5:53 a.m.
These are RFC patches. I'd like to start a discussion on the following
problem:
A mgmt application has info tied to an <interface/> (stored elsewhere,
not important right now). And they use basically the only piece of
information that's visible in both host and guest: MAC address. No, user
aliases are not visible in the guest. Therefore, when they query the
guest-agent (e.g. via 'virsh domifaddr --source agent') they can
reconstruct their knowledge on NICs.
But there's a catch - if user decides to change MAC address form inside
of the VM. Then the only link between host and guest is broken.
Now, we could make the guest-agent report both current and permanent MAC
address. But unfortunately, libvirt's virDomainInterfaceAddresses() is
not prepared for that.
Now, I don't recall why we decided to not update MAC address in the live
XML on change, but maybe somebody else does. Or we can pass the event
from QEMU to the mgmt application so that it can update its state.
Michal Prívozník (3):
qemu: Reflect MAC address change in live domain XML
Introduce NIC_MAC_CHANGE event
qemu: Emit NIC_MAC_CHANGE event
examples/c/misc/event-test.c | 14 +++++
include/libvirt/libvirt-domain.h | 28 +++++++++
src/conf/domain_event.c | 93 +++++++++++++++++++++++++++++
src/conf/domain_event.h | 12 ++++
src/libvirt_private.syms | 2 +
src/qemu/qemu_domain.c | 34 ++++++++++-
src/qemu/qemu_domain.h | 3 +-
src/qemu/qemu_driver.c | 11 ++--
src/qemu/qemu_process.c | 2 +-
src/remote/remote_daemon_dispatch.c | 32 ++++++++++
src/remote/remote_driver.c | 34 +++++++++++
src/remote/remote_protocol.x | 17 +++++-
tools/virsh-domain-event.c | 20 +++++++
13 files changed, 294 insertions(+), 8 deletions(-)
--
2.39.3
5:53 a.m.
New subject: [PATCH 1/3] qemu: Reflect MAC address change in live domain XML
If a guest changes MAC address on its vNIC, then QEMU emits
NIC_RX_FILTER_CHANGED event (the event is emitted in other cases
too, but that's not important right now). Now, domain XML allows
users to chose whether to trust these events or not:
<interface trustGuestRxFilters='yes|no'/>
For the 'no' case no action is performed and the event is
ignored. But for the 'yes' case, some host side features of
corresponding vNIC (well tap/macvtap device) are tweaked to
reflect changed MAC address. But what is missing is reflecting
this new MAC address in domain XML.
Basically, what happens is: the host sees traffic with new MAC
address, all tools inside the guest see the new MAC address
(including 'virsh domifaddr --source agent') which makes it
harder to match device in the guest with the one in the domain
XML.
NB, we should relay this event to clients, but that is covered in
next commits.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_domain.c | 18 ++++++++++++++++++
src/qemu/qemu_driver.c | 2 +-
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 94587638c3..5e5789a28c 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -12482,6 +12482,19 @@ syncNicRxFilterMulticast(char *ifname,
}
+/**
+ * qemuDomainSyncRxFilter:
+ * @vm: domain object
+ * @def: domain interface definition
+ * @asyncJob: async job type
+ *
+ * Fetch new state of RX Filter and set host side of the interface
+ * accordingly (e.g. reflect MAC address change on macvtap).
+ *
+ * Reflect changed MAC address in the domain definition.
+ *
+ * Returns: 0 on success, -1 on error.
+ */
int
qemuDomainSyncRxFilter(virDomainObj *vm,
virDomainNetDef *def,
@@ -12535,6 +12548,11 @@ qemuDomainSyncRxFilter(virDomainObj *vm,
return -1;
}
+ /* Reflect changed MAC address in the domain XML. */
+ if (virMacAddrCmp(&def->mac, &guestFilter->mac)) {
+ virMacAddrSet(&def->mac, &guestFilter->mac);
+ }
+
return 0;
}
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index f20544590d..ccf653d201 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -3712,7 +3712,7 @@ processNicRxFilterChangedEvent(virDomainObj *vm,
"from domain %p %s",
devAlias, vm, vm->def->name);
- if (virDomainObjBeginJob(vm, VIR_JOB_QUERY) < 0)
+ if (virDomainObjBeginJob(vm, VIR_JOB_MODIFY) < 0)
return;
if (!virDomainObjIsActive(vm)) {
--
2.39.3
9:45 a.m.
New subject: [PATCH 1/3] qemu: Reflect MAC address change in live domain XML
On Wed, Jun 28, 2023 at 12:53:35PM +0200, Michal Privoznik wrote:
If a guest changes MAC address on its vNIC, then QEMU emits
NIC_RX_FILTER_CHANGED event (the event is emitted in other cases
too, but that's not important right now). Now, domain XML allows
users to chose whether to trust these events or not:
<interface trustGuestRxFilters='yes|no'/>
For the 'no' case no action is performed and the event is
ignored. But for the 'yes' case, some host side features of
corresponding vNIC (well tap/macvtap device) are tweaked to
reflect changed MAC address. But what is missing is reflecting
this new MAC address in domain XML.
Basically, what happens is: the host sees traffic with new MAC
address, all tools inside the guest see the new MAC address
(including 'virsh domifaddr --source agent') which makes it
harder to match device in the guest with the one in the domain
XML.
NB, we should relay this event to clients, but that is covered in
next commits.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_domain.c | 18 ++++++++++++++++++
src/qemu/qemu_driver.c | 2 +-
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 94587638c3..5e5789a28c 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -12482,6 +12482,19 @@ syncNicRxFilterMulticast(char *ifname,
}
+/**
+ * qemuDomainSyncRxFilter:
+ * @vm: domain object
+ * @def: domain interface definition
+ * @asyncJob: async job type
+ *
+ * Fetch new state of RX Filter and set host side of the interface
+ * accordingly (e.g. reflect MAC address change on macvtap).
+ *
+ * Reflect changed MAC address in the domain definition.
+ *
+ * Returns: 0 on success, -1 on error.
+ */
int
qemuDomainSyncRxFilter(virDomainObj *vm,
virDomainNetDef *def,
@@ -12535,6 +12548,11 @@ qemuDomainSyncRxFilter(virDomainObj *vm,
return -1;
}
+ /* Reflect changed MAC address in the domain XML. */
+ if (virMacAddrCmp(&def->mac, &guestFilter->mac)) {
+ virMacAddrSet(&def->mac, &guestFilter->mac);
+ }
+
If we go with the idea I suggested this needs to be done even when we're
not updating the filters.
return 0;
}
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index f20544590d..ccf653d201 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -3712,7 +3712,7 @@ processNicRxFilterChangedEvent(virDomainObj *vm,
"from domain %p %s",
devAlias, vm, vm->def->name);
- if (virDomainObjBeginJob(vm, VIR_JOB_QUERY) < 0)
+ if (virDomainObjBeginJob(vm, VIR_JOB_MODIFY) < 0)
return;
if (!virDomainObjIsActive(vm)) {
--
2.39.3
2:15 a.m.
New subject: [PATCH 1/3] qemu: Reflect MAC address change in live domain XML
On 7/26/23 16:45, Martin Kletzander wrote:
On Wed, Jun 28, 2023 at 12:53:35PM +0200, Michal Privoznik wrote:
> If a guest changes MAC address on its vNIC, then QEMU emits
> NIC_RX_FILTER_CHANGED event (the event is emitted in other cases
> too, but that's not important right now). Now, domain XML allows
> users to chose whether to trust these events or not:
>
> <interface trustGuestRxFilters='yes|no'/>
>
> For the 'no' case no action is performed and the event is
> ignored. But for the 'yes' case, some host side features of
> corresponding vNIC (well tap/macvtap device) are tweaked to
> reflect changed MAC address. But what is missing is reflecting
> this new MAC address in domain XML.
>
> Basically, what happens is: the host sees traffic with new MAC
> address, all tools inside the guest see the new MAC address
> (including 'virsh domifaddr --source agent') which makes it
> harder to match device in the guest with the one in the domain
> XML.
>
> NB, we should relay this event to clients, but that is covered in
> next commits.
>
> Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
> ---
> src/qemu/qemu_domain.c | 18 ++++++++++++++++++
> src/qemu/qemu_driver.c | 2 +-
> 2 files changed, 19 insertions(+), 1 deletion(-)
>
> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
> index 94587638c3..5e5789a28c 100644
> --- a/src/qemu/qemu_domain.c
> +++ b/src/qemu/qemu_domain.c
> @@ -12482,6 +12482,19 @@ syncNicRxFilterMulticast(char *ifname,
> }
>
>
> +/**
> + * qemuDomainSyncRxFilter:
> + * @vm: domain object
> + * @def: domain interface definition
> + * @asyncJob: async job type
> + *
> + * Fetch new state of RX Filter and set host side of the interface
> + * accordingly (e.g. reflect MAC address change on macvtap).
> + *
> + * Reflect changed MAC address in the domain definition.
> + *
> + * Returns: 0 on success, -1 on error.
> + */
> int
> qemuDomainSyncRxFilter(virDomainObj *vm,
> virDomainNetDef *def,
> @@ -12535,6 +12548,11 @@ qemuDomainSyncRxFilter(virDomainObj *vm,
> return -1;
> }
>
> + /* Reflect changed MAC address in the domain XML. */
> + if (virMacAddrCmp(&def->mac, &guestFilter->mac)) {
> + virMacAddrSet(&def->mac, &guestFilter->mac);
> + }
> +
If we go with the idea I suggested this needs to be done even when we're
not updating the filters.
You mean, even when this qemuDomainSyncRxFilter() function is not
called, i.e. update MAC addr from processNicRxFilterChangedEvent()?
We could do that, but this RX_FILTER_CHANGED event is a bit special. To
avoid flooding libvirt with this event, there's a antispam mechanism
implemented - after QEMU emits the event it awaits 'query-rx-filter'
monitor cmd. No other RX_FILTER_CHANGED event is emitted until the
monitor cmd is issued.
IOW, if we want to refresh MAC address on each event, we must
(unconditionally) issue the command and then (based on
trustGuestRxFilters) sync RX filters.
What I can't decide is whether it's better to reflect MAC change in
domain XML iff trustGuestRxFilters is set, or regardless.
Michal
3:57 a.m.
New subject: [PATCH 1/3] qemu: Reflect MAC address change in live domain XML
On Wed, Aug 02, 2023 at 09:15:43AM +0200, Michal Prívozník wrote:
On 7/26/23 16:45, Martin Kletzander wrote:
> On Wed, Jun 28, 2023 at 12:53:35PM +0200, Michal Privoznik wrote:
>> If a guest changes MAC address on its vNIC, then QEMU emits
>> NIC_RX_FILTER_CHANGED event (the event is emitted in other cases
>> too, but that's not important right now). Now, domain XML allows
>> users to chose whether to trust these events or not:
>>
>> <interface trustGuestRxFilters='yes|no'/>
>>
>> For the 'no' case no action is performed and the event is
>> ignored. But for the 'yes' case, some host side features of
>> corresponding vNIC (well tap/macvtap device) are tweaked to
>> reflect changed MAC address. But what is missing is reflecting
>> this new MAC address in domain XML.
>>
>> Basically, what happens is: the host sees traffic with new MAC
>> address, all tools inside the guest see the new MAC address
>> (including 'virsh domifaddr --source agent') which makes it
>> harder to match device in the guest with the one in the domain
>> XML.
>>
>> NB, we should relay this event to clients, but that is covered in
>> next commits.
>>
>> Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
>> ---
>> src/qemu/qemu_domain.c | 18 ++++++++++++++++++
>> src/qemu/qemu_driver.c | 2 +-
>> 2 files changed, 19 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
>> index 94587638c3..5e5789a28c 100644
>> --- a/src/qemu/qemu_domain.c
>> +++ b/src/qemu/qemu_domain.c
>> @@ -12482,6 +12482,19 @@ syncNicRxFilterMulticast(char *ifname,
>> }
>>
>>
>> +/**
>> + * qemuDomainSyncRxFilter:
>> + * @vm: domain object
>> + * @def: domain interface definition
>> + * @asyncJob: async job type
>> + *
>> + * Fetch new state of RX Filter and set host side of the interface
>> + * accordingly (e.g. reflect MAC address change on macvtap).
>> + *
>> + * Reflect changed MAC address in the domain definition.
>> + *
>> + * Returns: 0 on success, -1 on error.
>> + */
>> int
>> qemuDomainSyncRxFilter(virDomainObj *vm,
>> virDomainNetDef *def,
>> @@ -12535,6 +12548,11 @@ qemuDomainSyncRxFilter(virDomainObj *vm,
>> return -1;
>> }
>>
>> + /* Reflect changed MAC address in the domain XML. */
>> + if (virMacAddrCmp(&def->mac, &guestFilter->mac)) {
>> + virMacAddrSet(&def->mac, &guestFilter->mac);
>> + }
>> +
>
> If we go with the idea I suggested this needs to be done even when we're
> not updating the filters.
You mean, even when this qemuDomainSyncRxFilter() function is not
called, i.e. update MAC addr from processNicRxFilterChangedEvent()?
We could do that, but this RX_FILTER_CHANGED event is a bit special. To
avoid flooding libvirt with this event, there's a antispam mechanism
implemented - after QEMU emits the event it awaits 'query-rx-filter'
monitor cmd. No other RX_FILTER_CHANGED event is emitted until the
monitor cmd is issued.
IOW, if we want to refresh MAC address on each event, we must
(unconditionally) issue the command and then (based on
trustGuestRxFilters) sync RX filters.
What I can't decide is whether it's better to reflect MAC change in
domain XML iff trustGuestRxFilters is set, or regardless.
I meant this if we go with the idea of reporting both the HW MAC address
and the guest's set MAC address in the live XML. That way we do not
break existing use cases where they rely on the MAC address not changing
and on top of that we allow for checking what the guest's MAC really
is. I think this is a win-win, but feel free to disagree.
Michal
5:53 a.m.
New subject: [PATCH 2/3] Introduce NIC_MAC_CHANGE event
The aim off this event is to notify management application that
guest changed MAC address on one of its vNICs so the app can
update its internal records, e.g. for finding match between
guest/host view of vNICs.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
examples/c/misc/event-test.c | 14 +++++
include/libvirt/libvirt-domain.h | 28 +++++++++
src/conf/domain_event.c | 93 +++++++++++++++++++++++++++++
src/conf/domain_event.h | 12 ++++
src/libvirt_private.syms | 2 +
src/remote/remote_daemon_dispatch.c | 32 ++++++++++
src/remote/remote_driver.c | 34 +++++++++++
src/remote/remote_protocol.x | 17 +++++-
tools/virsh-domain-event.c | 20 +++++++
9 files changed, 251 insertions(+), 1 deletion(-)
diff --git a/examples/c/misc/event-test.c b/examples/c/misc/event-test.c
index 64652b0153..1d6c47474d 100644
--- a/examples/c/misc/event-test.c
+++ b/examples/c/misc/event-test.c
@@ -1065,6 +1065,19 @@ myDomainEventMetadataChangeCallback(virConnectPtr conn
G_GNUC_UNUSED,
}
+static int
+myDomainEventNICMACChangeCallback(virConnectPtr conn G_GNUC_UNUSED,
+ virDomainPtr dom,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC,
+ void *opaque G_GNUC_UNUSED)
+{
+ printf("%s EVENT: Domain %s(%d) NIC MAC changed: alias: '%s' oldMAC:
'%s' newMAC: '%s'\n",
+ __func__, virDomainGetName(dom), virDomainGetID(dom), alias, oldMAC, newMAC);
+ return 0;
+}
+
static void
myFreeFunc(void *opaque)
@@ -1123,6 +1136,7 @@ struct domainEventData domainEvents[] = {
DOMAIN_EVENT(VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD,
myDomainEventBlockThresholdCallback),
DOMAIN_EVENT(VIR_DOMAIN_EVENT_ID_MEMORY_FAILURE,
myDomainEventMemoryFailureCallback),
DOMAIN_EVENT(VIR_DOMAIN_EVENT_ID_MEMORY_DEVICE_SIZE_CHANGE,
myDomainEventMemoryDeviceSizeChangeCallback),
+ DOMAIN_EVENT(VIR_DOMAIN_EVENT_ID_NIC_MAC_CHANGE, myDomainEventNICMACChangeCallback),
};
struct storagePoolEventData {
diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-domain.h
index a1902546bb..d39f2d2395 100644
--- a/include/libvirt/libvirt-domain.h
+++ b/include/libvirt/libvirt-domain.h
@@ -5756,6 +5756,33 @@ typedef void
(*virConnectDomainEventMemoryDeviceSizeChangeCallback)(virConnectPt
void *opaque);
+/**
+ * virConnectDomainEventNICMACChangeCallback:
+ * @conn: connection object
+ * @dom: domain on which the event occurred
+ * @alias: network interface device alias
+ * @oldMAC: the old value of network interface MAC address
+ * @newMAC: the new value of network interface MAC address
+ * @opaque: application specified data
+ *
+ * The callback occurs when the guest changes MAC address on one of
+ * its virtual network interfaces, for QEMU domains this is emitted
+ * only for vNICs of model virtio. The event is not emitted for
+ * other types (e.g. PCI device passthrough).
+ *
+ * The callback signature to use when registering for an event of
+ * type VIR_DOMAIN_EVENT_ID_NIC_MAC_CHANGE with
+ * virConnectDomainEventRegisterAny().
+ *
+ * Since: 9.6.0
+ */
+typedef void (*virConnectDomainEventNICMACChangeCallback)(virConnectPtr conn,
+ virDomainPtr dom,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC,
+ void *opaque);
+
/**
* VIR_DOMAIN_EVENT_CALLBACK:
*
@@ -5804,6 +5831,7 @@ typedef enum {
VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD = 24, /*
virConnectDomainEventBlockThresholdCallback (Since: 3.2.0) */
VIR_DOMAIN_EVENT_ID_MEMORY_FAILURE = 25, /*
virConnectDomainEventMemoryFailureCallback (Since: 6.9.0) */
VIR_DOMAIN_EVENT_ID_MEMORY_DEVICE_SIZE_CHANGE = 26, /*
virConnectDomainEventMemoryDeviceSizeChangeCallback (Since: 7.9.0) */
+ VIR_DOMAIN_EVENT_ID_NIC_MAC_CHANGE = 27, /* virConnectDomainEventNICMACChangeCallback
(Since: 9.6.0) */
# ifdef VIR_ENUM_SENTINELS
VIR_DOMAIN_EVENT_ID_LAST
diff --git a/src/conf/domain_event.c b/src/conf/domain_event.c
index 75603a933a..4d544f2d2f 100644
--- a/src/conf/domain_event.c
+++ b/src/conf/domain_event.c
@@ -57,6 +57,7 @@ static virClass *virDomainEventMetadataChangeClass;
static virClass *virDomainEventBlockThresholdClass;
static virClass *virDomainEventMemoryFailureClass;
static virClass *virDomainEventMemoryDeviceSizeChangeClass;
+static virClass *virDomainEventNICMACChangeClass;
static void virDomainEventDispose(void *obj);
static void virDomainEventLifecycleDispose(void *obj);
@@ -81,6 +82,7 @@ static void virDomainEventMetadataChangeDispose(void *obj);
static void virDomainEventBlockThresholdDispose(void *obj);
static void virDomainEventMemoryFailureDispose(void *obj);
static void virDomainEventMemoryDeviceSizeChangeDispose(void *obj);
+static void virDomainEventNICMACChangeDispose(void *obj);
static void
virDomainEventDispatchDefaultFunc(virConnectPtr conn,
@@ -285,6 +287,15 @@ struct _virDomainEventMemoryDeviceSizeChange {
};
typedef struct _virDomainEventMemoryDeviceSizeChange
virDomainEventMemoryDeviceSizeChange;
+struct _virDomainEventNICMACChange {
+ virDomainEvent parent;
+
+ char *alias;
+ char *oldMAC;
+ char *newMAC;
+};
+typedef struct _virDomainEventNICMACChange virDomainEventNICMACChange;
+
static int
virDomainEventsOnceInit(void)
{
@@ -334,6 +345,8 @@ virDomainEventsOnceInit(void)
return -1;
if (!VIR_CLASS_NEW(virDomainEventMemoryDeviceSizeChange, virDomainEventClass))
return -1;
+ if (!VIR_CLASS_NEW(virDomainEventNICMACChange, virDomainEventClass))
+ return -1;
return 0;
}
@@ -559,6 +572,16 @@ virDomainEventMemoryDeviceSizeChangeDispose(void *obj)
g_free(event->alias);
}
+static void
+virDomainEventNICMACChangeDispose(void *obj)
+{
+ virDomainEventNICMACChange *event = obj;
+
+ g_free(event->alias);
+ g_free(event->oldMAC);
+ g_free(event->newMAC);
+}
+
static void *
virDomainEventNew(virClass *klass,
int eventID,
@@ -1734,6 +1757,62 @@ virDomainEventMemoryDeviceSizeChangeNewFromDom(virDomainPtr dom,
}
+static virObjectEvent *
+virDomainEventNICMACChangeNew(int id,
+ const char *name,
+ unsigned char *uuid,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC)
+
+{
+ virDomainEventNICMACChange *ev;
+
+ if (virDomainEventsInitialize() < 0)
+ return NULL;
+
+ if (!(ev = virDomainEventNew(virDomainEventNICMACChangeClass,
+ VIR_DOMAIN_EVENT_ID_NIC_MAC_CHANGE,
+ id, name, uuid)))
+ return NULL;
+
+ ev->alias = g_strdup(alias);
+ ev->oldMAC = g_strdup(oldMAC);
+ ev->newMAC = g_strdup(newMAC);
+
+ return (virObjectEvent *)ev;
+}
+
+
+virObjectEvent *
+virDomainEventNICMACChangeNewFromObj(virDomainObj *obj,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC)
+{
+ return virDomainEventNICMACChangeNew(obj->def->id,
+ obj->def->name,
+ obj->def->uuid,
+ alias,
+ oldMAC,
+ newMAC);
+}
+
+virObjectEvent *
+virDomainEventNICMACChangeNewFromDom(virDomainPtr dom,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC)
+{
+ return virDomainEventNICMACChangeNew(dom->id,
+ dom->name,
+ dom->uuid,
+ alias,
+ oldMAC,
+ newMAC);
+
+}
+
static void
virDomainEventDispatchDefaultFunc(virConnectPtr conn,
virObjectEvent *event,
@@ -2042,6 +2121,20 @@ virDomainEventDispatchDefaultFunc(virConnectPtr conn,
goto cleanup;
}
+ case VIR_DOMAIN_EVENT_ID_NIC_MAC_CHANGE:
+ {
+ virDomainEventNICMACChange *nicMacChangeEvent;
+
+ nicMacChangeEvent = (virDomainEventNICMACChange *)event;
+ ((virConnectDomainEventNICMACChangeCallback)cb)(conn, dom,
+ nicMacChangeEvent->alias,
+
nicMacChangeEvent->oldMAC,
+
nicMacChangeEvent->newMAC,
+ cbopaque);
+
+ goto cleanup;
+ }
+
case VIR_DOMAIN_EVENT_ID_LAST:
break;
}
diff --git a/src/conf/domain_event.h b/src/conf/domain_event.h
index f4016dc1e9..f31cfb9e42 100644
--- a/src/conf/domain_event.h
+++ b/src/conf/domain_event.h
@@ -277,6 +277,18 @@ virDomainEventMemoryDeviceSizeChangeNewFromDom(virDomainPtr dom,
const char *alias,
unsigned long long size);
+virObjectEvent *
+virDomainEventNICMACChangeNewFromObj(virDomainObj *obj,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC);
+
+virObjectEvent *
+virDomainEventNICMACChangeNewFromDom(virDomainPtr dom,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC);
+
int
virDomainEventStateRegister(virConnectPtr conn,
virObjectEventState *state,
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index fb7ad9c855..d5e9f321b9 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -754,6 +754,8 @@ virDomainEventMetadataChangeNewFromDom;
virDomainEventMetadataChangeNewFromObj;
virDomainEventMigrationIterationNewFromDom;
virDomainEventMigrationIterationNewFromObj;
+virDomainEventNICMACChangeNewFromDom;
+virDomainEventNICMACChangeNewFromObj;
virDomainEventPMSuspendDiskNewFromDom;
virDomainEventPMSuspendDiskNewFromObj;
virDomainEventPMSuspendNewFromDom;
diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon_dispatch.c
index 7144e9e7ca..f347e7bcce 100644
--- a/src/remote/remote_daemon_dispatch.c
+++ b/src/remote/remote_daemon_dispatch.c
@@ -1357,6 +1357,37 @@ remoteRelayDomainEventMemoryDeviceSizeChange(virConnectPtr conn,
}
+static int
+remoteRelayDomainEventNICMACChange(virConnectPtr conn,
+ virDomainPtr dom,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC,
+ void *opaque)
+{
+ daemonClientEventCallback *callback = opaque;
+ remote_domain_event_nic_mac_change_msg data;
+
+ if (callback->callbackID < 0 ||
+ !remoteRelayDomainEventCheckACL(callback->client, conn, dom))
+ return -1;
+
+ /* build return data */
+ memset(&data, 0, sizeof(data));
+ data.callbackID = callback->callbackID;
+ data.alias = g_strdup(alias);
+ data.oldMAC = g_strdup(oldMAC);
+ data.newMAC = g_strdup(newMAC);
+ make_nonnull_domain(&data.dom, dom);
+
+ remoteDispatchObjectEventSend(callback->client, remoteProgram,
+ REMOTE_PROC_DOMAIN_EVENT_NIC_MAC_CHANGE,
+ (xdrproc_t)xdr_remote_domain_event_nic_mac_change_msg,
+ &data);
+ return 0;
+}
+
+
static virConnectDomainEventGenericCallback domainEventCallbacks[] = {
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventLifecycle),
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventReboot),
@@ -1385,6 +1416,7 @@ static virConnectDomainEventGenericCallback domainEventCallbacks[] =
{
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventBlockThreshold),
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventMemoryFailure),
VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventMemoryDeviceSizeChange),
+ VIR_DOMAIN_EVENT_CALLBACK(remoteRelayDomainEventNICMACChange),
};
G_STATIC_ASSERT(G_N_ELEMENTS(domainEventCallbacks) == VIR_DOMAIN_EVENT_ID_LAST);
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index 65ec239fb7..43f61321dc 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -427,6 +427,11 @@ remoteConnectNotifyEventConnectionClosed(virNetClientProgram *prog
G_GNUC_UNUSED
virNetClient *client G_GNUC_UNUSED,
void *evdata, void *opaque);
+static void
+remoteDomainBuildEventNICMACChange(virNetClientProgram *prog,
+ virNetClient *client,
+ void *evdata, void *opaque);
+
static virNetClientProgramEvent remoteEvents[] = {
{ REMOTE_PROC_DOMAIN_EVENT_LIFECYCLE,
remoteDomainBuildEventLifecycle,
@@ -641,6 +646,10 @@ static virNetClientProgramEvent remoteEvents[] = {
remoteDomainBuildEventMemoryDeviceSizeChange,
sizeof(remote_domain_event_memory_device_size_change_msg),
(xdrproc_t)xdr_remote_domain_event_memory_device_size_change_msg },
+ { REMOTE_PROC_DOMAIN_EVENT_NIC_MAC_CHANGE,
+ remoteDomainBuildEventNICMACChange,
+ sizeof(remote_domain_event_nic_mac_change_msg),
+ (xdrproc_t)xdr_remote_domain_event_nic_mac_change_msg },
};
static void
@@ -5198,6 +5207,31 @@ remoteDomainBuildEventMemoryDeviceSizeChange(virNetClientProgram
*prog G_GNUC_UN
}
+static void
+remoteDomainBuildEventNICMACChange(virNetClientProgram *prog G_GNUC_UNUSED,
+ virNetClient *client G_GNUC_UNUSED,
+ void *evdata, void *opaque)
+{
+ virConnectPtr conn = opaque;
+ remote_domain_event_nic_mac_change_msg *msg = evdata;
+ struct private_data *priv = conn->privateData;
+ virDomainPtr dom;
+ virObjectEvent *event = NULL;
+
+ if (!(dom = get_nonnull_domain(conn, msg->dom)))
+ return;
+
+ event = virDomainEventNICMACChangeNewFromDom(dom,
+ msg->alias,
+ msg->oldMAC,
+ msg->newMAC);
+
+ virObjectUnref(dom);
+
+ virObjectEventStateQueueRemote(priv->eventState, event, msg->callbackID);
+}
+
+
static int
remoteStreamSend(virStreamPtr st,
const char *data,
diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
index 5d86a51116..af19846668 100644
--- a/src/remote/remote_protocol.x
+++ b/src/remote/remote_protocol.x
@@ -3935,6 +3935,15 @@ struct remote_domain_fd_associate_args {
remote_nonnull_string name;
unsigned int flags;
};
+
+struct remote_domain_event_nic_mac_change_msg {
+ int callbackID;
+ remote_nonnull_domain dom;
+ remote_nonnull_string alias;
+ remote_nonnull_string oldMAC;
+ remote_nonnull_string newMAC;
+};
+
/*----- Protocol. -----*/
/* Define the program number, protocol version and procedure numbers here. */
@@ -6974,5 +6983,11 @@ enum remote_procedure {
* @generate: none
* @acl: domain:write
*/
- REMOTE_PROC_DOMAIN_FD_ASSOCIATE = 443
+ REMOTE_PROC_DOMAIN_FD_ASSOCIATE = 443,
+
+ /**
+ * @generate: both
+ * @acl: none
+ */
+ REMOTE_PROC_DOMAIN_EVENT_NIC_MAC_CHANGE = 444
};
diff --git a/tools/virsh-domain-event.c b/tools/virsh-domain-event.c
index 2969c22a91..2467fa00a8 100644
--- a/tools/virsh-domain-event.c
+++ b/tools/virsh-domain-event.c
@@ -788,6 +788,24 @@ virshEventMemoryDeviceSizeChangePrint(virConnectPtr conn
G_GNUC_UNUSED,
}
+static void
+virshEventNICMACChangePrint(virConnectPtr conn G_GNUC_UNUSED,
+ virDomainPtr dom,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC,
+ void *opaque)
+{
+ g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER;
+
+ virBufferAsprintf(&buf,
+ _("event 'nic-mac-change' for domain
'%1$s':\nalias: %2$s\noldMAC: %3$s\nnewMAC: %4$s\n"),
+ virDomainGetName(dom), alias, oldMAC, newMAC);
+
+ virshEventPrint(opaque, &buf);
+}
+
+
virshDomainEventCallback virshDomainEventCallbacks[] = {
{ "lifecycle",
VIR_DOMAIN_EVENT_CALLBACK(virshEventLifecyclePrint), },
@@ -841,6 +859,8 @@ virshDomainEventCallback virshDomainEventCallbacks[] = {
VIR_DOMAIN_EVENT_CALLBACK(virshEventMemoryFailurePrint), },
{ "memory-device-size-change",
VIR_DOMAIN_EVENT_CALLBACK(virshEventMemoryDeviceSizeChangePrint), },
+ { "nic-mac-change",
+ VIR_DOMAIN_EVENT_CALLBACK(virshEventNICMACChangePrint), },
};
G_STATIC_ASSERT(VIR_DOMAIN_EVENT_ID_LAST == G_N_ELEMENTS(virshDomainEventCallbacks));
--
2.39.3
9:47 a.m.
New subject: [PATCH 2/3] Introduce NIC_MAC_CHANGE event
On Wed, Jun 28, 2023 at 12:53:36PM +0200, Michal Privoznik wrote:
The aim off this event is to notify management application that
guest changed MAC address on one of its vNICs so the app can
update its internal records, e.g. for finding match between
guest/host view of vNICs.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
examples/c/misc/event-test.c | 14 +++++
include/libvirt/libvirt-domain.h | 28 +++++++++
src/conf/domain_event.c | 93 +++++++++++++++++++++++++++++
src/conf/domain_event.h | 12 ++++
src/libvirt_private.syms | 2 +
src/remote/remote_daemon_dispatch.c | 32 ++++++++++
src/remote/remote_driver.c | 34 +++++++++++
src/remote/remote_protocol.x | 17 +++++-
tools/virsh-domain-event.c | 20 +++++++
9 files changed, 251 insertions(+), 1 deletion(-)
[...]
diff --git a/src/remote/remote_daemon_dispatch.c
b/src/remote/remote_daemon_dispatch.c
index 7144e9e7ca..f347e7bcce 100644
--- a/src/remote/remote_daemon_dispatch.c
+++ b/src/remote/remote_daemon_dispatch.c
@@ -1357,6 +1357,37 @@ remoteRelayDomainEventMemoryDeviceSizeChange(virConnectPtr conn,
}
+static int
+remoteRelayDomainEventNICMACChange(virConnectPtr conn,
+ virDomainPtr dom,
+ const char *alias,
+ const char *oldMAC,
+ const char *newMAC,
+ void *opaque)
+{
+ daemonClientEventCallback *callback = opaque;
+ remote_domain_event_nic_mac_change_msg data;
+
+ if (callback->callbackID < 0 ||
+ !remoteRelayDomainEventCheckACL(callback->client, conn, dom))
+ return -1;
+
+ /* build return data */
+ memset(&data, 0, sizeof(data));
Just a nit pick, but instead of this you should be able to do:
remote_domain_event_nic_mac_change_msg data = {0};
above.
2:15 a.m.
New subject: [PATCH 2/3] Introduce NIC_MAC_CHANGE event
On 7/26/23 16:47, Martin Kletzander wrote:
On Wed, Jun 28, 2023 at 12:53:36PM +0200, Michal Privoznik wrote:
> The aim off this event is to notify management application that
> guest changed MAC address on one of its vNICs so the app can
> update its internal records, e.g. for finding match between
> guest/host view of vNICs.
>
> Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
> ---
> examples/c/misc/event-test.c | 14 +++++
> include/libvirt/libvirt-domain.h | 28 +++++++++
> src/conf/domain_event.c | 93 +++++++++++++++++++++++++++++
> src/conf/domain_event.h | 12 ++++
> src/libvirt_private.syms | 2 +
> src/remote/remote_daemon_dispatch.c | 32 ++++++++++
> src/remote/remote_driver.c | 34 +++++++++++
> src/remote/remote_protocol.x | 17 +++++-
> tools/virsh-domain-event.c | 20 +++++++
> 9 files changed, 251 insertions(+), 1 deletion(-)
>
[...]
> diff --git a/src/remote/remote_daemon_dispatch.c
> b/src/remote/remote_daemon_dispatch.c
> index 7144e9e7ca..f347e7bcce 100644
> --- a/src/remote/remote_daemon_dispatch.c
> +++ b/src/remote/remote_daemon_dispatch.c
> @@ -1357,6 +1357,37 @@
> remoteRelayDomainEventMemoryDeviceSizeChange(virConnectPtr conn,
> }
>
>
> +static int
> +remoteRelayDomainEventNICMACChange(virConnectPtr conn,
> + virDomainPtr dom,
> + const char *alias,
> + const char *oldMAC,
> + const char *newMAC,
> + void *opaque)
> +{
> + daemonClientEventCallback *callback = opaque;
> + remote_domain_event_nic_mac_change_msg data;
> +
> + if (callback->callbackID < 0 ||
> + !remoteRelayDomainEventCheckACL(callback->client, conn, dom))
> + return -1;
> +
> + /* build return data */
> + memset(&data, 0, sizeof(data));
Just a nit pick, but instead of this you should be able to do:
remote_domain_event_nic_mac_change_msg data = {0};
Yep, you're right. This is what you get when you copy code from an event
introduced earlier :-)
Fixed locally.
Michal
5:53 a.m.
New subject: [PATCH 3/3] qemu: Emit NIC_MAC_CHANGE event
So far, we only process NIC_RX_FILTER_CHANGED event when the
corresponding device has 'trustGuestRxFilters' enabled. And the
event is emitted only for virtio model. IOW, this is fairly
limited situation and other scenarios don't emit any event (e.g.
change of MAC address on a PCI passthrough device).
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2025303
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/qemu/qemu_domain.c | 16 +++++++++++++++-
src/qemu/qemu_domain.h | 3 ++-
src/qemu/qemu_driver.c | 9 ++++++---
src/qemu/qemu_process.c | 2 +-
4 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 5e5789a28c..51e5db6631 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -12498,7 +12498,8 @@ syncNicRxFilterMulticast(char *ifname,
int
qemuDomainSyncRxFilter(virDomainObj *vm,
virDomainNetDef *def,
- virDomainAsyncJob asyncJob)
+ virDomainAsyncJob asyncJob,
+ virObjectEvent **event)
{
qemuDomainObjPrivate *priv = vm->privateData;
g_autoptr(virNetDevRxFilter) guestFilter = NULL;
@@ -12550,6 +12551,19 @@ qemuDomainSyncRxFilter(virDomainObj *vm,
/* Reflect changed MAC address in the domain XML. */
if (virMacAddrCmp(&def->mac, &guestFilter->mac)) {
+ if (event) {
+ char oldMAC[VIR_MAC_STRING_BUFLEN] = { 0 };
+ char newMAC[VIR_MAC_STRING_BUFLEN] = { 0 };
+
+ virMacAddrFormat(&def->mac, oldMAC);
+ virMacAddrFormat(&guestFilter->mac, newMAC);
+
+ *event = virDomainEventNICMACChangeNewFromObj(vm,
+ def->info.alias,
+ oldMAC,
+ newMAC);
+ }
+
virMacAddrSet(&def->mac, &guestFilter->mac);
}
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 999190e381..3021208c4c 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -1127,7 +1127,8 @@ qemuDomainRefreshStatsSchema(virDomainObj *dom);
int
qemuDomainSyncRxFilter(virDomainObj *vm,
virDomainNetDef *def,
- virDomainAsyncJob asyncJob);
+ virDomainAsyncJob asyncJob,
+ virObjectEvent **event);
int
qemuDomainSchedCoreStart(virQEMUDriverConfig *cfg,
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index ccf653d201..f713bff6ab 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -3702,9 +3702,11 @@ processNetdevStreamDisconnectedEvent(virDomainObj *vm,
static void
-processNicRxFilterChangedEvent(virDomainObj *vm,
+processNicRxFilterChangedEvent(virQEMUDriver *driver,
+ virDomainObj *vm,
const char *devAlias)
{
+ virObjectEvent *event = NULL;
virDomainDeviceDef dev;
virDomainNetDef *def;
@@ -3749,11 +3751,12 @@ processNicRxFilterChangedEvent(virDomainObj *vm,
VIR_DEBUG("process NIC_RX_FILTER_CHANGED event for network "
"device %s in domain %s", def->info.alias,
vm->def->name);
- if (qemuDomainSyncRxFilter(vm, def, VIR_ASYNC_JOB_NONE) < 0)
+ if (qemuDomainSyncRxFilter(vm, def, VIR_ASYNC_JOB_NONE, &event) < 0)
goto endjob;
endjob:
virDomainObjEndJob(vm);
+ virObjectEventStateQueue(driver->domainEventState, event);
}
@@ -4054,7 +4057,7 @@ static void qemuProcessEventHandler(void *data, void *opaque)
processNetdevStreamDisconnectedEvent(vm, processEvent->data);
break;
case QEMU_PROCESS_EVENT_NIC_RX_FILTER_CHANGED:
- processNicRxFilterChangedEvent(vm, processEvent->data);
+ processNicRxFilterChangedEvent(driver, vm, processEvent->data);
break;
case QEMU_PROCESS_EVENT_SERIAL_CHANGED:
processSerialChangedEvent(driver, vm, processEvent->data,
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index db06991450..61c1a75639 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -7925,7 +7925,7 @@ qemuProcessRefreshRxFilters(virDomainObj *vm,
if (!virDomainNetGetActualTrustGuestRxFilters(def))
continue;
- if (qemuDomainSyncRxFilter(vm, def, asyncJob) < 0)
+ if (qemuDomainSyncRxFilter(vm, def, asyncJob, NULL) < 0)
return -1;
}
--
2.39.3
9:39 a.m.
On Wed, Jun 28, 2023 at 12:53:34PM +0200, Michal Privoznik wrote:
These are RFC patches. I'd like to start a discussion on the
following
problem:
We need to decide if we want to inform users in the live XML that the
MAC changed (no matter the setting of trustGuestRxFilters), idea below.
We could then add a flag to virDomainInterfaceAddresses() that switches
to the other MAC address.
A mgmt application has info tied to an <interface/> (stored
elsewhere,
not important right now). And they use basically the only piece of
information that's visible in both host and guest: MAC address. No, user
aliases are not visible in the guest. Therefore, when they query the
guest-agent (e.g. via 'virsh domifaddr --source agent') they can
reconstruct their knowledge on NICs.
But there's a catch - if user decides to change MAC address form inside
of the VM. Then the only link between host and guest is broken.
Now, we could make the guest-agent report both current and permanent MAC
address. But unfortunately, libvirt's virDomainInterfaceAddresses() is
not prepared for that.
Now, I don't recall why we decided to not update MAC address in the live
XML on change, but maybe somebody else does. Or we can pass the event
from QEMU to the mgmt application so that it can update its state.
Could that be that referring to the interface would be troublesome? Can
we add something like "current MAC address" in case it was changed?
Michal Prívozník (3):
qemu: Reflect MAC address change in live domain XML
Introduce NIC_MAC_CHANGE event
qemu: Emit NIC_MAC_CHANGE event
examples/c/misc/event-test.c | 14 +++++
include/libvirt/libvirt-domain.h | 28 +++++++++
src/conf/domain_event.c | 93 +++++++++++++++++++++++++++++
src/conf/domain_event.h | 12 ++++
src/libvirt_private.syms | 2 +
src/qemu/qemu_domain.c | 34 ++++++++++-
src/qemu/qemu_domain.h | 3 +-
src/qemu/qemu_driver.c | 11 ++--
src/qemu/qemu_process.c | 2 +-
src/remote/remote_daemon_dispatch.c | 32 ++++++++++
src/remote/remote_driver.c | 34 +++++++++++
src/remote/remote_protocol.x | 17 +++++-
tools/virsh-domain-event.c | 20 +++++++
13 files changed, 294 insertions(+), 8 deletions(-)
--
2.39.3
477
days inactive
512
days old
9 comments
3 participants
participants (3)
-
Martin Kletzander -
Michal Privoznik -
Michal Prívozník