[libvirt] [PATCH v2 0/3] misc fixes for qemu domain validation/post-parse
Daniel P. Berrangé (3): tests: add a domain ID to live status XML doc qemu: check os type / virt type / arch in validate callback qemu: honour parseOpaque instead of refetching caps src/qemu/qemu_domain.c | 54 ++++++++++--------- .../qemustatusxml2xmldata/vcpus-multi-in.xml | 2 +- tests/qemuxml2argvtest.c | 9 ++-- 3 files changed, 35 insertions(+), 30 deletions(-) -- 2.23.0
The status XML represents a running VM, so we should always have an ID present for the domain. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- tests/qemustatusxml2xmldata/vcpus-multi-in.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/qemustatusxml2xmldata/vcpus-multi-in.xml b/tests/qemustatusxml2xmldata/vcpus-multi-in.xml index 11ec74ecf8..be48c55fe0 100644 --- a/tests/qemustatusxml2xmldata/vcpus-multi-in.xml +++ b/tests/qemustatusxml2xmldata/vcpus-multi-in.xml @@ -310,7 +310,7 @@ <allowReboot value='yes'/> <blockjobs active='no'/> <agentTimeout>-2</agentTimeout> - <domain type='kvm'> + <domain type='kvm' id='1729'> <name>QEMUGuest1</name> <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> <memory unit='KiB'>219100</memory> -- 2.23.0
Don't check os type / virt type / arch in the post-parse callback because we can't assume qemuCaps is non-NULL at this point. It also conceptually belongs to the validation callback. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/qemu/qemu_domain.c | 42 ++++++++++++++++++++-------------------- tests/qemuxml2argvtest.c | 9 ++++++--- 2 files changed, 27 insertions(+), 24 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 27926c7670..3e1bd52d9f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4865,27 +4865,6 @@ qemuDomainDefPostParse(virDomainDefPtr def, return 1; } - if (def->os.type != VIR_DOMAIN_OSTYPE_HVM) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("Emulator '%s' does not support os type '%s'"), - def->emulator, virDomainOSTypeToString(def->os.type)); - return -1; - } - - if (!virQEMUCapsIsArchSupported(qemuCaps, def->os.arch)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("Emulator '%s' does not support arch '%s'"), - def->emulator, virArchToString(def->os.arch)); - return -1; - } - - if (!virQEMUCapsIsVirtTypeSupported(qemuCaps, def->virtType)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("Emulator '%s' does not support virt type '%s'"), - def->emulator, virDomainVirtTypeToString(def->virtType)); - return -1; - } - if (def->os.bootloader || def->os.bootloaderArgs) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("bootloader is not supported by QEMU")); @@ -5142,6 +5121,27 @@ qemuDomainDefValidate(const virDomainDef *def, def->emulator))) goto cleanup; + if (def->os.type != VIR_DOMAIN_OSTYPE_HVM) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Emulator '%s' does not support os type '%s'"), + def->emulator, virDomainOSTypeToString(def->os.type)); + goto cleanup; + } + + if (!virQEMUCapsIsArchSupported(qemuCaps, def->os.arch)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Emulator '%s' does not support arch '%s'"), + def->emulator, virArchToString(def->os.arch)); + goto cleanup; + } + + if (!virQEMUCapsIsVirtTypeSupported(qemuCaps, def->virtType)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Emulator '%s' does not support virt type '%s'"), + def->emulator, virDomainVirtTypeToString(def->virtType)); + goto cleanup; + } + if (def->mem.min_guarantee) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("Parameter 'min_guarantee' not supported by QEMU.")); diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index ba4a92ec0a..8655db609e 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -2852,10 +2852,13 @@ mymain(void) QEMU_CAPS_NEC_USB_XHCI); /* VM XML has invalid arch/ostype/virttype combo, but the SKIP flag - * will avoid the error. Still, we expect qemu driver to complain about - * missing machine error, and not crash */ + * will avoid the error during parse. This will cause us to fill in + * the missing machine type using the i386 binary, despite it being + * the wrong binary for the arch. We expect to get a failure about + * bad arch later when creating the pretend command. + */ DO_TEST_FULL("missing-machine", - ARG_FLAGS, FLAG_EXPECT_PARSE_ERROR | FLAG_EXPECT_FAILURE, + ARG_FLAGS, FLAG_EXPECT_FAILURE, ARG_PARSEFLAGS, VIR_DOMAIN_DEF_PARSE_SKIP_VALIDATE, ARG_QEMU_CAPS, NONE); -- 2.23.0
On 12/11/19 4:58 PM, Daniel P. Berrangé wrote:
Don't check os type / virt type / arch in the post-parse callback because we can't assume qemuCaps is non-NULL at this point. It also conceptually belongs to the validation callback.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/qemu/qemu_domain.c | 42 ++++++++++++++++++++-------------------- tests/qemuxml2argvtest.c | 9 ++++++--- 2 files changed, 27 insertions(+), 24 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 27926c7670..3e1bd52d9f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4865,27 +4865,6 @@ qemuDomainDefPostParse(virDomainDefPtr def, return 1; }
- if (def->os.type != VIR_DOMAIN_OSTYPE_HVM) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("Emulator '%s' does not support os type '%s'"), - def->emulator, virDomainOSTypeToString(def->os.type)); - return -1; - } - - if (!virQEMUCapsIsArchSupported(qemuCaps, def->os.arch)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("Emulator '%s' does not support arch '%s'"), - def->emulator, virArchToString(def->os.arch)); - return -1; - } - - if (!virQEMUCapsIsVirtTypeSupported(qemuCaps, def->virtType)) { - virReportError(VIR_ERR_CONFIG_UNSUPPORTED, - _("Emulator '%s' does not support virt type '%s'"), - def->emulator, virDomainVirtTypeToString(def->virtType)); - return -1; - } - if (def->os.bootloader || def->os.bootloaderArgs) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("bootloader is not supported by QEMU"));
One can argue that this check belongs to Validate() too.
@@ -5142,6 +5121,27 @@ qemuDomainDefValidate(const virDomainDef *def, def->emulator))) goto cleanup;
+ if (def->os.type != VIR_DOMAIN_OSTYPE_HVM) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Emulator '%s' does not support os type '%s'"), + def->emulator, virDomainOSTypeToString(def->os.type)); + goto cleanup; + } + + if (!virQEMUCapsIsArchSupported(qemuCaps, def->os.arch)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Emulator '%s' does not support arch '%s'"), + def->emulator, virArchToString(def->os.arch)); + goto cleanup; + } + + if (!virQEMUCapsIsVirtTypeSupported(qemuCaps, def->virtType)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Emulator '%s' does not support virt type '%s'"), + def->emulator, virDomainVirtTypeToString(def->virtType)); + goto cleanup; + } + if (def->mem.min_guarantee) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("Parameter 'min_guarantee' not supported by QEMU."));
Michal
The use of the parseOpaque parameter was mistakenly removed in commit 4a4132b4625778cf80acb9c92d06351b44468ac3 Author: Daniel P. Berrangé <berrange@redhat.com> Date: Tue Dec 3 10:49:49 2019 +0000 conf: don't use passed in caps in post parse method causing the method to re-fetch qemuCaps that were already just fetched and put into parseOpaque. This is inefficient when parsing incoming XML, but for live XML this is more serious as it means we use the capabilities for the current QEMU binary on disk, rather than the running QEMU. That commit, however, did have a useful side effect of fixing a crasher bug in the qemu post parse callback introduced by commit 5e939cea896fb3373a6f68f86e325c657429ed3d Author: Jiri Denemark <jdenemar@redhat.com> Date: Thu Sep 26 18:42:02 2019 +0200 qemu: Store default CPU in domain XML The qemuDomainDefSetDefaultCPU() method in that patch did not allow for the possibility that qemuCaps would be NULL and thus resulted in a SEGV. This shows a risk in letting each check in the post parse callback look for qemuCaps == NULL. The safer option is to check once upfront and immediately stop (postpone) further validation. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/qemu/qemu_domain.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 3e1bd52d9f..cf2e9aebd2 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -4854,16 +4854,18 @@ static int qemuDomainDefPostParse(virDomainDefPtr def, unsigned int parseFlags, void *opaque, - void *parseOpaque G_GNUC_UNUSED) + void *parseOpaque) { virQEMUDriverPtr driver = opaque; g_autoptr(virQEMUDriverConfig) cfg = virQEMUDriverGetConfig(driver); - g_autoptr(virQEMUCaps) qemuCaps = NULL; + virQEMUCapsPtr qemuCaps = parseOpaque; - if (!(qemuCaps = virQEMUCapsCacheLookup(driver->qemuCapsCache, - def->emulator))) { + /* Note that qemuCaps may be NULL when this function is called. This + * function shall not fail in that case. It will be re-run on VM startup + * with the capabilities populated. + */ + if (!qemuCaps) return 1; - } if (def->os.bootloader || def->os.bootloaderArgs) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", -- 2.23.0
On 12/11/19 4:58 PM, Daniel P. Berrangé wrote:
Daniel P. Berrangé (3): tests: add a domain ID to live status XML doc qemu: check os type / virt type / arch in validate callback qemu: honour parseOpaque instead of refetching caps
src/qemu/qemu_domain.c | 54 ++++++++++--------- .../qemustatusxml2xmldata/vcpus-multi-in.xml | 2 +- tests/qemuxml2argvtest.c | 9 ++-- 3 files changed, 35 insertions(+), 30 deletions(-)
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> Michal
participants (2)
-
Daniel P. Berrangé -
Michal Privoznik