checks. The size
of the parsing code would be too high to justify the benefits
of the rewrite.
This new impl is thus written in Go to take advantage of its
XML encoding feature that lets you simply annotate struct
fields to define an XML parser.
The new impl also has a few new features in its CLI interface.
It is possible display a list of all facts that are set,
instead of just the subset which have reports associated
with them.
For example, by default
$ virt-host-validate
Checking cgroup memory controller present...PASS
Checking cgroup memory controller mounted...PASS
Checking cgroup cpu controller present...PASS
Checking cgroup cpu controller mounted...PASS
Checking cgroup cpuacct controller present...PASS
Checking cgroup cpuacct controller mounted...PASS
...snip...
But it can be run with
$ virt-host-validate -q -f
Set fact 'libvirt.driver.qemu' = 'true'
Set fact 'libvirt.driver.lxc' = 'true'
Set fact 'libvirt.driver.parallels' = 'true'
Set fact 'cpu.arch' = 'x86_64'
Set fact 'os.kernel' = 'Linux'
Set fact 'os.release' = '5.1.16-300.fc30.x86_64'
Set fact 'os.version' = '#1 SMP Wed Jul 3 15:06:51 UTC 2019'
Set fact 'os.cgroup.controller.cpuset' = 'true'
Set fact 'os.cgroup.controller.cpu' = 'true'
Set fact 'os.cgroup.controller.cpuacct' = 'true'
...snip...
This is quite useful for generating reports to include
on bug reports / support requests.
The main thing lost with this new impl is support for
translation, which covers two sources:
- Reports associated with the facts defined in the
XML. It is unclear how we would best deal with this.
Merge translations from the .po file into the .xml
files, and then ensure we pick the appropriate
one to display
- Error messages when things go wrong in the code
itself. This would need to use some gettext like
translation system for golang. I have not
investigated the options here yet
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
configure.ac | 1 +
libvirt.spec.in | 23 +
m4/virt-golang.m4 | 46 ++
m4/virt-host-validate.m4 | 8 +-
po/POTFILES | 5 -
tools/Makefile.am | 59 +-
tools/host-validate/go.mod | 8 +
tools/host-validate/go.sum | 4 +
tools/host-validate/main.go | 98 +++
tools/host-validate/pkg/engine.go | 469 +++++++++++
tools/host-validate/pkg/facts.go | 784 +++++++++++++++++++
tools/host-validate/pkg/facts_test.go | 67 ++
tools/host-validate/pkg/xml_utils.go | 287 +++++++
tools/host-validate/rules/acpi.xml | 29 +
tools/host-validate/rules/builtin.xml | 33 +
tools/host-validate/rules/cgroups.xml | 403 ++++++++++
tools/host-validate/rules/cpu.xml | 148 ++++
tools/host-validate/rules/devices.xml | 54 ++
tools/host-validate/rules/freebsd-kernel.xml | 14 +
tools/host-validate/rules/iommu.xml | 93 +++
tools/host-validate/rules/namespaces.xml | 94 +++
tools/host-validate/rules/pci.xml | 9 +
tools/virt-host-validate-bhyve.c | 77 --
tools/virt-host-validate-bhyve.h | 24 -
tools/virt-host-validate-common.c | 419 ----------
tools/virt-host-validate-common.h | 85 --
tools/virt-host-validate-lxc.c | 87 --
tools/virt-host-validate-lxc.h | 24 -
tools/virt-host-validate-qemu.c | 116 ---
tools/virt-host-validate-qemu.h | 24 -
tools/virt-host-validate.c | 152 ----
tools/virt-host-validate.pod | 12 +-
32 files changed, 2693 insertions(+), 1063 deletions(-)
create mode 100644 m4/virt-golang.m4
create mode 100644 tools/host-validate/go.mod
create mode 100644 tools/host-validate/go.sum
create mode 100644 tools/host-validate/main.go
create mode 100644 tools/host-validate/pkg/engine.go
create mode 100644 tools/host-validate/pkg/facts.go
create mode 100644 tools/host-validate/pkg/facts_test.go
create mode 100644 tools/host-validate/pkg/xml_utils.go
create mode 100644 tools/host-validate/rules/acpi.xml
create mode 100644 tools/host-validate/rules/builtin.xml
create mode 100644 tools/host-validate/rules/cgroups.xml
create mode 100644 tools/host-validate/rules/cpu.xml
create mode 100644 tools/host-validate/rules/devices.xml
create mode 100644 tools/host-validate/rules/freebsd-kernel.xml
create mode 100644 tools/host-validate/rules/iommu.xml
create mode 100644 tools/host-validate/rules/namespaces.xml
create mode 100644 tools/host-validate/rules/pci.xml
delete mode 100644 tools/virt-host-validate-bhyve.c
delete mode 100644 tools/virt-host-validate-bhyve.h
delete mode 100644 tools/virt-host-validate-common.c
delete mode 100644 tools/virt-host-validate-common.h
delete mode 100644 tools/virt-host-validate-lxc.c
delete mode 100644 tools/virt-host-validate-lxc.h
delete mode 100644 tools/virt-host-validate-qemu.c
delete mode 100644 tools/virt-host-validate-qemu.h
delete mode 100644 tools/virt-host-validate.c
diff --git a/configure.ac b/configure.ac
index 7c76a9c9ec..c217bc7d77 100644
--- a/configure.ac
+++ b/configure.ac
@@ -513,6 +513,7 @@ LIBVIRT_ARG_TLS_PRIORITY
LIBVIRT_ARG_SYSCTL_CONFIG
+LIBVIRT_CHECK_GOLANG
LIBVIRT_CHECK_DEBUG
LIBVIRT_CHECK_DTRACE
LIBVIRT_CHECK_NUMAD
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 41c4a142d6..5ac38366bb 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -402,6 +402,10 @@ BuildRequires: libtirpc-devel
BuildRequires: firewalld-filesystem
%endif
+BuildRequires: golang >= 1.12
+BuildRequires:
golang-ipath(github.com/spf13/pflag)
+BuildRequires:
golang-ipath(golang.org/x/sys)
+
Provides: bundled(gnulib)
%description
@@ -1155,6 +1159,15 @@ export SOURCE_DATE_EPOCH=$(stat --printf='%Y'
%{_specdir}/%{name}.spec)
autoreconf -if
%endif
+# We're building without go modules enabled, so
+# must make a local Go root with the old style
+# dir naming scheme/hierarchy
+mkdir -p
gocode/src/libvirt.org
+ln -s `pwd`/tools/host-validate `pwd`/gocode/src/libvirt.org/host-validate
+
+export GO111MODULE=off
+export GOPATH=/usr/share/gocode:`pwd`/gocode
+
rm -f po/stamp-po
%configure --with-runstatedir=%{_rundir} \
%{?arg_qemu} \
@@ -1886,6 +1899,16 @@ exit 0
%if %{with_qemu}
%{_datadir}/systemtap/tapset/libvirt_qemu_probes*.stp
%endif
+%dir %{_datadir}/libvirt/host-validate
+%{_datadir}/libvirt/host-validate/acpi.xml
+%{_datadir}/libvirt/host-validate/builtin.xml
+%{_datadir}/libvirt/host-validate/cgroups.xml
+%{_datadir}/libvirt/host-validate/cpu.xml
+%{_datadir}/libvirt/host-validate/devices.xml
+%{_datadir}/libvirt/host-validate/freebsd-kernel.xml
+%{_datadir}/libvirt/host-validate/iommu.xml
+%{_datadir}/libvirt/host-validate/namespaces.xml
+%{_datadir}/libvirt/host-validate/pci.xml
%if %{with_bash_completion}
%{_datadir}/bash-completion/completions/virsh
diff --git a/m4/virt-golang.m4 b/m4/virt-golang.m4
new file mode 100644
index 0000000000..c2638cad39
--- /dev/null
+++ b/m4/virt-golang.m4
@@ -0,0 +1,46 @@
+dnl Golang checks
+dnl
+dnl Copyright (C) 2019 Red Hat, Inc.
+dnl
+dnl This library is free software; you can redistribute it and/or
+dnl modify it under the terms of the GNU Lesser General Public
+dnl License as published by the Free Software Foundation; either
+dnl version 2.1 of the License, or (at your option) any later version.
+dnl
+dnl This library is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+dnl Lesser General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU Lesser General Public
+dnl License along with this library. If not, see
+dnl <
http://www.gnu.org/licenses/>.
+dnl
+
+AC_DEFUN([LIBVIRT_CHECK_GOLANG], [
+ AC_PATH_PROGS([GO], [go], [no])
+ if test "x$ac_cv_path_GO" != "xno"
+ then
+ with_go=yes
+ else
+ with_go=no
+ fi
+ AM_CONDITIONAL([HAVE_GOLANG], [test "$with_go" != "no"])
+
+ if test "$with_go" != "no"
+ then
+ GOVERSION=`$ac_cv_path_GO version | awk '{print \$ 3}' | sed -e
's/go//' -e 's/rc.*//'`
+ GOMAJOR=`echo $GOVERSION | awk -F . '{print \$ 1}'`
+ GOMINOR=`echo $GOVERSION | awk -F . '{print \$ 2}'`
+ GOMICRO=`echo $GOVERSION | awk -F . '{print \$ 3}'`
+
+ AC_MSG_CHECKING([for Go version >= 1.11])
+ if test "$GOMAJOR" != "1" || test "$GOMINOR" -lt
"11"
+ then
+ with_go=no
+ AC_MSG_RESULT([no])
+ else
+ AC_MSG_RESULT([yes])
+ fi
+ fi
+])
diff --git a/m4/virt-host-validate.m4 b/m4/virt-host-validate.m4
index 643cd8f06e..b03b2e9dc4 100644
--- a/m4/virt-host-validate.m4
+++ b/m4/virt-host-validate.m4
@@ -21,14 +21,14 @@ AC_DEFUN([LIBVIRT_ARG_HOST_VALIDATE], [
AC_DEFUN([LIBVIRT_CHECK_HOST_VALIDATE], [
if test "x$with_host_validate" != "xno"; then
- if test "x$with_win" = "xyes"; then
+ if test "$with_go" = "no"; then
if test "x$with_host_validate" = "xyes"; then
- AC_MSG_ERROR([virt-host-validate is not supported on Windows])
+ AC_MSG_ERROR([Cannot build virt-host-validate without Go toolchain])
else
- with_host_validate=no;
+ with_host_validate=no
fi
else
- with_host_validate=yes;
+ with_host_validate=yes
fi
fi
diff --git a/po/POTFILES b/po/POTFILES
index e466e1bc55..98b6f39398 100644
--- a/po/POTFILES
+++ b/po/POTFILES
@@ -313,11 +313,6 @@ tools/virsh-util.c
tools/virsh-volume.c
tools/virsh.c
tools/virt-admin.c
-tools/virt-host-validate-bhyve.c
-tools/virt-host-validate-common.c
-tools/virt-host-validate-lxc.c
-tools/virt-host-validate-qemu.c
-tools/virt-host-validate.c
tools/virt-login-shell.c
tools/vsh.c
tools/vsh.h
diff --git a/tools/Makefile.am b/tools/Makefile.am
index 29fdbfe846..0c4d306347 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -157,50 +157,25 @@ libvirt_shell_la_SOURCES = \
vsh-table.c vsh-table.h
virt_host_validate_SOURCES = \
- virt-host-validate.c \
- virt-host-validate-common.c virt-host-validate-common.h
-
-VIRT_HOST_VALIDATE_QEMU = \
- virt-host-validate-qemu.c \
- virt-host-validate-qemu.h
-VIRT_HOST_VALIDATE_LXC = \
- virt-host-validate-lxc.c \
- virt-host-validate-lxc.h
-VIRT_HOST_VALIDATE_BHYVE = \
- virt-host-validate-bhyve.c \
- virt-host-validate-bhyve.h
-if WITH_QEMU
-virt_host_validate_SOURCES += $(VIRT_HOST_VALIDATE_QEMU)
-else ! WITH_QEMU
-EXTRA_DIST += $(VIRT_HOST_VALIDATE_QEMU)
-endif ! WITH_QEMU
-
-if WITH_LXC
-virt_host_validate_SOURCES += $(VIRT_HOST_VALIDATE_LXC)
-else ! WITH_LXC
-EXTRA_DIST += $(VIRT_HOST_VALIDATE_LXC)
-endif ! WITH_LXC
-
-if WITH_BHYVE
-virt_host_validate_SOURCES += $(VIRT_HOST_VALIDATE_BHYVE)
-else ! WITH_BHYVE
-EXTRA_DIST += $(VIRT_HOST_VALIDATE_BHYVE)
-endif ! WITH_BHYVE
-
-virt_host_validate_LDFLAGS = \
- $(AM_LDFLAGS) \
- $(PIE_LDFLAGS) \
- $(COVERAGE_LDFLAGS) \
- $(NULL)
+ $(srcdir)/host-validate/go.mod \
+ $(srcdir)/host-validate/go.sum \
+ $(srcdir)/host-validate/main.go \
+ $(srcdir)/host-validate/pkg/facts.go \
+ $(srcdir)/host-validate/pkg/facts_test.go \
+ $(srcdir)/host-validate/pkg/xml_utils.go \
+ $(srcdir)/host-validate/pkg/engine.go \
+ $(NULL)
-virt_host_validate_LDADD = \
- ../src/libvirt.la \
- ../gnulib/lib/libgnu.la \
- $(NULL)
+virt_host_validate_rulesdir = $(pkgdatadir)/host-validate
+virt_host_validate_rules_DATA = $(wildcard $(srcdir)/host-validate/rules/*.xml)
-virt_host_validate_CFLAGS = \
- $(AM_CFLAGS) \
- $(NULL)
+EXTRA_DIST += $(virt_host_validate_rules_DATA) $(virt_host_validate_SOURCES)
+
+virt-host-validate$(EXEEXT): $(virt_host_validate_SOURCES)
+ $(AM_V_CC) cd $(srcdir)/host-validate && $(GO) build $(GOBUILDFLAGS) -o
$(abs_builddir)/$@ main.go
+
+check-local:
+ cd $(srcdir)/host-validate && $(GO) test $(GOTESTFLAGS) ./...
# virt-login-shell will be setuid, and must not link to anything
# except glibc. It wil scrub the environment and then invoke the
diff --git a/tools/host-validate/go.mod b/tools/host-validate/go.mod
new file mode 100644
index 0000000000..6baf16dd95
--- /dev/null
+++ b/tools/host-validate/go.mod
@@ -0,0 +1,8 @@
+module
libvirt.org/host-validate
+
+go 1.11
+
+require (
+
github.com/spf13/pflag v1.0.3
+
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a
+)
diff --git a/tools/host-validate/go.sum b/tools/host-validate/go.sum
new file mode 100644
index 0000000000..44c5d39045
--- /dev/null
+++ b/tools/host-validate/go.sum
@@ -0,0 +1,4 @@
+github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=
+github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a
h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
diff --git a/tools/host-validate/main.go b/tools/host-validate/main.go
new file mode 100644
index 0000000000..c46d5a4843
--- /dev/null
+++ b/tools/host-validate/main.go
@@ -0,0 +1,98 @@
+/*
+ * This file is part of the libvirt project
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <
http://www.gnu.org/licenses/>.
+ *
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ */
+
+package main
+
+import (
+ "flag"
+ "fmt"
+ "github.com/spf13/pflag"
+ "io/ioutil"
+ vl "libvirt.org/host-validate/pkg"
+ "os"
+ "path/filepath"
+ "strings"
+)
+
+func main() {
+ var showfacts bool
+ var quiet bool
+ var rulesdir string
+
+ pflag.BoolVarP(&showfacts, "show-facts", "f", false, "Show
raw fact names and values")
+ pflag.BoolVarP(&quiet, "quiet", "q", false, "Don't
report on fact checks")
+ pflag.StringVarP(&rulesdir, "rules-dir", "r",
"/usr/share/libvirt/host-validate", "Directory to load validation rules
from")
+
+ pflag.CommandLine.AddGoFlagSet(flag.CommandLine)
+ pflag.Parse()
+ // Convince glog that we really have parsed CLI
+ flag.CommandLine.Parse([]string{})
+
+ if len(pflag.Args()) > 1 {
+ fmt.Printf("syntax: %s [OPTIONS] [DRIVER]\n", os.Args[0])
+ os.Exit(1)
+ }
+
+ driver := ""
+ if len(pflag.Args()) == 1 {
+ driver = pflag.Args()[0]
+ }
+
+ files, err := ioutil.ReadDir(rulesdir)
+ if err != nil {
+ fmt.Printf("Unable to load rules from '%s': %s\n", rulesdir, err)
+ os.Exit(1)
+ }
+ var lists []vl.FactList
+ for _, file := range files {
+ path := filepath.Join(rulesdir, file.Name())
+ if !strings.HasSuffix(path, ".xml") {
+ continue
+ }
+ facts, err := vl.NewFactList(path)
+ if err != nil {
+ fmt.Printf("Unable to load facts '%s': %s\n", path, err)
+ os.Exit(1)
+ }
+ lists = append(lists, *facts)
+ }
+
+ var output vl.EngineOutput
+ if !quiet {
+ output |= vl.ENGINE_OUTPUT_REPORTS
+ }
+ if showfacts {
+ output |= vl.ENGINE_OUTPUT_FACTS
+ }
+
+ engine := vl.NewEngine(output, driver)
+
+ failed, err := engine.Validate(vl.MergeFactLists(lists))
+ if err != nil {
+ fmt.Printf("Unable to validate facts: %s\n", err)
+ os.Exit(1)
+ }
+ if failed != 0 {
+ os.Exit(2)
+ }
+
+ os.Exit(0)
+}
diff --git a/tools/host-validate/pkg/engine.go b/tools/host-validate/pkg/engine.go
new file mode 100644
index 0000000000..79f3077038
--- /dev/null
+++ b/tools/host-validate/pkg/engine.go
@@ -0,0 +1,469 @@
+/*
+ * This file is part of the libvirt project
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <
http://www.gnu.org/licenses/>.
+ *
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ */
+
+package pkg
+
+import (
+ "fmt"
+ "golang.org/x/sys/unix"
+ "io/ioutil"
+ "os"
+ "os/exec"
+ "regexp"
+ "strings"
+)
+
+type Engine struct {
+ Facts map[string]string
+ Errors uint
+ Output EngineOutput
+ Driver string
+}
+
+type EngineOutput int
+
+const (
+ // Print the raw key, value pairs for each fact set
+ ENGINE_OUTPUT_FACTS = EngineOutput(1 << 0)
+
+ // Print the human targetted reports for facts set
+ ENGINE_OUTPUT_REPORTS = EngineOutput(1 << 1)
+)
+
+// Create an engine able to process a list of facts
+func NewEngine(output EngineOutput, driver string) *Engine {
+ engine := &Engine{}
+
+ engine.Output = output
+ engine.Facts = make(map[string]string)
+ engine.Driver = driver
+
+ return engine
+}
+
+// Set the value associated with a fact
+func (engine *Engine) SetFact(name, value string) {
+ engine.Facts[name] = value
+ if (engine.Output & ENGINE_OUTPUT_FACTS) != 0 {
+ fmt.Printf("Set fact '%s' = '%s'\n", name, value)
+ }
+}
+
+func (engine *Engine) EvalExpression(expr *Expression) (bool, error) {
+ if expr.Any != nil {
+ for _, subexpr := range expr.Any.Expressions {
+ ok, err := engine.EvalExpression(&subexpr)
+ if err != nil {
+ return false, err
+ }
+ if ok {
+ return true, nil
+ }
+ }
+ return false, nil
+ } else if expr.All != nil {
+ for _, subexpr := range expr.All.Expressions {
+ ok, err := engine.EvalExpression(&subexpr)
+ if err != nil {
+ return false, err
+ }
+ if !ok {
+ return false, nil
+ }
+ }
+ return true, nil
+ } else if expr.Fact != nil {
+ val, ok := engine.Facts[expr.Fact.Name]
+ if !ok {
+ return false, nil
+ }
+ if expr.Fact.Match == "regex" {
+ match, err := regexp.Match(expr.Fact.Value, []byte(val))
+ if err != nil {
+ return false, err
+ }
+ return match, nil
+ } else if expr.Fact.Match == "exists" {
+ return true, nil
+ } else {
+ return val == expr.Fact.Value, nil
+ }
+ } else {
+ return false, fmt.Errorf("Expected expression any or all or fact")
+ }
+}
+
+// Report a fact that failed to have the desired value
+func (engine *Engine) Fail(fact *Fact) {
+ engine.Errors++
+ if fact.Report == nil {
+ return
+ }
+ if (engine.Output & ENGINE_OUTPUT_REPORTS) != 0 {
+ hint := ""
+ if fact.Hint != nil {
+ hint = " (" + fact.Hint.Message + ")"
+ }
+ if fact.Report.Level == "note" {
+ fmt.Printf("\033[34mNOTE\033[0m%s\n", hint)
+ } else if fact.Report.Level == "warn" {
+ fmt.Printf("\033[33mWARN\033[0m%s\n", hint)
+ } else {
+ fmt.Printf("\033[31mFAIL\033[0m%s\n", hint)
+ }
+ }
+}
+
+// Report a fact that has the desired value
+func (engine *Engine) Pass(fact *Fact) {
+ if fact.Report == nil {
+ return
+ }
+ if (engine.Output & ENGINE_OUTPUT_REPORTS) != 0 {
+ fmt.Printf("\033[32mPASS\033[0m\n")
+ }
+}
+
+func utsString(v [65]byte) string {
+ n := 0
+ for i, _ := range v {
+ if v[i] == 0 {
+ break
+ }
+ n++
+ }
+ return string(v[0:n])
+}
+
+// Populate the engine with values for a built-in fact
+func (engine *Engine) SetValueBuiltIn(fact *Fact) error {
+ var uts unix.Utsname
+ err := unix.Uname(&uts)
+ if err != nil {
+ return err
+ }
+
+ if fact.Name == "os.kernel" {
+ engine.SetFact(fact.Name, utsString(uts.Sysname))
+ } else if fact.Name == "os.release" {
+ engine.SetFact(fact.Name, utsString(uts.Release))
+ } else if fact.Name == "os.version" {
+ engine.SetFact(fact.Name, utsString(uts.Version))
+ } else if fact.Name == "cpu.arch" {
+ engine.SetFact(fact.Name, utsString(uts.Machine))
+ } else if fact.Name == "libvirt.driver" {
+ if engine.Driver != "" {
+ engine.SetFact(fact.Name+"."+engine.Driver, "true")
+ } else {
+ if utsString(uts.Sysname) == "Linux" {
+ engine.SetFact(fact.Name+".qemu", "true")
+ engine.SetFact(fact.Name+".lxc", "true")
+ engine.SetFact(fact.Name+".parallels", "true")
+ } else if utsString(uts.Sysname) == "FreeBSD" {
+ engine.SetFact(fact.Name+".bhyve", "true")
+ }
+ }
+ } else {
+ return fmt.Errorf("Unknown built-in fact '%s'", fact.Name)
+ }
+
+ return nil
+}
+
+func (engine *Engine) SetValueBool(fact *Fact) error {
+ ok, err := engine.EvalExpression(fact.Value.Bool)
+ if err != nil {
+ return err
+ }
+ if ok {
+ engine.SetFact(fact.Name, "true")
+ engine.Pass(fact)
+ } else {
+ engine.SetFact(fact.Name, "false")
+ engine.Fail(fact)
+ }
+ return nil
+}
+
+func unescape(val string) (string, error) {
+ escapes := map[rune]string{
+ 'a': "\x07",
+ 'b': "\x08",
+ 'e': "\x1b",
+ 'f': "\x0c",
+ 'n': "\x0a",
+ 'r': "\x0d",
+ 't': "\x09",
+ 'v': "\x0b",
+ '\\': "\x5c",
+ '0': "\x00",
+ }
+ var ret string
+ escape := false
+ for _, c := range val {
+ if c == '\\' {
+ escape = true
+ } else if escape {
+ unesc, ok := escapes[c]
+ if !ok {
+ return "", fmt.Errorf("Unknown escape '\\%c'", c)
+ }
+ ret += string(unesc)
+ escape = false
+ } else {
+ ret += string(c)
+ }
+ }
+ return ret, nil
+}
+
+func (engine *Engine) SetValueParse(fact *Fact, parse *Parse, context string, val string)
error {
+ if parse == nil {
+ engine.SetFact(context, val)
+ return nil
+ }
+ if parse.Whitespace == "trim" {
+ val = strings.TrimSpace(val)
+ }
+ if parse.Scalar != nil {
+ if parse.Scalar.Regex != "" {
+ re, err := regexp.Compile(parse.Scalar.Regex)
+ if err != nil {
+ return err
+ }
+ matches := re.FindStringSubmatch(val)
+ if parse.Scalar.Match >= uint(len(matches)) {
+ return fmt.Errorf("No match %d for '%s' against '%s'",
+ parse.Scalar.Match, parse.Scalar.Regex, val)
+ }
+ val = matches[parse.Scalar.Match]
+ }
+ engine.SetFact(context, val)
+ } else if parse.List != nil {
+ if val == "" {
+ return nil
+ }
+ sep, err := unescape(parse.List.Separator)
+ if err != nil {
+ return err
+ }
+ bits := strings.Split(val, sep)
+ count := uint(0)
+ for i, bit := range bits {
+ if i < int(parse.List.SkipHead) {
+ continue
+ }
+ if i >= (len(bits) - int(parse.List.SkipTail)) {
+ continue
+ }
+ subcontext := fmt.Sprintf("%s.%d", context, i)
+ err := engine.SetValueParse(fact, parse.List.Parse, subcontext, bit)
+ if err != nil {
+ return err
+ }
+ count++
+ if count >= parse.List.Limit {
+ break
+ }
+ }
+ } else if parse.Set != nil {
+ if val == "" {
+ return nil
+ }
+ sep, err := unescape(parse.Set.Separator)
+ if err != nil {
+ return err
+ }
+ bits := strings.Split(val, sep)
+ for i, bit := range bits {
+ if i < int(parse.Set.SkipHead) {
+ continue
+ }
+ if i >= (len(bits) - int(parse.Set.SkipTail)) {
+ continue
+ }
+ if parse.Set.Regex != "" {
+ re, err := regexp.Compile(parse.Set.Regex)
+ if err != nil {
+ return err
+ }
+ matches := re.FindStringSubmatch(bit)
+ if parse.Set.Match >= uint(len(matches)) {
+ return fmt.Errorf("No match %d for '%s' against '%s'",
+ parse.Set.Match, parse.Set.Regex, bit)
+ }
+ bit = matches[parse.Set.Match]
+ }
+ subcontext := fmt.Sprintf("%s.%s", context, bit)
+ engine.SetFact(subcontext, "true")
+ }
+ } else if parse.Dict != nil {
+ sep, err := unescape(parse.Dict.Separator)
+ if err != nil {
+ return err
+ }
+ dlm, err := unescape(parse.Dict.Delimiter)
+ if err != nil {
+ return err
+ }
+ bits := strings.Split(val, sep)
+ for _, bit := range bits {
+ pair := strings.SplitN(bit, dlm, 2)
+ if len(pair) != 2 {
+ //return fmt.Errorf("Cannot split %s value '%s' on '%s'",
fact.Name, pair, parse.Dict.Delimiter)
+ continue
+ }
+ key := strings.TrimSpace(pair[0])
+ subcontext := fmt.Sprintf("%s.%s", context, key)
+ err := engine.SetValueParse(fact, parse.Dict.Parse, subcontext, pair[1])
+ if err != nil {
+ return err
+ }
+ }
+ } else {
+ return fmt.Errorf("Expecting scalar or list or dict to parse")
+ }
+
+ return nil
+}
+
+func (engine *Engine) SetValueString(fact *Fact) error {
+ val, ok := engine.Facts[fact.Value.String.Fact]
+ if !ok {
+ return fmt.Errorf("Fact %s not present", fact.Value.String.Fact)
+ }
+
+ return engine.SetValueParse(fact, fact.Value.String.Parse, fact.Name, string(val))
+}
+
+func (engine *Engine) SetValueFile(fact *Fact) error {
+ data, err := ioutil.ReadFile(fact.Value.File.Path)
+ if err != nil {
+ if os.IsNotExist(err) && fact.Value.File.IgnoreMissing {
+ return nil
+ }
+ return err
+ }
+
+ return engine.SetValueParse(fact, fact.Value.File.Parse, fact.Name, string(data))
+}
+
+func (engine *Engine) SetValueDirEnt(fact *Fact) error {
+ files, err := ioutil.ReadDir(fact.Value.DirEnt.Path)
+ if err != nil {
+ if os.IsNotExist(err) && fact.Value.DirEnt.IgnoreMissing {
+ return nil
+ }
+ return err
+ }
+ for _, file := range files {
+ engine.SetFact(fmt.Sprintf("%s.%s", fact.Name, file.Name()),
"true")
+ }
+ return nil
+}
+
+func (engine *Engine) SetValueCommand(fact *Fact) error {
+ var args []string
+ for _, arg := range fact.Value.Command.Args {
+ args = append(args, arg.Val)
+ }
+ cmd := exec.Command(fact.Value.Command.Name, args...)
+ out, err := cmd.Output()
+ if err != nil {
+ return err
+ }
+
+ return engine.SetValueParse(fact, fact.Value.Command.Parse, fact.Name, string(out))
+}
+
+func (engine *Engine) SetValueAccess(fact *Fact) error {
+ var flags uint32
+ if fact.Value.Access.Check == "exists" {
+ flags = 0
+ } else if fact.Value.Access.Check == "readable" {
+ flags = unix.R_OK
+ } else if fact.Value.Access.Check == "writable" {
+ flags = unix.W_OK
+ } else if fact.Value.Access.Check == "executable" {
+ flags = unix.X_OK
+ } else {
+ return fmt.Errorf("No access check type specified for %s",
+ fact.Value.Access.Path)
+ }
+ err := unix.Access(fact.Value.Access.Path, flags)
+ if err != nil {
+ engine.SetFact(fact.Name, "false")
+ engine.Fail(fact)
+ } else {
+ engine.SetFact(fact.Name, "true")
+ engine.Pass(fact)
+ }
+ return nil
+}
+
+func (engine *Engine) ValidateFact(fact *Fact) error {
+ if fact.Filter != nil {
+ ok, err := engine.EvalExpression(fact.Filter)
+ if err != nil {
+ return err
+ }
+ if !ok {
+ return nil
+ }
+ }
+ if fact.Report != nil && (engine.Output&ENGINE_OUTPUT_REPORTS) != 0 {
+ fmt.Printf("Checking %s...", fact.Report.Message)
+ }
+
+ if fact.Value.BuiltIn != nil {
+ return engine.SetValueBuiltIn(fact)
+ } else if fact.Value.Bool != nil {
+ return engine.SetValueBool(fact)
+ } else if fact.Value.String != nil {
+ return engine.SetValueString(fact)
+ } else if fact.Value.File != nil {
+ return engine.SetValueFile(fact)
+ } else if fact.Value.DirEnt != nil {
+ return engine.SetValueDirEnt(fact)
+ } else if fact.Value.Command != nil {
+ return engine.SetValueCommand(fact)
+ } else if fact.Value.Access != nil {
+ return engine.SetValueAccess(fact)
+ } else {
+ return fmt.Errorf("No information provided for value in fact %s", fact.Name)
+ }
+}
+
+// Validate all facts in the list, returning a count of
+// any non-fatal errors encountered.
+func (engine *Engine) Validate(facts FactList) (uint, error) {
+ err := facts.Sort()
+ if err != nil {
+ return 0, err
+ }
+ for _, fact := range facts.Facts {
+ err = engine.ValidateFact(fact)
+ if err != nil {
+ return 0, err
+ }
+ }
+ return engine.Errors, nil
+}
diff --git a/tools/host-validate/pkg/facts.go b/tools/host-validate/pkg/facts.go
new file mode 100644
index 0000000000..810ffff280
--- /dev/null
+++ b/tools/host-validate/pkg/facts.go
@@ -0,0 +1,784 @@
+/*
+ * This file is part of the libvirt project
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <
http://www.gnu.org/licenses/>.
+ *
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ */
+
+package pkg
+
+import (
+ "encoding/xml"
+ "fmt"
+ "io"
+ "io/ioutil"
+ "strings"
+)
+
+// A list of all the facts we are going to validate
+type FactList struct {
+ XMLName xml.Name `xml:"https://libvirt.org/xml/virt-host-validate/facts/1.0
factlist"`
+
+ Facts []*Fact `xml:"fact"`
+}
+
+// A fact is a description of a single piece of information
+// we wish to check. Conceptually a fact is simply a plain
+// key, value pair where both parts are strings.
+//
+// Every fact has a name which is a dot separated list of
+// strings, eg 'cpu.family.arm'. By convention the dots
+// are forming an explicit hierarchy, so a common prefix
+// on names is used to group related facts.
+//
+// Optionally a report can be associated with a fact
+// This is a freeform string intended to be read by
+// humans, eg 'hardware virt possible'
+//
+// If a report is given, there can also be an optional
+// hint given, which is used when a fact fails to match
+// some desired condition. This is another freeform string
+// intended to be read by humans, eg
+// 'enable cpuset cgroup controller in Kconfig'
+//
+// The optional filter is an expression that can be used
+// to skip the processing of this fact when certain
+// conditions are not met. eg, a filter might skip
+// the checking of cgroups when the os kernel is not "linux"
+//
+// Finally there is a mandatory value. This defines how
+// to extract the value for setting the fact.
+//
+//
+//
+type Fact struct {
+ Name string `xml:"name,attr"`
+ Report *Report `xml:"report"`
+ Hint *Report `xml:"hint"`
+ Filter *Expression `xml:"filter"`
+ Value Value `xml:"value"`
+}
+
+// A report is a message intended to be targetted at humans
+//
+// The message can be an arbitrary string, informing them
+// of some relevant information
+//
+// The level is one of 'warn' or 'note' or 'error', with
+// 'error' being assumed if no value is given
+type Report struct {
+ Message string `xml:"message,attr"`
+ Level string `xml:"level,attr,omitempty"`
+}
+
+// An expression is used to evaluate some complex conditions
+//
+// Expressions can be simple, comparing a single fact to
+// some desired match.
+//
+// Expressions can be compound, requiring any or all of a
+// list of sub-expressions to evaluate to true.
+type Expression struct {
+ Any *ExpressionCompound `xml:"any"`
+ All *ExpressionCompound `xml:"all"`
+ Fact *ExpressionFact `xml:"fact"`
+}
+
+// A compound expression is simply a list of expressions
+// to be evaluated
+type ExpressionCompound struct {
+ Expressions []Expression `xml:"-"`
+}
+
+// A fact expression defines a rule that compares the
+// value associated with the fact, to some desired
+// match.
+//
+// The name gives the name of the fact to check
+//
+// The semantics of value vary according to the match
+// type
+//
+// If the match type is 'regex', then the value must
+// match against the declared regular expression.
+//
+// If the match type is 'exists', the value is ignored
+// and the fact must simply exist.
+//
+// If the match type is not set, then a plain string
+// equality comparison is done
+type ExpressionFact struct {
+ Name string `xml:"name,attr"`
+ Value string `xml:"value,attr,omitempty"`
+ Match string `xml:"match,attr,omitempty"`
+}
+
+// A value defines the various data sources for
+// setting a fact's value. Only one of the data
+// sources is permitted to be non-nil for each
+// fact
+//
+// A builtin value is one of the standard facts
+// defined in code.
+//
+// A bool value is one set to 'true' or 'false'
+// depending on the results of evaluating an
+// expression. It is user error to construct
+// an expression which is self-referential
+//
+// A string value is one set by parsing the
+// the value of another fact. A typical use
+// case would be to split a string based on
+// a whitespace separator
+//
+// A file value is one set by parsing the
+// contents of a file on disk
+//
+// A dirent value results in creation of
+// many facts, one for each directory entry
+// seen
+//
+// An access value is one that sets a value
+// to 'true' or 'false' depending on the
+// permissions of a file
+//
+// A command value is one set by parsing
+// the output of a command's stdout
+type Value struct {
+ BuiltIn *ValueBuiltIn `xml:"builtin"`
+ Bool *Expression `xml:"bool"`
+ String *ValueString `xml:"string"`
+ File *ValueFile `xml:"file"`
+ DirEnt *ValueDirEnt `xml:"dirent"`
+ Access *ValueAccess `xml:"access"`
+ Command *ValueCommand `xml:"command"`
+}
+
+// Valid built-in fact names are
+// - os.{kernel,release,version} and cpu.arch,
+// set from uname() syscall results
+// - libvirt.driver set from a command line arg
+type ValueBuiltIn struct {
+}
+
+// Sets a value from a command.
+//
+// The name is the binary command name, either
+// unqualified and resolved against $PATH, or
+// or fully qualified
+//
+// A command can be given an arbitray set of
+// arguments when run
+//
+// By default the entire contents of stdout
+// will be set as the fact value.
+//
+// It is possible to instead parse the stdout
+// data to extract interesting pieces of information
+// from it
+type ValueCommand struct {
+ Name string `xml:"name,attr"`
+ Args []ValueCommandArg `xml:"arg"`
+ Parse *Parse `xml:"parse"`
+}
+
+type ValueCommandArg struct {
+ Val string `xml:"val,attr"`
+}
+
+// Sets a value from a file contents
+//
+// The path is the fully qualified filename path
+//
+// By default the entire contents of the file
+// will be set as the fact value.
+//
+// It is possible to instead parse the file
+// data to extract interesting pieces of information
+// from it
+type ValueFile struct {
+ Path string `xml:"path,attr"`
+ Parse *Parse `xml:"parse"`
+ IgnoreMissing bool `xml:"ignoreMissing,attr,omitempty"`
+}
+
+// Sets a value from another fact
+//
+// The fact is the name of the other fact
+//
+// By default the entire contents of the other fact
+// will be set as the fact value.
+//
+// More usually though the other fact value will be
+// parsed to extract interesting pieces of information
+// from it
+type ValueString struct {
+ Fact string `xml:"fact,attr"`
+ Parse *Parse `xml:"parse"`
+}
+
+// Sets a value from a list of directory entries
+//
+// The path is the fully qualified path of the directory
+//
+// By default an error will be raised if the directory
+// does not exist. Typically a filter rule would be
+// desired to skip processing of the fact in cases
+// where it is known the directory may not exist.
+//
+// If filters are not practical though, missing directory
+// can be made non-fatal
+type ValueDirEnt struct {
+ Path string `xml:"path,attr"`
+ IgnoreMissing bool `xml:"ignoreMissing,attr,omitempty"`
+}
+
+// Sets a value from the access permissions of a file
+//
+// The path is the fully qualified path of the file
+//
+// The check can be one of the strings 'readable',
+// 'writable' or 'executable'.
+type ValueAccess struct {
+ Path string `xml:"path,attr"`
+ Check string `xml:"check,attr"`
+}
+
+// The parse object defines a set of rules for
+// parsing strings to extract interesting
+// pieces of data
+//
+// The optional whitespace attribute can be set to
+// 'trim' to cause leading & trailing whitespace to
+// be removed before further processing
+//
+// To extract a single data item from the string,
+// the scalar parsing rule can be used
+//
+// To extract an ordered list of data items from
+// the string, the list parsing rule can be used
+//
+// To extract an unordered list of data items,
+// with duplicates excluded, the set parsing rule
+// can be used
+//
+// To extract a list of key, value pairs from the
+// string, the dict parsing rule can be used
+type Parse struct {
+ Whitespace string `xml:"whitespace,attr,omitempty"`
+ Scalar *ParseScalar `xml:"-"`
+ List *ParseList `xml:"-"`
+ Set *ParseSet `xml:"-"`
+ Dict *ParseDict `xml:"-"`
+}
+
+// Parsing a string to extract a single data item
+// using a regular expression.
+//
+// The regular expression should contain at least
+// one capturing group. The match attribute indicates
+// which capturing group will be used to set the
+// fact value.
+type ParseScalar struct {
+ Regex string `xml:"regex,attr,omitempty"`
+ Match uint `xml:"match,attr,omitempty"`
+}
+
+// Parsing a string to extract an ordered list of
+// data items
+//
+// The separator declares the boundary on which
+// the string will be split
+//
+// The skip head attribute should be non-zero if
+// any leading elements in the list are to be
+// discarded. This is typically useful if the
+// list contains a header/label as the first
+// entry
+//
+// The skip tail attribute should be non-zero if
+// any trailing elements in the list are to be
+// discarded
+//
+// The limit attribute sets an upper bound on
+// the number of elements that will be kept in
+// the list. It is applied after discarding any
+// leading or trailing elements.
+//
+// Each element in the list is then itself parsed
+type ParseList struct {
+ Separator string `xml:"separator,attr"`
+ SkipHead uint `xml:"skiphead,attr,omitempty"`
+ SkipTail uint `xml:"skiptail,attr,omitempty"`
+ Limit uint `xml:"limit,attr,omitempty"`
+ Parse *Parse `xml:"parse"`
+}
+
+// Parsing a string to extract an unordered list of
+// data items with duplicates removed
+//
+// The separator declares the boundary on which
+// the string will be split
+//
+// The skip head attribute should be non-zero if
+// any leading elements in the list are to be
+// discarded. This is typically useful if the
+// list contains a header/label as the first
+// entry
+//
+// The skip tail attribute should be non-zero if
+// any trailing elements in the list are to be
+// discarded
+//
+// Each element is then parsed using a regular
+// expression
+//
+// The regular expression should contain at least
+// one capturing group. The match attribute indicates
+// which capturing group will be used to set the
+// fact value.
+type ParseSet struct {
+ Separator string `xml:"separator,attr"`
+ SkipHead uint `xml:"skiphead,attr,omitempty"`
+ SkipTail uint `xml:"skiptail,attr,omitempty"`
+ Regex string `xml:"regex,attr,omitempty"`
+ Match uint `xml:"match,attr,omitempty"`
+}
+
+// Parsing a string to extract an unordered list of
+// data items with duplicates removed
+//
+// The separator declares the boundary on which
+// the string will be split to acquire the list
+// of pairs
+//
+// The delimiter declares the boundary to separate
+// the key from the value
+//
+// The value is then further parsed with the declared
+// rules
+type ParseDict struct {
+ Separator string `xml:"separator,attr"`
+ Delimiter string `xml:"delimiter,attr"`
+ Parse *Parse `xml:"parse"`
+}
+
+func getAttr(attrs []xml.Attr, name string) (string, bool) {
+ for _, attr := range attrs {
+ if attr.Name.Local == name {
+ return attr.Value, true
+ }
+ }
+ return "", false
+}
+
+type parse Parse
+
+type parseScalar struct {
+ ParseScalar
+ parse
+}
+
+type parseList struct {
+ ParseList
+ parse
+}
+
+type parseSet struct {
+ ParseSet
+ parse
+}
+
+type parseDict struct {
+ ParseDict
+ parse
+}
+
+// Custom XML generator which ensures that only one of
+// the parse rules will be output
+func (p *Parse) MarshalXML(e *xml.Encoder, start xml.StartElement) error {
+ start.Name.Local = "parse"
+ if p.List != nil {
+ start.Attr = append(start.Attr, xml.Attr{
+ xml.Name{Local: "format"}, "list",
+ })
+ pl := parseList{}
+ pl.parse = parse(*p)
+ pl.ParseList = *p.List
+ return e.EncodeElement(pl, start)
+ } else if p.Set != nil {
+ start.Attr = append(start.Attr, xml.Attr{
+ xml.Name{Local: "format"}, "set",
+ })
+ ps := parseSet{}
+ ps.parse = parse(*p)
+ ps.ParseSet = *p.Set
+ return e.EncodeElement(ps, start)
+ } else if p.Dict != nil {
+ start.Attr = append(start.Attr, xml.Attr{
+ xml.Name{Local: "format"}, "dict",
+ })
+ pd := parseDict{}
+ pd.parse = parse(*p)
+ pd.ParseDict = *p.Dict
+ return e.EncodeElement(pd, start)
+ } else if p.Scalar != nil {
+ start.Attr = append(start.Attr, xml.Attr{
+ xml.Name{Local: "format"}, "scalar",
+ })
+ ps := parseScalar{}
+ ps.parse = parse(*p)
+ ps.ParseScalar = *p.Scalar
+ return e.EncodeElement(ps, start)
+ } else {
+ return fmt.Errorf("Either ParseList or ParseDict must be non-nil")
+ }
+}
+
+// Custom XML parser which ensures that only one of
+// the parse rules will be filled in
+func (p *Parse) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error {
+ format, ok := getAttr(start.Attr, "format")
+ if !ok {
+ return fmt.Errorf("Missing format attribute on <parse>")
+ }
+ if format == "list" {
+ pl := parseList{}
+ err := d.DecodeElement(&pl, &start)
+ if err != nil {
+ return err
+ }
+ *p = Parse(pl.parse)
+ p.List = &pl.ParseList
+ return nil
+ } else if format == "set" {
+ ps := parseSet{}
+ err := d.DecodeElement(&ps, &start)
+ if err != nil {
+ return err
+ }
+ *p = Parse(ps.parse)
+ p.Set = &ps.ParseSet
+ return nil
+ } else if format == "dict" {
+ pd := parseDict{}
+ err := d.DecodeElement(&pd, &start)
+ if err != nil {
+ return err
+ }
+ *p = Parse(pd.parse)
+ p.Dict = &pd.ParseDict
+ return nil
+ } else if format == "scalar" {
+ ps := parseScalar{}
+ err := d.DecodeElement(&ps, &start)
+ if err != nil {
+ return err
+ }
+ *p = Parse(ps.parse)
+ p.Scalar = &ps.ParseScalar
+ return nil
+ } else {
+ return fmt.Errorf("Unknown format '%s' attribute on <parse>",
format)
+ }
+}
+
+// Custom XML generator which ensures that only one of
+// the expression rules will be output
+func (m *ExpressionCompound) MarshalXML(e *xml.Encoder, start xml.StartElement) error {
+ e.EncodeToken(start)
+ for _, match := range m.Expressions {
+ if match.Any != nil {
+ el := xml.StartElement{
+ Name: xml.Name{Local: "any"},
+ }
+ e.EncodeElement(match.Any, el)
+ } else if match.All != nil {
+ el := xml.StartElement{
+ Name: xml.Name{Local: "all"},
+ }
+ e.EncodeElement(match.All, el)
+ } else if match.Fact != nil {
+ el := xml.StartElement{
+ Name: xml.Name{Local: "fact"},
+ }
+ e.EncodeElement(match.Fact, el)
+ } else {
+ return fmt.Errorf("Expected Any or All or Fact to be set")
+ }
+ }
+ e.EncodeToken(start.End())
+ return nil
+}
+
+// Custom XML parser which ensures that only one of
+// the expression rules will be filled in
+func (m *ExpressionCompound) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error
{
+ for {
+ tok, err := d.Token()
+ if err == io.EOF {
+ break
+ }
+ if err != nil {
+ return err
+ }
+
+ switch tok := tok.(type) {
+ case xml.StartElement:
+ el := Expression{}
+ if tok.Name.Local == "any" {
+ el.Any = &ExpressionCompound{}
+ err = d.DecodeElement(el.Any, &tok)
+ if err != nil {
+ return err
+ }
+ } else if tok.Name.Local == "all" {
+ el.All = &ExpressionCompound{}
+ err = d.DecodeElement(el.All, &tok)
+ if err != nil {
+ return err
+ }
+ } else if tok.Name.Local == "fact" {
+ el.Fact = &ExpressionFact{}
+ err = d.DecodeElement(el.Fact, &tok)
+ if err != nil {
+ return err
+ }
+ }
+ m.Expressions = append(m.Expressions, el)
+ }
+ }
+ return nil
+}
+
+// Helper for parsing a string containing an XML
+// doc defining a list of facts
+func (f *FactList) Unmarshal(doc string) error {
+ return xml.Unmarshal([]byte(doc), f)
+}
+
+// Helper for formatting a string to contain an
+// XML doc for the list of facts
+func (f *FactList) Marshal() (string, error) {
+ doc, err := xml.MarshalIndent(f, "", " ")
+ if err != nil {
+ return "", err
+ }
+ return string(doc), nil
+}
+
+// Create a new fact list, loading from the
+// specified plain file
+func NewFactList(filename string) (*FactList, error) {
+ xmlstr, err := ioutil.ReadFile(filename)
+ if err != nil {
+ return nil, err
+ }
+
+ facts := &FactList{}
+ err = facts.Unmarshal(string(xmlstr))
+ if err != nil {
+ return nil, err
+ }
+
+ return facts, nil
+}
+
+// Used to ensure that no fact has a name which is a sub-string of
+// another fact.
+func validateNames(names map[string]*Fact) error {
+ for name, _ := range names {
+ bits := strings.Split(name, ".")
+ subname := ""
+ for _, bit := range bits[0 : len(bits)-1] {
+ if subname == "" {
+ subname = bit
+ } else {
+ subname = subname + "." + bit
+ }
+ _, ok := names[subname]
+
+ if ok {
+ return fmt.Errorf("Fact name '%s' has fact '%s' as a
substring",
+ name, subname)
+ }
+ }
+ }
+
+ return nil
+}
+
+// Identify the name of the corresponding fact that
+// is referenced, by chopping off suffixes until a
+// match is found
+func findFactReference(names map[string]*Fact, name string) (string, error) {
+ bits := strings.Split(name, ".")
+ subname := ""
+ for _, bit := range bits {
+ if subname == "" {
+ subname = bit
+ } else {
+ subname = subname + "." + bit
+ }
+ _, ok := names[subname]
+ if ok {
+ return subname, nil
+ }
+ }
+
+ return "", fmt.Errorf("Cannot find fact providing %s", name)
+}
+
+// Build up a list of dependant facts referenced by an expression
+func addDepsExpr(deps *map[string][]string, names map[string]*Fact, fact *Fact, expr
*Expression) error {
+ if expr.Any != nil {
+ for _, sub := range expr.Any.Expressions {
+ err := addDepsExpr(deps, names, fact, &sub)
+ if err != nil {
+ return err
+ }
+ }
+ } else if expr.All != nil {
+ for _, sub := range expr.All.Expressions {
+ err := addDepsExpr(deps, names, fact, &sub)
+ if err != nil {
+ return err
+ }
+ }
+ } else if expr.Fact != nil {
+ ref, err := findFactReference(names, expr.Fact.Name)
+ if err != nil {
+ return err
+ }
+ entries, _ := (*deps)[fact.Name]
+ entries = append(entries, ref)
+ (*deps)[fact.Name] = entries
+ }
+ return nil
+}
+
+// Build up a list of dependancies between facts
+func addDeps(deps *map[string][]string, names map[string]*Fact, fact *Fact) error {
+ if fact.Filter != nil {
+ err := addDepsExpr(deps, names, fact, fact.Filter)
+ if err != nil {
+ return err
+ }
+ }
+ if fact.Value.Bool != nil {
+ err := addDepsExpr(deps, names, fact, fact.Value.Bool)
+ if err != nil {
+ return err
+ }
+ }
+ if fact.Value.String != nil {
+ ref, err := findFactReference(names, fact.Value.String.Fact)
+ if err != nil {
+ return err
+ }
+ entries, _ := (*deps)[fact.Name]
+ entries = append(entries, ref)
+ (*deps)[fact.Name] = entries
+ }
+ return nil
+}
+
+// Perform a topological sort on facts so that they can be
+// processed in the order required to satisfy dependancies
+// between facts
+func (facts *FactList) Sort() error {
+ deps := make(map[string][]string)
+ names := make(map[string]*Fact)
+
+ var remaining []string
+ for _, fact := range facts.Facts {
+ deps[fact.Name] = []string{}
+ names[fact.Name] = fact
+ remaining = append(remaining, fact.Name)
+ }
+
+ err := validateNames(names)
+ if err != nil {
+ return err
+ }
+
+ for _, fact := range facts.Facts {
+ err = addDeps(&deps, names, fact)
+ if err != nil {
+ return err
+ }
+ }
+
+ var sorted []string
+ done := make(map[string]bool)
+ for len(remaining) > 0 {
+ prev_done := len(done)
+ var skipped []string
+ for _, fact := range remaining {
+ using, ok := deps[fact]
+ if !ok {
+ done[fact] = true
+ sorted = append(sorted, fact)
+ } else {
+ unsolved := false
+ for _, entry := range using {
+ _, ok := done[entry]
+ if !ok {
+ unsolved = true
+ break
+ }
+ }
+ if !unsolved {
+ sorted = append(sorted, fact)
+ done[fact] = true
+ } else {
+ skipped = append(skipped, fact)
+ }
+ }
+ }
+
+ if len(done) == prev_done {
+ return fmt.Errorf("Cycle detected in facts")
+ }
+
+ remaining = skipped
+ }
+
+ var newfacts []*Fact
+ for _, name := range sorted {
+ newfacts = append(newfacts, names[name])
+ }
+
+ facts.Facts = newfacts
+
+ return nil
+}
+
+// Create a new fact list that contains all the facts
+// from the passed in list of fact lists
+func MergeFactLists(lists []FactList) FactList {
+ var allfacts []*Fact
+ for _, list := range lists {
+ for _, fact := range list.Facts {
+ allfacts = append(allfacts, fact)
+ }
+ }
+
+ facts := FactList{}
+ facts.Facts = allfacts
+ return facts
+}
diff --git a/tools/host-validate/pkg/facts_test.go
b/tools/host-validate/pkg/facts_test.go
new file mode 100644
index 0000000000..53ed2842c3
--- /dev/null
+++ b/tools/host-validate/pkg/facts_test.go
@@ -0,0 +1,67 @@
+/*
+ * This file is part of the libvirt project
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <
http://www.gnu.org/licenses/>.
+ *
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ */
+
+package pkg
+
+import (
+ "fmt"
+ "io/ioutil"
+ "path"
+ "strings"
+ "testing"
+)
+
+func testXMLFile(t *testing.T, filename string) {
+ xml, err := ioutil.ReadFile(filename)
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ doc := &FactList{}
+
+ err = doc.Unmarshal(string(xml))
+ if err != nil {
+ t.Fatal(fmt.Errorf("Cannot parse %s: %s", filename, err))
+ }
+
+ newxml, err := doc.Marshal()
+ if err != nil {
+ t.Fatal(fmt.Errorf("Cannot format %s: %s", filename, err))
+ }
+
+ err = testCompareXML(filename, string(xml), newxml, nil, nil)
+ if err != nil {
+ t.Fatal(fmt.Errorf("Cannot roundtrip %s: %s", filename, err))
+ }
+}
+
+func TestRoundTrip(t *testing.T) {
+ dir := path.Join("..", "rules")
+ files, err := ioutil.ReadDir(dir)
+ if err != nil {
+ t.Fatal(fmt.Errorf("Cannot read %s: %s", dir, err))
+ }
+ for _, file := range files {
+ if strings.HasSuffix(file.Name(), ".xml") {
+ testXMLFile(t, path.Join(dir, file.Name()))
+ }
+ }
+}
diff --git a/tools/host-validate/pkg/xml_utils.go b/tools/host-validate/pkg/xml_utils.go
new file mode 100644
index 0000000000..b779e753f3
--- /dev/null
+++ b/tools/host-validate/pkg/xml_utils.go
@@ -0,0 +1,287 @@
+/*
+ * This file is part of the libvirt project
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <
http://www.gnu.org/licenses/>.
+ *
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ */
+
+package pkg
+
+import (
+ "encoding/xml"
+ "fmt"
+ "strconv"
+ "strings"
+)
+
+type element struct {
+ XMLNS string
+ Name string
+ Attrs map[string]string
+ Content string
+ Children []*element
+}
+
+type elementstack []*element
+
+func (s *elementstack) push(v *element) {
+ *s = append(*s, v)
+}
+
+func (s *elementstack) pop() *element {
+ res := (*s)[len(*s)-1]
+ *s = (*s)[:len(*s)-1]
+ return res
+}
+
+func getNamespaceURI(xmlnsMap map[string]string, xmlns string, name xml.Name) string {
+ if name.Space != "" {
+ uri, ok := xmlnsMap[name.Space]
+ if !ok {
+ return "undefined://" + name.Space
+ } else {
+ return uri
+ }
+ } else {
+ return xmlns
+ }
+}
+
+func xmlName(xmlns string, name xml.Name) string {
+ if xmlns == "" {
+ return name.Local
+ }
+ return name.Local + "(" + xmlns + ")"
+}
+
+func loadXML(xmlstr string, ignoreNSDecl bool) (*element, error) {
+ xmlnsMap := make(map[string]string)
+ xmlr := strings.NewReader(xmlstr)
+
+ d := xml.NewDecoder(xmlr)
+ var root *element
+ stack := elementstack{}
+ for {
+ t, err := d.RawToken()
+ if err != nil {
+ return nil, err
+ }
+
+ var parent *element
+ if root != nil {
+ if len(stack) == 0 {
+ return nil, fmt.Errorf("Unexpectedly empty stack")
+ }
+ parent = stack[len(stack)-1]
+ }
+
+ switch t := t.(type) {
+ case xml.StartElement:
+ xmlns := ""
+ if parent != nil {
+ xmlns = parent.XMLNS
+ }
+ for _, a := range t.Attr {
+ if a.Name.Space == "xmlns" {
+ xmlnsMap[a.Name.Local] = a.Value
+ } else if a.Name.Space == "" && a.Name.Local == "xmlns"
{
+ xmlns = a.Value
+ }
+ }
+ xmlns = getNamespaceURI(xmlnsMap, xmlns, t.Name)
+ child := &element{
+ XMLNS: xmlns,
+ Name: xmlName(xmlns, t.Name),
+ Attrs: make(map[string]string),
+ }
+
+ for _, a := range t.Attr {
+ if a.Name.Space == "xmlns" {
+ continue
+ }
+ if a.Name.Space == "" && a.Name.Local == "xmlns" {
+ continue
+ }
+ attrNS := getNamespaceURI(xmlnsMap, "", a.Name)
+ child.Attrs[xmlName(attrNS, a.Name)] = a.Value
+ }
+ stack.push(child)
+ if root == nil {
+ root = child
+ } else {
+ parent.Children = append(parent.Children, child)
+ parent.Content = ""
+ }
+ case xml.EndElement:
+ stack.pop()
+ case xml.CharData:
+ if parent != nil && len(parent.Children) == 0 {
+ val := string(t)
+ if strings.TrimSpace(val) != "" {
+ parent.Content = val
+ }
+ }
+ }
+
+ if root != nil && len(stack) == 0 {
+ break
+ }
+ }
+
+ return root, nil
+}
+
+func testCompareValue(filename, path, key, expected, actual string) error {
+ if expected == actual {
+ return nil
+ }
+
+ i1, err1 := strconv.ParseInt(expected, 0, 64)
+ i2, err2 := strconv.ParseInt(actual, 0, 64)
+ if err1 == nil && err2 == nil && i1 == i2 {
+ return nil
+ }
+ path = path + "/@" + key
+ return fmt.Errorf("%s: %s: attribute actual value '%s' does not match
expected value '%s'",
+ filename, path, actual, expected)
+}
+
+func testCompareElement(filename, expectPath, actualPath string, expect, actual *element,
extraExpectNodes, extraActualNodes map[string]bool) error {
+ if expect.Name != actual.Name {
+ return fmt.Errorf("%s: name '%s' doesn't match '%s'",
+ expectPath, expect.Name, actual.Name)
+ }
+
+ expectAttr := expect.Attrs
+ for key, val := range actual.Attrs {
+ expectval, ok := expectAttr[key]
+ if !ok {
+ attrPath := actualPath + "/@" + key
+ if _, ok := extraActualNodes[attrPath]; ok {
+ continue
+ }
+ return fmt.Errorf("%s: %s: attribute in actual XML missing in expected
XML",
+ filename, attrPath)
+ }
+ err := testCompareValue(filename, actualPath, key, expectval, val)
+ if err != nil {
+ return err
+ }
+ delete(expectAttr, key)
+ }
+ for key, _ := range expectAttr {
+ attrPath := expectPath + "/@" + key
+ if _, ok := extraExpectNodes[attrPath]; ok {
+ continue
+ }
+ return fmt.Errorf("%s: %s: attribute '%s' in expected XML missing in
actual XML",
+ filename, attrPath, expectAttr[key])
+ }
+
+ if expect.Content != actual.Content {
+ return fmt.Errorf("%s: %s: actual content '%s' does not match expected
'%s'",
+ filename, actualPath, actual.Content, expect.Content)
+ }
+
+ used := make([]bool, len(actual.Children))
+ expectChildIndexes := make(map[string]uint)
+ actualChildIndexes := make(map[string]uint)
+ for _, expectChild := range expect.Children {
+ expectIndex, _ := expectChildIndexes[expectChild.Name]
+ expectChildIndexes[expectChild.Name] = expectIndex + 1
+ subExpectPath := fmt.Sprintf("%s/%s[%d]", expectPath, expectChild.Name,
expectIndex)
+
+ var actualChild *element = nil
+ for i := 0; i < len(used); i++ {
+ if !used[i] && actual.Children[i].Name == expectChild.Name {
+ actualChild = actual.Children[i]
+ used[i] = true
+ break
+ }
+ }
+ if actualChild == nil {
+ if _, ok := extraExpectNodes[subExpectPath]; ok {
+ continue
+ }
+ return fmt.Errorf("%s: %s: element in expected XML missing in actual XML",
+ filename, subExpectPath)
+ }
+
+ actualIndex, _ := actualChildIndexes[actualChild.Name]
+ actualChildIndexes[actualChild.Name] = actualIndex + 1
+ subActualPath := fmt.Sprintf("%s/%s[%d]", actualPath, actualChild.Name,
actualIndex)
+
+ err := testCompareElement(filename, subExpectPath, subActualPath, expectChild,
actualChild, extraExpectNodes, extraActualNodes)
+ if err != nil {
+ return err
+ }
+ }
+
+ actualChildIndexes = make(map[string]uint)
+ for i, actualChild := range actual.Children {
+ actualIndex, _ := actualChildIndexes[actualChild.Name]
+ actualChildIndexes[actualChild.Name] = actualIndex + 1
+ if used[i] {
+ continue
+ }
+ subActualPath := fmt.Sprintf("%s/%s[%d]", actualPath, actualChild.Name,
actualIndex)
+
+ if _, ok := extraActualNodes[subActualPath]; ok {
+ continue
+ }
+ return fmt.Errorf("%s: %s: element in actual XML missing in expected XML",
+ filename, subActualPath)
+ }
+
+ return nil
+}
+
+func makeExtraNodeMap(nodes []string) map[string]bool {
+ ret := make(map[string]bool)
+ for _, node := range nodes {
+ ret[node] = true
+ }
+ return ret
+}
+
+func testCompareXML(filename, expectStr, actualStr string, extraExpectNodes,
extraActualNodes []string) error {
+ extraExpectNodeMap := makeExtraNodeMap(extraExpectNodes)
+ extraActualNodeMap := makeExtraNodeMap(extraActualNodes)
+
+ //fmt.Printf("%s\n", expectedstr)
+ expectRoot, err := loadXML(expectStr, true)
+ if err != nil {
+ return err
+ }
+ //fmt.Printf("%s\n", actualstr)
+ actualRoot, err := loadXML(actualStr, true)
+ if err != nil {
+ return err
+ }
+
+ if expectRoot.Name != actualRoot.Name {
+ return fmt.Errorf("%s: /: expected root element '%s' does not match actual
'%s'",
+ filename, expectRoot.Name, actualRoot.Name)
+ }
+
+ err = testCompareElement(filename, "/"+expectRoot.Name+"[0]",
"/"+actualRoot.Name+"[0]", expectRoot, actualRoot, extraExpectNodeMap,
extraActualNodeMap)
+ if err != nil {
+ return err
+ }
+
+ return nil
+}
diff --git a/tools/host-validate/rules/acpi.xml b/tools/host-validate/rules/acpi.xml
new file mode 100644
index 0000000000..c02863954f
--- /dev/null
+++ b/tools/host-validate/rules/acpi.xml
@@ -0,0 +1,29 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+
+ <fact name="cpu.acpi.dmar">
+ <filter>
+ <all>
+ <fact name="cpu.family.x86" value="true"/>
+ <fact name="cpu.vendor.intel" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/sys/firmware/acpi/tables/DMAR"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="cpu.acpi.ivrs">
+ <filter>
+ <all>
+ <fact name="cpu.family.x86" value="true"/>
+ <fact name="cpu.vendor.amd" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/sys/firmware/acpi/tables/IVRS"
check="exists"/>
+ </value>
+ </fact>
+
+</factlist>
diff --git a/tools/host-validate/rules/builtin.xml
b/tools/host-validate/rules/builtin.xml
new file mode 100644
index 0000000000..4e3cdeb61e
--- /dev/null
+++ b/tools/host-validate/rules/builtin.xml
@@ -0,0 +1,33 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+
+ <fact name="libvirt.driver">
+ <value>
+ <builtin/>
+ </value>
+ </fact>
+
+ <fact name="cpu.arch">
+ <value>
+ <builtin/>
+ </value>
+ </fact>
+
+ <fact name="os.kernel">
+ <value>
+ <builtin/>
+ </value>
+ </fact>
+
+ <fact name="os.release">
+ <value>
+ <builtin/>
+ </value>
+ </fact>
+
+ <fact name="os.version">
+ <value>
+ <builtin/>
+ </value>
+ </fact>
+
+</factlist>
diff --git a/tools/host-validate/rules/cgroups.xml
b/tools/host-validate/rules/cgroups.xml
new file mode 100644
index 0000000000..f69a13f5a1
--- /dev/null
+++ b/tools/host-validate/rules/cgroups.xml
@@ -0,0 +1,403 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+
+ <fact name="os.cgroup.controller">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <file path="/proc/cgroups">
+ <parse format="set" separator="\n" skiphead="1"
skiptail="1" regex="^(\w+)" match="1"/>
+ </file>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.v2only">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/cgroup.subtree_control"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.v2hybrid">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <file path="/sys/fs/cgroup/unified/cgroup.controllers"
ignoreMissing="true">
+ <parse format="set" separator=" "
whitespace="trim"/>
+ </file>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v2">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <file path="/sys/fs/cgroup/cgroup.controllers"
ignoreMissing="true">
+ <parse format="set" separator=" "
whitespace="trim"/>
+ </file>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.blkio">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/blkio/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.cpu">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/cpu/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.cpuacct">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/cpuacct/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.cpuset">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/cpuset/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.devices">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/devices/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.freezer">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/freezer/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.hugetlb">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/hugetlb/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.memory">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/memory/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.net_cls">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/net_cls/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.net_prio">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/net_prio/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.perf_event">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/perf_event/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.v1.pids">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/pids/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.mount.unified">
+ <filter>
+ <fact name="os.kernel" value="Linux"/>
+ </filter>
+ <value>
+ <access path="/sys/fs/cgroup/unified/cgroup.procs"
check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.memory.present">
+ <report message="cgroup memory controller present"/>
+ <hint message="enable memory cgroup controller in Kconfig"/>
+ <filter>
+ <all>
+ <any>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ </any>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.cgroup.controller.memory" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.memory.mounted">
+ <report message="cgroup memory controller mounted"/>
+ <hint message="mount the memory cgroup controller under
/sys/fs/cgroup"/>
+ <filter>
+ <fact name="os.cgroup.memory.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <fact name="os.cgroup.mount.v1.memory" value="true"/>
+ <fact name="os.cgroup.mount.v2.memory" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.cpu.present">
+ <report message="cgroup cpu controller present"/>
+ <hint message="enable cpu cgroup controller in Kconfig"/>
+ <filter>
+ <all>
+ <any>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ </any>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.cgroup.controller.cpu" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.cpu.mounted">
+ <report message="cgroup cpu controller mounted"/>
+ <hint message="mount the cpu cgroup controller under
/sys/fs/cgroup"/>
+ <filter>
+ <fact name="os.cgroup.cpu.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <fact name="os.cgroup.mount.v1.cpu" value="true"/>
+ <fact name="os.cgroup.mount.v2.cpu" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.cpuacct.present">
+ <report message="cgroup cpuacct controller present"/>
+ <hint message="enable cpuacct cgroup controller in Kconfig"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.cgroup.controller.cpuacct" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.cpuacct.mounted">
+ <report message="cgroup cpuacct controller mounted"/>
+ <hint message="mount the cpuacct cgroup controller under
/sys/fs/cgroup"/>
+ <filter>
+ <fact name="os.cgroup.cpuacct.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <fact name="os.cgroup.mount.v1.cpuacct" value="true"/>
+ <fact name="os.cgroup.mount.v2.cpuacct" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.cpuset.present">
+ <report message="cgroup cpuset controller present"/>
+ <hint message="enable cpuset cgroup controller in Kconfig"/>
+ <filter>
+ <all>
+ <any>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ </any>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.cgroup.controller.cpuset" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.cpuset.mounted">
+ <report message="cgroup cpuset controller mounted"/>
+ <hint message="mount the cpuset cgroup controller under
/sys/fs/cgroup"/>
+ <filter>
+ <fact name="os.cgroup.cpuset.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <fact name="os.cgroup.mount.v1.cpuset" value="true"/>
+ <fact name="os.cgroup.mount.v2.cpuset" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.devices.present">
+ <report message="cgroup devices controller present"/>
+ <hint message="enable devices cgroup controller in Kconfig"/>
+ <filter>
+ <all>
+ <any>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ </any>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.cgroup.controller.devices" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.devices.mounted">
+ <report message="cgroup devices controller mounted"/>
+ <hint message="mount the devices cgroup controller under
/sys/fs/cgroup"/>
+ <filter>
+ <fact name="os.cgroup.devices.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <fact name="os.cgroup.mount.v1.devices" value="true"/>
+ <fact name="os.cgroup.v2hybrid" value="true"/>
+ <fact name="os.cgroup.v2only" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.blkio.present">
+ <report message="cgroup blkio controller present"/>
+ <hint message="enable blkio cgroup controller in Kconfig"/>
+ <filter>
+ <all>
+ <any>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ </any>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.cgroup.controller.blkio" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.blkio.mounted">
+ <report message="cgroup blkio controller mounted"/>
+ <hint message="mount the blkio cgroup controller under
/sys/fs/cgroup"/>
+ <filter>
+ <fact name="os.cgroup.blkio.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <fact name="os.cgroup.mount.v1.blkio" value="true"/>
+ <fact name="os.cgroup.mount.v2.io" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+
+ <fact name="os.cgroup.freezer.present">
+ <report message="cgroup freezer controller present"/>
+ <hint message="enable freezer cgroup controller in Kconfig"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.cgroup.controller.freezer" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.cgroup.freezer.mounted">
+ <report message="cgroup freezer controller mounted"/>
+ <hint message="mount the freezer cgroup controller under
/sys/fs/cgroup"/>
+ <filter>
+ <fact name="os.cgroup.freezer.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <fact name="os.cgroup.mount.v1.freezer" value="true"/>
+ <fact name="os.cgroup.mount.v2.freezer" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+</factlist>
diff --git a/tools/host-validate/rules/cpu.xml b/tools/host-validate/rules/cpu.xml
new file mode 100644
index 0000000000..024cdae20c
--- /dev/null
+++ b/tools/host-validate/rules/cpu.xml
@@ -0,0 +1,148 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+
+ <fact name="cpu.info">
+ <value>
+ <file path="/proc/cpuinfo">
+ <parse format="list" separator="\n\n" limit="1">
+ <parse format="dict" separator="\n" delimiter=":"
whitespace="trim">
+ <parse format="scalar" whitespace="trim"/>
+ </parse>
+ </parse>
+ </file>
+ </value>
+ </fact>
+
+ <fact name="cpu.family.x86">
+ <value>
+ <bool>
+ <any>
+ <fact name="cpu.arch" value="x86_64"/>
+ <fact name="cpu.arch" value="i386"/>
+ <fact name="cpu.arch" value="i486"/>
+ <fact name="cpu.arch" value="i586"/>
+ <fact name="cpu.arch" value="i686"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="cpu.family.arm">
+ <value>
+ <bool>
+ <any>
+ <fact name="cpu.arch" value="aarch64"/>
+ <fact name="cpu.arch" value="armv6"/>
+ <fact name="cpu.arch" value="armv7"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="cpu.family.s390">
+ <value>
+ <bool>
+ <any>
+ <fact name="cpu.arch" value="s390"/>
+ <fact name="cpu.arch" value="s390x"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="cpu.vendor.intel">
+ <filter>
+ <fact name="cpu.family.x86" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <fact name="cpu.info.0.vendor_id" value="GenuineIntel"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="cpu.vendor.amd">
+ <filter>
+ <fact name="cpu.family.x86" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <fact name="cpu.info.0.vendor_id" value="AuthenticAMD"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="cpu.features.x86">
+ <filter>
+ <fact name="cpu.family.x86" value="true"/>
+ </filter>
+
+ <value>
+ <string fact="cpu.info.0.flags">
+ <parse format="set" separator=" "
whitespace="trim"/>
+ </string>
+ </value>
+ </fact>
+
+
+ <fact name="cpu.features.arm">
+ <filter>
+ <fact name="cpu.family.arm" value="true"/>
+ </filter>
+
+ <value>
+ <string fact="cpu.info.0.Features">
+ <parse format="set" separator=" "
whitespace="trim"/>
+ </string>
+ </value>
+ </fact>
+
+ <fact name="cpu.features.s390">
+ <filter>
+ <fact name="cpu.family.s390" value="true"/>
+ </filter>
+
+ <value>
+ <string fact="cpu.info.0.features">
+ <parse format="set" separator=" "
whitespace="trim"/>
+ </string>
+ </value>
+ </fact>
+
+ <fact name="cpu.virt.possible">
+ <report message="hardware virt possible"/>
+ <filter>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <fact name="cpu.family.x86" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="cpu.virt.present">
+ <report message="hardware virt present"/>
+ <hint message="only emulated CPUs are available, performance will be
significantly limited"/>
+ <filter>
+ <fact name="cpu.virt.possible" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <any>
+ <all>
+ <fact name="cpu.vendor.amd" value="true"/>
+ <fact name="cpu.features.x86.svm" value="true"/>
+ </all>
+ <all>
+ <fact name="cpu.vendor.intel" value="true"/>
+ <fact name="cpu.features.x86.vmx" value="true"/>
+ </all>
+ <fact name="cpu.features.s390.sie" value="true"/>
+ </any>
+ </bool>
+ </value>
+ </fact>
+
+</factlist>
diff --git a/tools/host-validate/rules/devices.xml
b/tools/host-validate/rules/devices.xml
new file mode 100644
index 0000000000..8e105dc661
--- /dev/null
+++ b/tools/host-validate/rules/devices.xml
@@ -0,0 +1,54 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+
+ <fact name="os.kvm.loaded">
+ <report message="/dev/kvm loaded"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ <fact name="cpu.virt.present" value="true"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/dev/kvm" check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.kvm.accessible">
+ <report message="/dev/kvm accessible"/>
+ <hint message="Check /dev/kvm is world writable or you are in a group that is
allowed to access it"/>
+ <filter>
+ <fact name="os.kvm.loaded" value="true"/>
+ </filter>
+ <value>
+ <access path="/dev/kvm" check="writable"/>
+ </value>
+ </fact>
+
+ <fact name="os.vhostnet.present">
+ <report message="/dev/vhost-net present"/>
+ <hint message="Load the 'vhost_net' module to improve performance of
virtio networking"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ <fact name="os.kvm.loaded" value="true"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/dev/vhost-net" check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.tun.present">
+ <report message="/dev/net/tun present"/>
+ <hint message="Load the 'tun' module to enable networking for QEMU
guests"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ <fact name="os.kvm.loaded" value="true"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/dev/net/tun" check="exists"/>
+ </value>
+ </fact>
+</factlist>
diff --git a/tools/host-validate/rules/freebsd-kernel.xml
b/tools/host-validate/rules/freebsd-kernel.xml
new file mode 100644
index 0000000000..513a394266
--- /dev/null
+++ b/tools/host-validate/rules/freebsd-kernel.xml
@@ -0,0 +1,14 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+
+ <fact name="os.kmod">
+ <filter>
+ <fact name="os.kernel" value="FreeBSD"/>
+ </filter>
+ <value>
+ <command name="kldstat">
+ <parse format="set" separator="\n" skiphead="1"
regex="\s+\d+\s+\d+\s+0x[0-9a-f]+\s+[0-9a-f]+\s+(\w+)" match="1"/>
+ </command>
+ </value>
+ </fact>
+
+</factlist>
diff --git a/tools/host-validate/rules/iommu.xml b/tools/host-validate/rules/iommu.xml
new file mode 100644
index 0000000000..8d33509b53
--- /dev/null
+++ b/tools/host-validate/rules/iommu.xml
@@ -0,0 +1,93 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+ <fact name="cpu.iommu.x86.intel.present">
+ <report message="Intel device assignment IOMMU present"/>
+ <hint message="IOMMU either disabled in BIOS or not supported by this
hardware"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ <fact name="cpu.family.x86" value="true"/>
+ <fact name="cpu.vendor.intel" value="true"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="cpu.acpi.dmar" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="cpu.iommu.x86.amd.present">
+ <report message="AMD device assignment IOMMU present"/>
+ <hint message="IOMMU either disabled in BIOS or not supported by this
hardware"/>
+ <filter>
+ <all>
+ <fact name="cpu.family.x86" value="true"/>
+ <fact name="cpu.vendor.amd" value="true"/>
+ </all>
+ </filter>
+ <value>
+ <bool>
+ <fact name="cpu.acpi.ivrs" value="true"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="cpu.iommu.s390x.present">
+ <report message="s390x device assignment IOMMU present"/>
+ <hint message="IOMMU either disabled in BIOS or not supported by this
hardware"/>
+ <filter>
+ <fact name="cpu.family.s390" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.pci.devices.0" match="exists"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.iommu.groups">
+ <value>
+ <dirent path="/sys/kernel/iommu_groups"
ignoreMissing="true"/>
+ </value>
+ </fact>
+
+ <fact name="os.iommu.x86.intel.enabled">
+ <report message="Intel device assignment IOMMU enabled"/>
+ <hint message="IOMMU disabled in kernel. Pass intel_iommu=on on kernel
command line"/>
+ <filter>
+ <fact name="cpu.iommu.x86.intel.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.iommu.groups.0" match="exists"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.iommu.x86.amd.enabled">
+ <report message="AMD device assignment IOMMU enabled"/>
+ <hint message="IOMMU disabled in kernel. Pass iommu=pt iommu=1 on kernel
command line"/>
+ <filter>
+ <fact name="cpu.iommu.x86.amd.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.iommu.groups.0" match="exists"/>
+ </bool>
+ </value>
+ </fact>
+
+ <fact name="os.iommu.s390x.enabled">
+ <report message="s390x device assignment IOMMU enabled"/>
+ <hint message="IOMMU disabled in kernel"/>
+ <filter>
+ <fact name="cpu.iommu.s390x.present" value="true"/>
+ </filter>
+ <value>
+ <bool>
+ <fact name="os.iommu.groups.0" match="exists"/>
+ </bool>
+ </value>
+ </fact>
+
+</factlist>
diff --git a/tools/host-validate/rules/namespaces.xml
b/tools/host-validate/rules/namespaces.xml
new file mode 100644
index 0000000000..ea1ceb6674
--- /dev/null
+++ b/tools/host-validate/rules/namespaces.xml
@@ -0,0 +1,94 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+
+ <fact name="os.namespace.ipc">
+ <report message="ipc process namespace"/>
+ <hint message="Enable ipc namespace in Kconfig"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/proc/self/ns/ipc" check="exists"/>
+ </value>
+ </fact>
+
+
+ <fact name="os.namespace.mnt">
+ <report message="mnt process namespace"/>
+ <hint message="Enable mnt namespace in Kconfig"/>
+ <filter>
+ <all>
+ <any>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="libvirt.driver.qemu" value="true"/>
+ </any>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/proc/self/ns/mnt" check="exists"/>
+ </value>
+ </fact>
+
+
+ <fact name="os.namespace.pid">
+ <report message="pid process namespace"/>
+ <hint message="Enable pid namespace in Kconfig"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/proc/self/ns/pid" check="exists"/>
+ </value>
+ </fact>
+
+
+ <fact name="os.namespace.uts">
+ <report message="uts process namespace"/>
+ <hint message="Enable uts namespace in Kconfig"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/proc/self/ns/uts" check="exists"/>
+ </value>
+ </fact>
+
+
+ <fact name="os.namespace.net">
+ <report message="net process namespace"/>
+ <hint message="Enable net namespace in Kconfig"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/proc/self/ns/net" check="exists"/>
+ </value>
+ </fact>
+
+ <fact name="os.namespace.user">
+ <report message="user process namespace" level="warn"/>
+ <hint message="Enable user namespace in Kconfig"/>
+ <filter>
+ <all>
+ <fact name="libvirt.driver.lxc" value="true"/>
+ <fact name="os.kernel" value="Linux"/>
+ </all>
+ </filter>
+ <value>
+ <access path="/proc/self/ns/user" check="exists"/>
+ </value>
+ </fact>
+
+</factlist>
diff --git a/tools/host-validate/rules/pci.xml b/tools/host-validate/rules/pci.xml
new file mode 100644
index 0000000000..2ed2e295eb
--- /dev/null
+++ b/tools/host-validate/rules/pci.xml
@@ -0,0 +1,9 @@
+<factlist
xmlns="https://libvirt.org/xml/virt-host-validate/facts/1.0">
+
+ <fact name="os.pci.devices">
+ <value>
+ <dirent path="/sys/bus/pci/devices"
ignoreMissing="true"/>
+ </value>
+ </fact>
+
+</factlist>
diff --git a/tools/virt-host-validate-bhyve.c b/tools/virt-host-validate-bhyve.c
deleted file mode 100644
index 2f0ec1e36c..0000000000
--- a/tools/virt-host-validate-bhyve.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * virt-host-validate-bhyve.c: Sanity check a bhyve hypervisor host
- *
- * Copyright (C) 2017 Roman Bogorodskiy
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#include <config.h>
-
-#include <sys/param.h>
-#include <sys/linker.h>
-
-#include "virt-host-validate-bhyve.h"
-#include "virt-host-validate-common.h"
-
-#define MODULE_STATUS(mod, err_msg, err_code) \
- virHostMsgCheck("BHYVE", _("for %s module"), #mod); \
- if (mod ## _loaded) { \
- virHostMsgPass(); \
- } else { \
- virHostMsgFail(err_code, \
- _("%s module is not loaded, " err_msg), \
- #mod); \
- ret = -1; \
- }
-
-#define MODULE_STATUS_FAIL(mod, err_msg) \
- MODULE_STATUS(mod, err_msg, VIR_HOST_VALIDATE_FAIL)
-
-#define MODULE_STATUS_WARN(mod, err_msg) \
- MODULE_STATUS(mod, err_msg, VIR_HOST_VALIDATE_WARN)
-
-
-int virHostValidateBhyve(void)
-{
- int ret = 0;
- int fileid = 0;
- struct kld_file_stat stat;
- bool vmm_loaded = false, if_tap_loaded = false;
- bool if_bridge_loaded = false, nmdm_loaded = false;
-
- for (fileid = kldnext(0); fileid > 0; fileid = kldnext(fileid)) {
- stat.version = sizeof(struct kld_file_stat);
- if (kldstat(fileid, &stat) < 0)
- continue;
-
- if (STREQ(stat.name, "vmm.ko"))
- vmm_loaded = true;
- else if (STREQ(stat.name, "if_tap.ko"))
- if_tap_loaded = true;
- else if (STREQ(stat.name, "if_bridge.ko"))
- if_bridge_loaded = true;
- else if (STREQ(stat.name, "nmdm.ko"))
- nmdm_loaded = true;
- }
-
- MODULE_STATUS_FAIL(vmm, "will not be able to start VMs");
- MODULE_STATUS_WARN(if_tap, "networking will not work");
- MODULE_STATUS_WARN(if_bridge, "bridged networking will not work");
- MODULE_STATUS_WARN(nmdm, "nmdm console will not work");
-
- return ret;
-}
diff --git a/tools/virt-host-validate-bhyve.h b/tools/virt-host-validate-bhyve.h
deleted file mode 100644
index a5fd22c871..0000000000
--- a/tools/virt-host-validate-bhyve.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * virt-host-validate-bhyve.h: Sanity check a bhyve hypervisor host
- *
- * Copyright (C) 2017 Roman Bogorodskiy
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#pragma once
-
-int virHostValidateBhyve(void);
diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-common.c
deleted file mode 100644
index 804c0adc2d..0000000000
--- a/tools/virt-host-validate-common.c
+++ /dev/null
@@ -1,419 +0,0 @@
-/*
- * virt-host-validate-common.c: Sanity check helper APIs
- *
- * Copyright (C) 2012, 2014 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#include <config.h>
-
-#include <stdarg.h>
-#include <unistd.h>
-#include <sys/utsname.h>
-#include <sys/stat.h>
-
-#include "viralloc.h"
-#include "vircgroup.h"
-#include "virfile.h"
-#include "virt-host-validate-common.h"
-#include "virstring.h"
-#include "virarch.h"
-
-#define VIR_FROM_THIS VIR_FROM_NONE
-
-VIR_ENUM_IMPL(virHostValidateCPUFlag,
- VIR_HOST_VALIDATE_CPU_FLAG_LAST,
- "vmx",
- "svm",
- "sie");
-
-static bool quiet;
-
-void virHostMsgSetQuiet(bool quietFlag)
-{
- quiet = quietFlag;
-}
-
-void virHostMsgCheck(const char *prefix,
- const char *format,
- ...)
-{
- va_list args;
- char *msg;
-
- if (quiet)
- return;
-
- va_start(args, format);
- if (virVasprintf(&msg, format, args) < 0) {
- perror("malloc");
- abort();
- }
- va_end(args);
-
- fprintf(stdout, _("%6s: Checking %-60s: "), prefix, msg);
- VIR_FREE(msg);
-}
-
-static bool virHostMsgWantEscape(void)
-{
- static bool detectTty = true;
- static bool wantEscape;
- if (detectTty) {
- if (isatty(STDOUT_FILENO))
- wantEscape = true;
- detectTty = false;
- }
- return wantEscape;
-}
-
-void virHostMsgPass(void)
-{
- if (quiet)
- return;
-
- if (virHostMsgWantEscape())
- fprintf(stdout, "\033[32m%s\033[0m\n", _("PASS"));
- else
- fprintf(stdout, "%s\n", _("PASS"));
-}
-
-
-static const char * failMessages[] = {
- N_("FAIL"),
- N_("WARN"),
- N_("NOTE"),
-};
-
-verify(ARRAY_CARDINALITY(failMessages) == VIR_HOST_VALIDATE_LAST);
-
-static const char *failEscapeCodes[] = {
- "\033[31m",
- "\033[33m",
- "\033[34m",
-};
-
-verify(ARRAY_CARDINALITY(failEscapeCodes) == VIR_HOST_VALIDATE_LAST);
-
-void virHostMsgFail(virHostValidateLevel level,
- const char *format,
- ...)
-{
- va_list args;
- char *msg;
-
- if (quiet)
- return;
-
- va_start(args, format);
- if (virVasprintf(&msg, format, args) < 0) {
- perror("malloc");
- abort();
- }
- va_end(args);
-
- if (virHostMsgWantEscape())
- fprintf(stdout, "%s%s\033[0m (%s)\n",
- failEscapeCodes[level], _(failMessages[level]), msg);
- else
- fprintf(stdout, "%s (%s)\n",
- _(failMessages[level]), msg);
- VIR_FREE(msg);
-}
-
-
-int virHostValidateDeviceExists(const char *hvname,
- const char *dev_name,
- virHostValidateLevel level,
- const char *hint)
-{
- virHostMsgCheck(hvname, "if device %s exists", dev_name);
-
- if (access(dev_name, F_OK) < 0) {
- virHostMsgFail(level, "%s", hint);
- return -1;
- }
-
- virHostMsgPass();
- return 0;
-}
-
-
-int virHostValidateDeviceAccessible(const char *hvname,
- const char *dev_name,
- virHostValidateLevel level,
- const char *hint)
-{
- virHostMsgCheck(hvname, "if device %s is accessible", dev_name);
-
- if (access(dev_name, R_OK|W_OK) < 0) {
- virHostMsgFail(level, "%s", hint);
- return -1;
- }
-
- virHostMsgPass();
- return 0;
-}
-
-
-int virHostValidateNamespace(const char *hvname,
- const char *ns_name,
- virHostValidateLevel level,
- const char *hint)
-{
- virHostMsgCheck(hvname, "for namespace %s", ns_name);
- char nspath[100];
-
- snprintf(nspath, sizeof(nspath), "/proc/self/ns/%s", ns_name);
-
- if (access(nspath, F_OK) < 0) {
- virHostMsgFail(level, "%s", hint);
- return -1;
- }
-
- virHostMsgPass();
- return 0;
-}
-
-
-virBitmapPtr virHostValidateGetCPUFlags(void)
-{
- FILE *fp;
- virBitmapPtr flags = NULL;
-
- if (!(fp = fopen("/proc/cpuinfo", "r")))
- return NULL;
-
- if (!(flags = virBitmapNewQuiet(VIR_HOST_VALIDATE_CPU_FLAG_LAST)))
- goto cleanup;
-
- do {
- char line[1024];
- char *start;
- char **tokens;
- size_t ntokens;
- size_t i;
-
- if (!fgets(line, sizeof(line), fp))
- break;
-
- /* The line we're interested in is marked differently depending
- * on the architecture, so check possible prefixes */
- if (!STRPREFIX(line, "flags") &&
- !STRPREFIX(line, "Features") &&
- !STRPREFIX(line, "features"))
- continue;
-
- /* fgets() includes the trailing newline in the output buffer,
- * so we need to clean that up ourselves. We can safely access
- * line[strlen(line) - 1] because the checks above would cause
- * us to skip empty strings */
- line[strlen(line) - 1] = '\0';
-
- /* Skip to the separator */
- if (!(start = strchr(line, ':')))
- continue;
-
- /* Split the line using " " as a delimiter. The first token
- * will always be ":", but that's okay */
- if (!(tokens = virStringSplitCount(start, " ", 0, &ntokens)))
- continue;
-
- /* Go through all flags and check whether one of those we
- * might want to check for later on is present; if that's
- * the case, set the relevant bit in the bitmap */
- for (i = 0; i < ntokens; i++) {
- int value;
-
- if ((value = virHostValidateCPUFlagTypeFromString(tokens[i])) >= 0)
- ignore_value(virBitmapSetBit(flags, value));
- }
-
- virStringListFreeCount(tokens, ntokens);
- } while (1);
-
- cleanup:
- VIR_FORCE_FCLOSE(fp);
-
- return flags;
-}
-
-
-int virHostValidateLinuxKernel(const char *hvname,
- int version,
- virHostValidateLevel level,
- const char *hint)
-{
- struct utsname uts;
- unsigned long thisversion;
-
- uname(&uts);
-
- virHostMsgCheck(hvname, _("for Linux >= %d.%d.%d"),
- ((version >> 16) & 0xff),
- ((version >> 8) & 0xff),
- (version & 0xff));
-
- if (STRNEQ(uts.sysname, "Linux")) {
- virHostMsgFail(level, "%s", hint);
- return -1;
- }
-
- if (virParseVersionString(uts.release, &thisversion, true) < 0) {
- virHostMsgFail(level, "%s", hint);
- return -1;
- }
-
- if (thisversion < version) {
- virHostMsgFail(level, "%s", hint);
- return -1;
- } else {
- virHostMsgPass();
- return 0;
- }
-}
-
-#ifdef __linux__
-int virHostValidateCGroupControllers(const char *hvname,
- int controllers,
- virHostValidateLevel level)
-{
- virCgroupPtr group = NULL;
- int ret = 0;
- size_t i;
-
- if (virCgroupNewSelf(&group) < 0)
- return -1;
-
- for (i = 0; i < VIR_CGROUP_CONTROLLER_LAST; i++) {
- int flag = 1 << i;
- const char *cg_name = virCgroupControllerTypeToString(i);
-
- if (!(controllers & flag))
- continue;
-
- virHostMsgCheck(hvname, "for cgroup '%s' controller support",
cg_name);
-
- if (!virCgroupHasController(group, i)) {
- ret = -1;
- virHostMsgFail(level, "Enable '%s' in kernel Kconfig file or
"
- "mount/enable cgroup controller in your system",
- cg_name);
- } else {
- virHostMsgPass();
- }
- }
-
- virCgroupFree(&group);
-
- return ret;
-}
-#else /* !__linux__ */
-int virHostValidateCGroupControllers(const char *hvname ATTRIBUTE_UNUSED,
- int controllers ATTRIBUTE_UNUSED,
- virHostValidateLevel level)
-{
- virHostMsgFail(level, "%s", "This platform does not support
cgroups");
- return -1;
-}
-#endif /* !__linux__ */
-
-int virHostValidateIOMMU(const char *hvname,
- virHostValidateLevel level)
-{
- virBitmapPtr flags;
- struct stat sb;
- const char *bootarg = NULL;
- bool isAMD = false, isIntel = false;
- virArch arch = virArchFromHost();
- struct dirent *dent;
- DIR *dir;
- int rc;
-
- flags = virHostValidateGetCPUFlags();
-
- if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_VMX))
- isIntel = true;
- else if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_SVM))
- isAMD = true;
-
- virBitmapFree(flags);
-
- if (isIntel) {
- virHostMsgCheck(hvname, "%s", _("for device assignment IOMMU
support"));
- if (access("/sys/firmware/acpi/tables/DMAR", F_OK) == 0) {
- virHostMsgPass();
- bootarg = "intel_iommu=on";
- } else {
- virHostMsgFail(level,
- "No ACPI DMAR table found, IOMMU either "
- "disabled in BIOS or not supported by this "
- "hardware platform");
- return -1;
- }
- } else if (isAMD) {
- virHostMsgCheck(hvname, "%s", _("for device assignment IOMMU
support"));
- if (access("/sys/firmware/acpi/tables/IVRS", F_OK) == 0) {
- virHostMsgPass();
- bootarg = "iommu=pt iommu=1";
- } else {
- virHostMsgFail(level,
- "No ACPI IVRS table found, IOMMU either "
- "disabled in BIOS or not supported by this "
- "hardware platform");
- return -1;
- }
- } else if (ARCH_IS_PPC64(arch)) {
- /* Empty Block */
- } else if (ARCH_IS_S390(arch)) {
- /* On s390x, we skip the IOMMU check if there are no PCI
- * devices (which is quite usual on s390x). If there are
- * no PCI devices the directory is still there but is
- * empty. */
- if (!virDirOpen(&dir, "/sys/bus/pci/devices"))
- return 0;
- rc = virDirRead(dir, &dent, NULL);
- VIR_DIR_CLOSE(dir);
- if (rc <= 0)
- return 0;
- } else {
- virHostMsgFail(level,
- "Unknown if this platform has IOMMU support");
- return -1;
- }
-
-
- /* We can only check on newer kernels with iommu groups & vfio */
- if (stat("/sys/kernel/iommu_groups", &sb) < 0)
- return 0;
-
- if (!S_ISDIR(sb.st_mode))
- return 0;
-
- virHostMsgCheck(hvname, "%s", _("if IOMMU is enabled by
kernel"));
- if (sb.st_nlink <= 2) {
- if (bootarg)
- virHostMsgFail(level,
- "IOMMU appears to be disabled in kernel. "
- "Add %s to kernel cmdline arguments", bootarg);
- else
- virHostMsgFail(level, "IOMMU capability not compiled into
kernel.");
- return -1;
- }
- virHostMsgPass();
- return 0;
-}
diff --git a/tools/virt-host-validate-common.h b/tools/virt-host-validate-common.h
deleted file mode 100644
index c4e4fa2175..0000000000
--- a/tools/virt-host-validate-common.h
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * virt-host-validate-common.h: Sanity check helper APIs
- *
- * Copyright (C) 2012 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#pragma once
-
-#include "internal.h"
-#include "virutil.h"
-#include "virbitmap.h"
-#include "virenum.h"
-
-typedef enum {
- VIR_HOST_VALIDATE_FAIL,
- VIR_HOST_VALIDATE_WARN,
- VIR_HOST_VALIDATE_NOTE,
-
- VIR_HOST_VALIDATE_LAST,
-} virHostValidateLevel;
-
-typedef enum {
- VIR_HOST_VALIDATE_CPU_FLAG_VMX = 0,
- VIR_HOST_VALIDATE_CPU_FLAG_SVM,
- VIR_HOST_VALIDATE_CPU_FLAG_SIE,
-
- VIR_HOST_VALIDATE_CPU_FLAG_LAST,
-} virHostValidateCPUFlag;
-
-VIR_ENUM_DECL(virHostValidateCPUFlag);
-
-void virHostMsgSetQuiet(bool quietFlag);
-
-void virHostMsgCheck(const char *prefix,
- const char *format,
- ...) ATTRIBUTE_FMT_PRINTF(2, 3);
-
-void virHostMsgPass(void);
-void virHostMsgFail(virHostValidateLevel level,
- const char *format,
- ...) ATTRIBUTE_FMT_PRINTF(2, 3);
-
-int virHostValidateDeviceExists(const char *hvname,
- const char *dev_name,
- virHostValidateLevel level,
- const char *hint);
-
-int virHostValidateDeviceAccessible(const char *hvname,
- const char *dev_name,
- virHostValidateLevel level,
- const char *hint);
-
-virBitmapPtr virHostValidateGetCPUFlags(void);
-
-int virHostValidateLinuxKernel(const char *hvname,
- int version,
- virHostValidateLevel level,
- const char *hint);
-
-int virHostValidateNamespace(const char *hvname,
- const char *ns_name,
- virHostValidateLevel level,
- const char *hint);
-
-int virHostValidateCGroupControllers(const char *hvname,
- int controllers,
- virHostValidateLevel level);
-
-int virHostValidateIOMMU(const char *hvname,
- virHostValidateLevel level);
diff --git a/tools/virt-host-validate-lxc.c b/tools/virt-host-validate-lxc.c
deleted file mode 100644
index 8613f37cc7..0000000000
--- a/tools/virt-host-validate-lxc.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * virt-host-validate-lxc.c: Sanity check a LXC hypervisor host
- *
- * Copyright (C) 2012 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#include <config.h>
-
-#include "virt-host-validate-lxc.h"
-#include "virt-host-validate-common.h"
-#include "vircgroup.h"
-
-int virHostValidateLXC(void)
-{
- int ret = 0;
-
- if (virHostValidateLinuxKernel("LXC", (2 << 16) | (6 << 8) |
26,
- VIR_HOST_VALIDATE_FAIL,
- _("Upgrade to a kernel supporting
namespaces")) < 0)
- ret = -1;
-
- if (virHostValidateNamespace("LXC", "ipc",
- VIR_HOST_VALIDATE_FAIL,
- _("IPC namespace support is required")) <
0)
- ret = -1;
-
- if (virHostValidateNamespace("LXC", "mnt",
- VIR_HOST_VALIDATE_FAIL,
- _("Mount namespace support is required")) <
0)
- ret = -1;
-
- if (virHostValidateNamespace("LXC", "pid",
- VIR_HOST_VALIDATE_FAIL,
- _("PID namespace support is required")) <
0)
- ret = -1;
-
- if (virHostValidateNamespace("LXC", "uts",
- VIR_HOST_VALIDATE_FAIL,
- _("UTS namespace support is required")) <
0)
- ret = -1;
-
- if (virHostValidateNamespace("LXC", "net",
- VIR_HOST_VALIDATE_WARN,
- _("Network namespace support is recommended"))
< 0)
- ret = -1;
-
- if (virHostValidateNamespace("LXC", "user",
- VIR_HOST_VALIDATE_WARN,
- _("User namespace support is recommended"))
< 0)
- ret = -1;
-
- if (virHostValidateCGroupControllers("LXC",
- (1 << VIR_CGROUP_CONTROLLER_MEMORY) |
- (1 << VIR_CGROUP_CONTROLLER_CPU) |
- (1 << VIR_CGROUP_CONTROLLER_CPUACCT) |
- (1 << VIR_CGROUP_CONTROLLER_CPUSET) |
- (1 << VIR_CGROUP_CONTROLLER_DEVICES) |
- (1 << VIR_CGROUP_CONTROLLER_FREEZER) |
- (1 << VIR_CGROUP_CONTROLLER_BLKIO),
- VIR_HOST_VALIDATE_FAIL) < 0) {
- ret = -1;
- }
-
-#if WITH_FUSE
- if (virHostValidateDeviceExists("LXC",
"/sys/fs/fuse/connections",
- VIR_HOST_VALIDATE_FAIL,
- _("Load the 'fuse' module to enable
/proc/ overrides")) < 0)
- ret = -1;
-#endif
-
- return ret;
-}
diff --git a/tools/virt-host-validate-lxc.h b/tools/virt-host-validate-lxc.h
deleted file mode 100644
index fefab17552..0000000000
--- a/tools/virt-host-validate-lxc.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * virt-host-validate-lxc.h: Sanity check a LXC hypervisor host
- *
- * Copyright (C) 2012 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#pragma once
-
-int virHostValidateLXC(void);
diff --git a/tools/virt-host-validate-qemu.c b/tools/virt-host-validate-qemu.c
deleted file mode 100644
index ff3c1f0231..0000000000
--- a/tools/virt-host-validate-qemu.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * virt-host-validate-qemu.c: Sanity check a QEMU hypervisor host
- *
- * Copyright (C) 2012 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#include <config.h>
-#include <unistd.h>
-
-#include "virt-host-validate-qemu.h"
-#include "virt-host-validate-common.h"
-#include "virarch.h"
-#include "virbitmap.h"
-#include "vircgroup.h"
-
-int virHostValidateQEMU(void)
-{
- virBitmapPtr flags;
- int ret = 0;
- bool hasHwVirt = false;
- bool hasVirtFlag = false;
- virArch arch = virArchFromHost();
- const char *kvmhint = _("Check that CPU and firmware supports virtualization
"
- "and kvm module is loaded");
-
- if (!(flags = virHostValidateGetCPUFlags()))
- return -1;
-
- switch ((int)arch) {
- case VIR_ARCH_I686:
- case VIR_ARCH_X86_64:
- hasVirtFlag = true;
- kvmhint = _("Check that the 'kvm-intel' or 'kvm-amd' modules
are "
- "loaded & the BIOS has enabled virtualization");
- if (virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_SVM) ||
- virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_VMX))
- hasHwVirt = true;
- break;
- case VIR_ARCH_S390:
- case VIR_ARCH_S390X:
- hasVirtFlag = true;
- if (virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_SIE))
- hasHwVirt = true;
- break;
- default:
- hasHwVirt = false;
- }
-
- if (hasVirtFlag) {
- virHostMsgCheck("QEMU", "%s", _("for hardware
virtualization"));
- if (hasHwVirt) {
- virHostMsgPass();
- } else {
- virHostMsgFail(VIR_HOST_VALIDATE_FAIL,
- _("Only emulated CPUs are available, performance will be
significantly limited"));
- ret = -1;
- }
- }
-
- if (hasHwVirt || !hasVirtFlag) {
- if (virHostValidateDeviceExists("QEMU", "/dev/kvm",
- VIR_HOST_VALIDATE_FAIL,
- kvmhint) <0)
- ret = -1;
- else if (virHostValidateDeviceAccessible("QEMU", "/dev/kvm",
- VIR_HOST_VALIDATE_FAIL,
- _("Check /dev/kvm is world writable
or you are in "
- "a group that is allowed to
access it")) < 0)
- ret = -1;
- }
-
- virBitmapFree(flags);
-
- if (virHostValidateDeviceExists("QEMU", "/dev/vhost-net",
- VIR_HOST_VALIDATE_WARN,
- _("Load the 'vhost_net' module to
improve performance "
- "of virtio networking")) < 0)
- ret = -1;
-
- if (virHostValidateDeviceExists("QEMU", "/dev/net/tun",
- VIR_HOST_VALIDATE_FAIL,
- _("Load the 'tun' module to enable
networking for QEMU guests")) < 0)
- ret = -1;
-
- if (virHostValidateCGroupControllers("QEMU",
- (1 << VIR_CGROUP_CONTROLLER_MEMORY) |
- (1 << VIR_CGROUP_CONTROLLER_CPU) |
- (1 << VIR_CGROUP_CONTROLLER_CPUACCT) |
- (1 << VIR_CGROUP_CONTROLLER_CPUSET) |
- (1 << VIR_CGROUP_CONTROLLER_DEVICES) |
- (1 << VIR_CGROUP_CONTROLLER_BLKIO),
- VIR_HOST_VALIDATE_WARN) < 0) {
- ret = -1;
- }
-
- if (virHostValidateIOMMU("QEMU",
- VIR_HOST_VALIDATE_WARN) < 0)
- ret = -1;
-
- return ret;
-}
diff --git a/tools/virt-host-validate-qemu.h b/tools/virt-host-validate-qemu.h
deleted file mode 100644
index ddb86aa52c..0000000000
--- a/tools/virt-host-validate-qemu.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * virt-host-validate-qemu.h: Sanity check a QEMU hypervisor host
- *
- * Copyright (C) 2012 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#pragma once
-
-int virHostValidateQEMU(void);
diff --git a/tools/virt-host-validate.c b/tools/virt-host-validate.c
deleted file mode 100644
index e797e63475..0000000000
--- a/tools/virt-host-validate.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/*
- * virt-host-validate.c: Sanity check a hypervisor host
- *
- * Copyright (C) 2012 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library. If not, see
- * <
http://www.gnu.org/licenses/>.
- *
- */
-
-#include <config.h>
-
-#ifdef HAVE_LIBINTL_H
-# include <libintl.h>
-#endif /* HAVE_LIBINTL_H */
-#include <getopt.h>
-
-#include "internal.h"
-#include "virgettext.h"
-
-#include "virt-host-validate-common.h"
-#if WITH_QEMU
-# include "virt-host-validate-qemu.h"
-#endif
-#if WITH_LXC
-# include "virt-host-validate-lxc.h"
-#endif
-#if WITH_BHYVE
-# include "virt-host-validate-bhyve.h"
-#endif
-
-static void
-show_help(FILE *out, const char *argv0)
-{
- fprintf(out,
- _("\n"
- "syntax: %s [OPTIONS] [HVTYPE]\n"
- "\n"
- " Hypervisor types:\n"
- "\n"
- " - qemu\n"
- " - lxc\n"
- " - bhyve\n"
- "\n"
- " Options:\n"
- " -h, --help Display command line help\n"
- " -v, --version Display command version\n"
- " -q, --quiet Don't display progress information\n"
- "\n"),
- argv0);
-}
-
-static void
-show_version(FILE *out, const char *argv0)
-{
- fprintf(out, "version: %s %s\n", argv0, VERSION);
-}
-
-static const struct option argOptions[] = {
- { "help", 0, NULL, 'h', },
- { "version", 0, NULL, 'v', },
- { "quiet", 0, NULL, 'q', },
- { NULL, 0, NULL, '\0', }
-};
-
-int
-main(int argc, char **argv)
-{
- const char *hvname = NULL;
- int c;
- int ret = EXIT_SUCCESS;
- bool quiet = false;
- bool usedHvname = false;
-
- if (virGettextInitialize() < 0)
- return EXIT_FAILURE;
-
- while ((c = getopt_long(argc, argv, "hvq", argOptions, NULL)) != -1) {
- switch (c) {
- case 'v':
- show_version(stdout, argv[0]);
- return EXIT_SUCCESS;
-
- case 'h':
- show_help(stdout, argv[0]);
- return EXIT_SUCCESS;
-
- case 'q':
- quiet = true;
- break;
-
- case '?':
- default:
- show_help(stderr, argv[0]);
- return EXIT_FAILURE;
- }
- }
-
- if ((argc-optind) > 2) {
- fprintf(stderr, _("%s: too many command line arguments\n"), argv[0]);
- show_help(stderr, argv[0]);
- return EXIT_FAILURE;
- }
-
- if (argc > 1)
- hvname = argv[optind];
-
- virHostMsgSetQuiet(quiet);
-
-#if WITH_QEMU
- if (!hvname || STREQ(hvname, "qemu")) {
- usedHvname = true;
- if (virHostValidateQEMU() < 0)
- ret = EXIT_FAILURE;
- }
-#endif
-
-#if WITH_LXC
- if (!hvname || STREQ(hvname, "lxc")) {
- usedHvname = true;
- if (virHostValidateLXC() < 0)
- ret = EXIT_FAILURE;
- }
-#endif
-
-#if WITH_BHYVE
- if (!hvname || STREQ(hvname, "bhyve")) {
- usedHvname = true;
- if (virHostValidateBhyve() < 0)
- ret = EXIT_FAILURE;
- }
-#endif
-
- if (hvname && !usedHvname) {
- fprintf(stderr, _("%s: unsupported hypervisor name %s\n"),
- argv[0], hvname);
- return EXIT_FAILURE;
- }
-
- return ret;
-}
diff --git a/tools/virt-host-validate.pod b/tools/virt-host-validate.pod
index 121bb7ed7a..df10530916 100644
--- a/tools/virt-host-validate.pod
+++ b/tools/virt-host-validate.pod
@@ -19,9 +19,13 @@ to those relevant for that virtualization technology
=over 4
-=item C<-v>, C<--version>
+=item C<-f>, C<--facts>
-Display the command version
+Display all the key, value pairs set for facts
+
+=item C<-r>, C<--rules-dir>
+
+Override the default location of the XML rule files
=item C<-h>, C<--help>
@@ -52,11 +56,11 @@ Alternatively report bugs to your software distributor / vendor.
=head1 COPYRIGHT
-Copyright (C) 2012 by Red Hat, Inc.
+Copyright (C) 2019 by Red Hat, Inc.
=head1 LICENSE
-virt-host-validate is distributed under the terms of the GNU GPL v2+.
+virt-host-validate is distributed under the terms of the GNU LGPL v2.1+.
This is free software; see the source for copying conditions. There
is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE
--
2.21.0