1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-22 17:34:18 +03:00
Commit Graph

42372 Commits

Author SHA1 Message Date
Daniel P. Berrangé
96f1bd13a0 Add news item for sVirt CVE fix
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-07-01 13:59:42 +01:00
Daniel P. Berrangé
15073504db security: fix SELinux label generation logic
A process can access a file if the set of MCS categories
for the file is equal-to *or* a subset-of, the set of
MCS categories for the process.

If there are two VMs:

  a) svirt_t:s0:c117
  b) svirt_t:s0:c117,c720

Then VM (b) is able to access files labelled for VM (a).

IOW, we must discard case where the categories are equal
because that is a subset of many other valid category pairs.

Fixes: https://gitlab.com/libvirt/libvirt/-/issues/153
CVE-2021-3631
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-30 14:51:42 +01:00
Peter Krempa
f63397de61 NEWS: Update for 7.5.0
Mention fixing of disk iothread validation and the disk serial
truncation state.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2021-06-29 14:39:01 +02:00
Yuri Chornoivan
846a275c85 Translated using Weblate (Ukrainian)
Currently translated at 100.0% (10342 of 10342 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/uk/

Co-authored-by: Yuri Chornoivan <yurchor@ukr.net>
Signed-off-by: Yuri Chornoivan <yurchor@ukr.net>
2021-06-29 08:54:00 +02:00
simmon
4e3288d5a2 Translated using Weblate (Korean)
Currently translated at 44.9% (4644 of 10342 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Co-authored-by: simmon <simmon@nplob.com>
Signed-off-by: simmon <simmon@nplob.com>
2021-06-29 08:54:00 +02:00
Nathan
4c5a7a365d Translated using Weblate (Italian)
Currently translated at 23.3% (2411 of 10342 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/it/

Co-authored-by: Nathan <nathan95@live.it>
Signed-off-by: Nathan <nathan95@live.it>
2021-06-29 08:54:00 +02:00
Weblate
9fe64b9766 Update translation files
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/

Co-authored-by: Weblate <noreply@weblate.org>
Signed-off-by: Fedora Weblate Translation <i18n@lists.fedoraproject.org>
2021-06-29 08:54:00 +02:00
Jan Kuparinen
9e5e82d9b7 Translated using Weblate (Finnish)
Currently translated at 21.8% (2255 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/fi/

Translated using Weblate (Finnish)

Currently translated at 21.8% (2249 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/fi/

Translated using Weblate (Finnish)

Currently translated at 21.0% (2176 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/fi/

Translated using Weblate (Finnish)

Currently translated at 21.0% (2170 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/fi/

Co-authored-by: Jan Kuparinen <copper_fin@hotmail.com>
Signed-off-by: Jan Kuparinen <copper_fin@hotmail.com>
2021-06-29 08:53:58 +02:00
simmon
82cba3771d Translated using Weblate (Korean)
Currently translated at 44.8% (4624 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.7% (4618 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.7% (4614 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.7% (4613 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.7% (4613 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.7% (4611 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.5% (4593 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.5% (4590 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.4% (4582 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.3% (4577 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Translated using Weblate (Korean)

Currently translated at 44.3% (4570 of 10314 strings)

Translation: libvirt/libvirt
Translate-URL: https://translate.fedoraproject.org/projects/libvirt/libvirt/ko/

Co-authored-by: simmon <simmon@nplob.com>
Signed-off-by: simmon <simmon@nplob.com>
2021-06-29 08:53:58 +02:00
Michal Privoznik
438b50dda8 virSetUIDGIDWithCaps: Don't drop CAP_SETPCAP right away
There are few cases where we execute a virCommand with all caps
cleared (virCommandClearCaps()). For instance
dnsmasqCapsRefreshInternal() does just that. This means, that
after fork() and before exec() the virSetUIDGIDWithCaps() is
called. But since the caller did not want to change anything,
just drop capabilities, these are the values of arguments:

  virSetUIDGIDWithCaps (uid=-1, gid=-1, groups=0x0, ngroups=0,
                        capBits=0, clearExistingCaps=true)

This means that indeed all capabilities will be dropped,
including CAP_SETPCAP. But this capability controls whether
capabilities can be set, IOW whether capng_apply() succeeds.

There are two calls of capng_apply() in the function. The
CAP_SETPCAP is dropped after the first call and thus the other
call (capng_apply(CAPNG_SELECT_BOUNDS);) fails.

The solution is to keep the capability for as long as needed
(just like CAP_SETGID and CAP_SETUID) and drop it only at the
very end (just like CAP_SETGID and CAP_SETUID).

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1949388
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
2021-06-29 08:52:12 +02:00
Zbigniew Jędrzejewski-Szmek
7c08141f90 spec: avoid rpm warning about macro in comment
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
2021-06-25 17:56:26 +00:00
Zbigniew Jędrzejewski-Szmek
da0f94c2a9 spec: avoid repeated calls to systemd macros and binaries
The macro can take multiple arguments, and the calls are more efficient
if done in one go.

Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
2021-06-25 17:56:26 +00:00
Zbigniew Jędrzejewski-Szmek
8a4c84e540 spec: drop/update dependencies on systemd-{units,sysv}
-sysv was probably a left-over, and the -units deps was outdated and not
necessary, see
https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_dependencies_on_the_systemd_package.

Only for 'systemctl mask' which is executed in %post, we want to make
sure that /usr/bin/systemctl is installed, so keep that dependency.
(A file dep is used to avoid issues if the systemd package is further
split later on.)

Ferried over from https://src.fedoraproject.org/rpms/libvirt/pull-request/7.

Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
2021-06-25 17:56:26 +00:00
Jiri Denemark
ba7a014a07 po: Refresh potfile for v7.5.0
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2021-06-25 11:26:54 +02:00
Jim Fehlig
64ae7635e6 Apparmor: Allow reading /etc/ssl/openssl.cnf
I noticed the following denial when running confined VMs with the QEMU
driver

type=AVC msg=audit(1623865089.263:865): apparmor="DENIED" operation="open" \
profile="virt-aa-helper" name="/etc/ssl/openssl.cnf" pid=12503 \
comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0

Allow reading the file by including the openssl abstraction in the
virt-aa-helper profile.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2021-06-24 13:54:47 -06:00
Jim Fehlig
f552e68d9f Apparmor: Allow reading libnl's classid file
I noticed the following denial messages from apparmor in audit.log when
starting confined VMs via the QEMU driver

type=AVC msg=audit(1623864006.370:837): apparmor="DENIED" operation="open" \
profile="virt-aa-helper" name="/etc/libnl/classid" pid=11265 \
comm="virt-aa-helper" requested_mask="r" denied_mask="r" fsuid=0 ouid=0

type=AVC msg=audit(1623864006.582:849): apparmor="DENIED" operation="open" \
profile="libvirt-0ca2720d-6cff-48bb-86c2-61ab9a79b6e9" \
name="/etc/libnl/classid" pid=11270 comm="qemu-system-x86" \
requested_mask="r" denied_mask="r" fsuid=107 ouid=0

It is possible for site admins to assign names to classids in this file,
which are then used by all libnl tools, possibly those used by libvirt.
To be on the safe side, allow read access to the file in the virt-aa-helper
profile and the libvirt-qemu abstraction.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
2021-06-24 13:54:42 -06:00
Peter Krempa
c0c1c08b63 tests: qemucapabilities: Bump test data for qemu-6.1 on x86_64
Update the caps data for the upcoming qemu version.

Notable changes are:

- 'query-sev-attestation-report' command added
- 'sample-pages' members for dirty rate calculation added
- 'qtest' device added
- 'share' member added to query-memdev and 'reserve' members added to
  query-memdev/memory-backend-[file,memfd,ram]
- 'qemu-vdagent' chardev added
- 'mptcp' toggle added to inet servers
- 'zstd' compression for qcow2
- new cpu models: - "Snowridge-v3"
                  - "Skylake-Server-v5"
                  - "Skylake-Client-v4"
                  - "Icelake-Server-v5"
                  - "Icelake-Client-v3"
                  - "Dhyana-v2"
                  - "Denverton-v3"
                  - "Cooperlake-v2"
                  - "Cascadelake-Server-v5"
- 'avx-vnni' added to some existing cpu models
- 'model-id' is now being reported as the host cpu again rather than
  QEMU TCG as I've noted in previous bump

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
2021-06-24 17:11:08 +02:00
Jiri Denemark
b3bbe5d8f5 spec: Drop libiscsi support in RHEL-9
https://bugzilla.redhat.com/show_bug.cgi?id=1975677

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-06-24 11:08:54 +02:00
Martin Kletzander
5f96ea10d4 ci: Also perform package upgrades on macOS and FreeBSD
The base OS image might include outdated contents, and we don't
want to get spurious failures caused by bugs that have already been
fixed in the respective packages.

This is particularly important on macOS, because 'brew install foo'
will fail if 'foo' is already installed but outdated: upgrading all
packages first ensures we never run into this scenario.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
2021-06-24 09:14:08 +02:00
Daniel P. Berrangé
b9f9df9f2d build: fix logic for enabling libssh/libssh2 checks
When 'driver_remote' is 'auto', the 'enabled()' method does not
evaluate to true, causing the libssh/libssh2 checks to be skipped.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-23 18:43:22 +01:00
Daniel P. Berrangé
fdaddd910e rpc: prefer SHA256 host key fingerprint with new libssh
The host key fingerprint for SSH servers is used in a scenario where
cryptographic strength is important. We should thus be defaulting to
use of SHA256 where available. We only need SHA1 for Ubuntu 18.04
which does not have libssh >= 0.8.1

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-23 18:43:22 +01:00
Tim Wiederhake
b683978f1f virDomainFeaturesDefParse: Simplify APIC parsing
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:56 +02:00
Tim Wiederhake
f1a65a8163 virDomainFeaturesCapabilitiesDefParse: Remove ctxt
Iterating over all child elements of a node does not require xpath.
By doing away with xpath for this code, the code can be simplified.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:54 +02:00
Tim Wiederhake
2afc9fdc82 virDomainFeaturesDefParse: Factor out capabilities parsing into separate function
Cleanup to follow. This removes the last re-use of `nodes` in this function,
eliminating two VIR_FREEs.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:52 +02:00
Tim Wiederhake
2c2fe23bef virDomainFeaturesDefParse: Inline MSRS parsing
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:49 +02:00
Tim Wiederhake
eeb94215b0 virDomainFeaturesDefParse: Inline SMM parsing
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:47 +02:00
Tim Wiederhake
6e872ab3f4 virDomainFeaturesXENDefParse: Remove tautological "if"
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:45 +02:00
Tim Wiederhake
f1149b8d3a virDomainFeaturesXENDefParse: Remove ctxt
Iterating over all child elements of a node does not require xpath.
By doing away with xpath for this code, the code can be simplified.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:43 +02:00
Tim Wiederhake
6b45c61e88 virDomainFeaturesDefParse: Factor out XEN parsing into separate function
Only moving code, cleanup to follow.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:40 +02:00
Tim Wiederhake
b194a21a9e virDomainFeaturesKVMDefParse: Remove tautological "if"
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:38 +02:00
Tim Wiederhake
e2bce45829 virDomainFeaturesKVMDefParse: Remove tautological "switch"
`feature` is always one of the values listed in the switch,
ensured by `virDomainKVMTypeFromString` above.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:36 +02:00
Tim Wiederhake
3c5e607b24 virDomainFeaturesKVMDefParse: Remove ctxt
Iterating over all child elements of a node does not require xpath.
By doing away with xpath for this code, the code can be simplified.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:34 +02:00
Tim Wiederhake
947204c1a2 virDomainFeaturesDefParse: Factor out KVM parsing into separate function
Only moving code, cleanup to follow.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:32 +02:00
Tim Wiederhake
95ef93f2a3 virDomainFeaturesHyperVDefParse: Remove tautological "if"
Fix some line wrapping in the process.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:29 +02:00
Tim Wiederhake
70a4ac857c virDomainFeaturesHyperVDefParse: Remove ctxt
Iterating over all child elements of a node does not require xpath.
By doing away with xpath for this code, the code can be simplified.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:27 +02:00
Tim Wiederhake
7b82efcf46 virDomainFeaturesHyperVDefParse: Inline hyperv/stimer parsing
Iterating over all child elements of a node does not require xpath.
By doing away with xpath for this code, the code can be inlined and
simplified. This also removes the re-use of `nodes`, elimininating
two VIR_FREEs.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:24 +02:00
Tim Wiederhake
9489700da1 virDomainFeaturesDefParse: Factor out HyperV parsing into separate function
Only moving code, cleanup to follow.

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-23 13:45:21 +02:00
Tim Wiederhake
e2ebbd4097 docs: Fix some typos
Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2021-06-22 15:55:56 +02:00
Peter Krempa
73985cacf4 chValidateDomainDeviceDef: Remove per-device-type error messages
Vast majority of device types is not supported by the Cloud-Hypervisor
driver. Simplify the error reporting by using
virDomainDeviceTypeToString.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2021-06-22 13:25:23 +02:00
Jim Fehlig
b1112f6c0f News: Mention bump in minimum supported Xen version
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-21 10:44:23 -06:00
Jim Fehlig
e58004d70a Xen: Remove unneeded LIBXL_HAVE_* ifdefs
Now that the minimum supported Xen version has bumped to 4.9, all
uses of LIBXL_HAVE_* that are included in Xen 4.9 can be removed
from the libxl driver.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-21 10:43:04 -06:00
Pavel Hrdina
36d6da4ebf virresctrl: fix starting VMs with cputune.memorytune specified
When removing check for return value of VIR_EXPAND_N this place was
incorrectly modified causing failure to start a VM with cputune
memorytune configured with useless error message:

    error: Failed to start domain 'vm1'
    error: An error occurred, but the cause is unknown

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1973094
Fixes: 7d2fd6ef01
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-06-21 13:17:18 +02:00
Peter Krempa
71012d7164 virStorageBackendISCSIDirectFindPoolSources: Rework cleanup
virISCSIDirectScanTargets now returns a GStrv, so we can use automatic
cleanup for it and get rid of the cleanup section.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-06-21 10:46:35 +02:00
Peter Krempa
e51ffd2e33 virISCSIDirectUpdateTargets: Rework to simplify cleanup and return GStrv
Count the elements in advance rather than using VIR_APPEND_ELEMENT and
ensure that there's a NULL terminator for the string list so it's GStrv
compatible.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-06-21 10:46:35 +02:00
Peter Krempa
80b7e03ce5 virStorageBackendISCSIDirectFindPoolSources: Use allocated virStoragePoolSourceList
Using an allocated version together with copying the
host/initiator/device portions into it allows us to switch to automatic
clearing rather than open-coding it.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-06-21 10:46:35 +02:00
Peter Krempa
3776b6a93d conf: storage: Introduce virStoragePoolSourceListFree
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-06-21 10:46:35 +02:00
William Douglas
ff8557b433 ch_domain: Add handler for virDomainDeviceDefValidateCallback
Instead of trying to match devices passed in based on the monitor
detecting the number of devices that were used in the domain
definition, use the deviceValidateCallback to evaluate if
unsupported devices are used.

This allows the compiler to detect when new device types are added
that need to be checked.

Signed-off-by: William Douglas <william.douglas@intel.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2021-06-21 09:34:42 +02:00
Laine Stump
54b602019d qemu_hotplug: don't forget to add hostdev interfaces to the interface list
Originally qemuDomainAttachNetDevice() would wait until the cleanup at
the very end of the function to add newly hotplugged interfaces to the
domain's nets list. commit 7b8bec4560 modified it to add the new
interface to the nets list earlier (but not all the way at the
beginning of the function either, because there are some operations
(PCI address assignment in particular) that need the new device to not
yet be visible in the domaindef).

But hostdev interfaces short-circuit past most of the body of
qemuDomainAttachNetDevice() (since none of it applies to hostdev
interfaces). In the past that was okay, but since the line that adds
the new interface to the domaindef's nets list is in that "most of the
body", after that commit hotplugged hostdev interfaces are no longer
being properly added to the domaindef nets list, so they don't show up
in the status XML or the virsh domiflist output.

It really *is* important to add interfaces to the nets list earlier,
so we can't revert commit 7b8bec4560, and we also can't move the
insert to common code *earlier* in the function, so instead this patch
duplicates the VIR_APPEND_ELEMENT_COPY() just before the code path for
hostdev interfaces jumps to cleanup.

Resolves: https://bugzilla.redhat.com/1972468
Fixes: 7b8bec4560
Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2021-06-18 19:04:40 -04:00
Daniel P. Berrangé
038dabc2a3 remote: switch to auto-spawn modular daemons by default
When determining what socket path to connect to for a given URI we will

 - Connect to the driver specific daemon if its UNIX socket exists
 - Connect to libvirtd if its UNIX socket exists
 - If non-root, auto-spawn a daemon based on the default mode

Historically the last point would result in spawning libvirtd, but with
this change we now spawn a modular daemon. Remote client probing logic
will pick a specific hypervisor daemon to connect to when the URI is
NULL.

Tested-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-18 17:13:15 +01:00
Daniel P. Berrangé
05bd8db60b remote: remove probing logic from virtproxyd dispatcher
Now that the remote driver itself can probe for listening sockets /
running daemons, virtproxyd doesn't need to probe URIs itself. Instead
it can just delegate to the remote driver.

Tested-by: Jim Fehlig <jfehlig@suse.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2021-06-18 17:13:11 +01:00