summaryrefslogtreecommitdiffstats
path: root/qapi
Commit message (Collapse)AuthorAgeFilesLines
* docs: fix broken paths to docs/devel/qapi-code-gen.txtPhilippe Mathieu-Daudé2017-07-312-2/+2
| | | | | | | | With the move of some docs to docs/interop on ac06724a71, a couple of references were not updated. Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into stagingPeter Maydell2017-07-241-2/+4
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Block layer patches for 2.10.0-rc0 # gpg: Signature made Mon 24 Jul 2017 15:16:42 BST # gpg: using RSA key 0x7F09B272C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" # Primary key fingerprint: DC3D EB15 9A9A F95D 3D74 56FE 7F09 B272 C88F 2FD6 * remotes/kevin/tags/for-upstream: qemu-iotests: Avoid unnecessary sleeps block: Skip implicit nodes in query-block/blockstats qcow2: Fix sector calculation in qcow2_measure() dirty-bitmap: Report BlockDirtyInfo.count in bytes, as documented iotests: Remove a few tests from 'quick' group Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * block: Skip implicit nodes in query-block/blockstatsKevin Wolf2017-07-241-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commits 0db832f and 6cdbceb introduced the automatic insertion of filter nodes above the top layer of mirror and commit block jobs. The assumption made there was that since libvirt doesn't do node-level management of the block layer yet, it shouldn't be affected by added nodes. This is true as far as commands issued by libvirt are concerned. It only uses BlockBackend names to address nodes, so any operations it performs still operate on the root of the tree as intended. However, the assumption breaks down when you consider query commands, which return data for the wrong node now. These commands also return information on some child nodes (bs->file and/or bs->backing), which libvirt does make use of, and which refer to the wrong nodes, too. One of the consequences is that oVirt gets wrong information about the image size and stops the VM in response as long as a mirror or commit job is running: https://bugzilla.redhat.com/show_bug.cgi?id=1470634 This patch fixes the problem by hiding the implicit nodes created automatically by the mirror and commit block jobs in the output of query-block and BlockBackend-based query-blockstats as long as the user doesn't indicate that they are aware of those nodes by providing a node name for them in the QMP command to start the block job. The node-based commands query-named-block-nodes and query-blockstats with query-nodes=true still show all nodes, including implicit ones. This ensures that users that are capable of node-level management can still access the full information; users that only know BlockBackends won't use these commands. Cc: qemu-stable@nongnu.org Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Tested-by: Eric Blake <eblake@redhat.com>
* | block: Use JSON null instead of "" to disable backing fileMarkus Armbruster2017-07-241-7/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BlockdevRef is an alternate of BlockdevOptions (inline definition) and str (reference to an existing block device by name). BlockdevRef value "" is special: "no block device should be referenced." It's actually interpreted that way in just one place: optional member @backing of COW formats. Semantics: * Present means "use this block device" as backing storage * Absent means "default to the one stored in the image" * Except "" means "don't use backing storage at all" The first two are perfectly normal: when the parameter is absent, it defaults to an implied value, but the value's meaning is the same. The third one overloads the parameter with a second meaning. The overloading is *implicit*, i.e. it's not visible in the types. Works here, because "" is not a value block device ID. Pressing argument values the schema accepts, but are semantically invalid, into service to mean "do something else entirely" is not general, as suitable invalid values need not exist. I also find it ugly. To clean this up, we could add a separate flag argument to suppress @backing, or add a distinct value to @backing. This commit implements the latter: add JSON null to the values of @backing, deprecate "". Because we're so close to the 2.10 freeze, implement it in the stupidest way possible: have qmp_blockdev_add() rewrite null to "" before anything else can see the null. Works, because BlockdevRef occurs only within arguments of blockdev-add. The proper way to do it would be rewriting "" to null, preferably in a cleaner way, but that requires fixing up code to work with null. Add a TODO comment for that. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
* | qapi: Use QNull for a more regular visit_type_null()Markus Armbruster2017-07-248-11/+29
| | | | | | | | | | | | | | | | | | Make visit_type_null() take an @obj argument like its buddies. This helps keep the next commit simple. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
* | qapi: Separate type QNull from QObjectMarkus Armbruster2017-07-241-1/+1
|/ | | | | | Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
* block/qapi: Add qdev device name to query-blockKevin Wolf2017-07-181-1/+8
| | | | | | | | | | | With -blockdev/-device, users can indirectly create anonymous BlockBackends, while the state of such backends is still of interest. As a preparation for making such BBs visible in query-block, make sure that they can be identified even without a name by adding the ID/QOM path of their qdev device to BlockInfo. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com>
* block: add bdrv_measure() APIStefan Hajnoczi2017-07-111-0/+25
| | | | | | | | | | | bdrv_measure() provides a conservative maximum for the size of a new image. This information is handy if storage needs to be allocated (e.g. a SAN or an LVM volume) ahead of time. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Message-id: 20170705125738.8777-2-stefanha@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* qmp: block-dirty-bitmap-remove: remove persistentVladimir Sementsov-Ogievskiy2017-07-111-1/+2
| | | | | | | | | | Remove persistent bitmap from the storage on block-dirty-bitmap-remove. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Message-id: 20170628120530.31251-30-vsementsov@virtuozzo.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* qmp: add x-debug-block-dirty-bitmap-sha256Vladimir Sementsov-Ogievskiy2017-07-111-0/+27
| | | | | | Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-id: 20170628120530.31251-26-vsementsov@virtuozzo.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* qmp: add autoload parameter to block-dirty-bitmap-addVladimir Sementsov-Ogievskiy2017-07-111-1/+5
| | | | | | | | | | | Optional. Default is false. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Message-id: 20170628120530.31251-25-vsementsov@virtuozzo.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* qmp: add persistent flag to block-dirty-bitmap-addVladimir Sementsov-Ogievskiy2017-07-111-1/+7
| | | | | | | | | | | | Add optional 'persistent' flag to qmp command block-dirty-bitmap-add. Default is false. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Message-id: 20170628120530.31251-24-vsementsov@virtuozzo.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* qcow2: report encryption specific image informationDaniel P. Berrange2017-07-111-1/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently 'qemu-img info' reports a simple "encrypted: yes" field. This is not very useful now that qcow2 can support multiple encryption formats. Users want to know which format is in use and some data related to it. Wire up usage of the qcrypto_block_get_info() method so that 'qemu-img info' can report about the encryption format and parameters in use $ qemu-img create \ --object secret,id=sec0,data=123456 \ -o encrypt.format=luks,encrypt.key-secret=sec0 \ -f qcow2 demo.qcow2 1G Formatting 'demo.qcow2', fmt=qcow2 size=1073741824 \ encryption=off encrypt.format=luks encrypt.key-secret=sec0 \ cluster_size=65536 lazy_refcounts=off refcount_bits=16 $ qemu-img info demo.qcow2 image: demo.qcow2 file format: qcow2 virtual size: 1.0G (1073741824 bytes) disk size: 480K encrypted: yes cluster_size: 65536 Format specific information: compat: 1.1 lazy refcounts: false refcount bits: 16 encrypt: ivgen alg: plain64 hash alg: sha256 cipher alg: aes-256 uuid: 3fa930c4-58c8-4ef7-b3c5-314bb5af21f3 format: luks cipher mode: xts slots: [0]: active: true iters: 1839058 key offset: 4096 stripes: 4000 [1]: active: false key offset: 262144 [2]: active: false key offset: 520192 [3]: active: false key offset: 778240 [4]: active: false key offset: 1036288 [5]: active: false key offset: 1294336 [6]: active: false key offset: 1552384 [7]: active: false key offset: 1810432 payload offset: 2068480 master key iters: 438487 corrupt: false With the legacy "AES" encryption we just report the format name $ qemu-img create \ --object secret,id=sec0,data=123456 \ -o encrypt.format=aes,encrypt.key-secret=sec0 \ -f qcow2 demo.qcow2 1G Formatting 'demo.qcow2', fmt=qcow2 size=1073741824 \ encryption=off encrypt.format=aes encrypt.key-secret=sec0 \ cluster_size=65536 lazy_refcounts=off refcount_bits=16 $ ./qemu-img info demo.qcow2 image: demo.qcow2 file format: qcow2 virtual size: 1.0G (1073741824 bytes) disk size: 196K encrypted: yes cluster_size: 65536 Format specific information: compat: 1.1 lazy refcounts: false refcount bits: 16 encrypt: format: aes corrupt: false Reviewed-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-20-berrange@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* block: remove all encryption handling APIsDaniel P. Berrange2017-07-112-39/+3Star
| | | | | | | | | | | | | | | | Now that all encryption keys must be provided upfront via the QCryptoSecret API and associated block driver properties there is no need for any explicit encryption handling APIs in the block layer. Encryption can be handled transparently within the block driver. We only retain an API for querying whether an image is encrypted or not, since that is a potentially useful piece of metadata to report to the user. Reviewed-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-18-berrange@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* qcow2: add support for LUKS encryption formatDaniel P. Berrange2017-07-111-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for using LUKS as an encryption format with the qcow2 file, using the new encrypt.format parameter to request "luks" format. e.g. # qemu-img create --object secret,data=123456,id=sec0 \ -f qcow2 -o encrypt.format=luks,encrypt.key-secret=sec0 \ test.qcow2 10G The legacy "encryption=on" parameter still results in creation of the old qcow2 AES format (and is equivalent to the new 'encryption-format=aes'). e.g. the following are equivalent: # qemu-img create --object secret,data=123456,id=sec0 \ -f qcow2 -o encryption=on,encrypt.key-secret=sec0 \ test.qcow2 10G # qemu-img create --object secret,data=123456,id=sec0 \ -f qcow2 -o encryption-format=aes,encrypt.key-secret=sec0 \ test.qcow2 10G With the LUKS format it is necessary to store the LUKS partition header and key material in the QCow2 file. This data can be many MB in size, so cannot go into the QCow2 header region directly. Thus the spec defines a FDE (Full Disk Encryption) header extension that specifies the offset of a set of clusters to hold the FDE headers, as well as the length of that region. The LUKS header is thus stored in these extra allocated clusters before the main image payload. Aside from all the cryptographic differences implied by use of the LUKS format, there is one further key difference between the use of legacy AES and LUKS encryption in qcow2. For LUKS, the initialiazation vectors are generated using the host physical sector as the input, rather than the guest virtual sector. This guarantees unique initialization vectors for all sectors when qcow2 internal snapshots are used, thus giving stronger protection against watermarking attacks. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-14-berrange@redhat.com Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
* qcow2: convert QCow2 to use QCryptoBlock for encryptionDaniel P. Berrange2017-07-111-2/+25
| | | | | | | | | | | | | | | | | | | | | | | This converts the qcow2 driver to make use of the QCryptoBlock APIs for encrypting image content, using the legacy QCow2 AES scheme. With this change it is now required to use the QCryptoSecret object for providing passwords, instead of the current block password APIs / interactive prompting. $QEMU \ -object secret,id=sec0,file=/home/berrange/encrypted.pw \ -drive file=/home/berrange/encrypted.qcow2,encrypt.key-secret=sec0 The test 087 could be simplified since there is no longer a difference in behaviour when using blockdev_add with encrypted images for the running vs stopped CPU state. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-12-berrange@redhat.com Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
* qcow: convert QCow to use QCryptoBlock for encryptionDaniel P. Berrange2017-07-111-1/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This converts the qcow driver to make use of the QCryptoBlock APIs for encrypting image content. This is only wired up to permit use of the legacy QCow encryption format. Users who wish to have the strong LUKS format should switch to qcow2 instead. With this change it is now required to use the QCryptoSecret object for providing passwords, instead of the current block password APIs / interactive prompting. $QEMU \ -object secret,id=sec0,file=/home/berrange/encrypted.pw \ -drive file=/home/berrange/encrypted.qcow,encrypt.format=aes,\ encrypt.key-secret=sec0 Though note that running QEMU system emulators with the AES encryption is no longer supported, so while the above syntax is valid, QEMU will refuse to actually run the VM in this particular example. Likewise when creating images with the legacy AES-CBC format qemu-img create -f qcow \ --object secret,id=sec0,file=/home/berrange/encrypted.pw \ -o encrypt.format=aes,encrypt.key-secret=sec0 \ /home/berrange/encrypted.qcow 64M Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-10-berrange@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* qapi: add explicit null to string input and output visitorsGreg Kurz2017-06-302-0/+25
| | | | | | | | | | This may be used for deprecated object properties that are kept for backwards compatibility. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Markus Armbruster <armbru@redhat.com> Tested-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* qapi: update the qobject visitor to use QNUM_U64Marc-André Lureau2017-06-202-7/+17
| | | | | | | | | | | | | | | | | | | | | Switch to use QNum/uint where appropriate to remove i64 limitation. The input visitor will cast i64 input to u64 for compatibility reasons (existing json QMP client already use negative i64 for large u64, and expect an implicit cast in qemu). Note: before the patch, uint64_t values above INT64_MAX are sent over json QMP as negative values, e.g. UINT64_MAX is sent as -1. After the patch, they are sent unmodified. Clearly a bug fix, but we have to consider compatibility issues anyway. libvirt should cope fine, because its parsing of unsigned integers accepts negative values modulo 2^64. There's hope that other clients will, too. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20170607163635.17635-12-marcandre.lureau@redhat.com> [check_native_list() tweaked for consistency with signed case] Signed-off-by: Markus Armbruster <armbru@redhat.com>
* qapi: Remove visit_start_alternate() parameter promote_intMarc-André Lureau2017-06-205-7/+7
| | | | | | | | | | | | | | | Before the previous commit, parameter promote_int = true made visit_start_alternate() with an input visitor avoid QTYPE_QINT variants and create QTYPE_QFLOAT variants instead. This was used where QTYPE_QINT variants were invalid. The previous commit fused QTYPE_QINT with QTYPE_QFLOAT, rendering promote_int useless and unused. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20170607163635.17635-8-marcandre.lureau@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* qapi: merge QInt and QFloat in QNumMarc-André Lureau2017-06-202-31/+16Star
| | | | | | | | | | | | | | | We would like to use a same QObject type to represent numbers, whether they are int, uint, or floats. Getters will allow some compatibility between the various types if the number fits other representations. Add a few more tests while at it. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170607163635.17635-7-marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> [parse_stats_intervals() simplified a bit, comment in test_visitor_in_int_overflow() tidied up, suppress bogus warnings] Signed-off-by: Markus Armbruster <armbru@redhat.com>
* qapi: Clean up qobject_input_type_number() control flowMarc-André Lureau2017-06-191-4/+4
| | | | | | | | | | Use the more common pattern to error out. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20170607163635.17635-6-marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> [Commit message tweaked] Signed-off-by: Markus Armbruster <armbru@redhat.com>
* block: Clarify documentation of BlockInfo member io-statusMarkus Armbruster2017-06-061-1/+2
| | | | | | | | | | Say "SCSI except scsi-generic" instead of "scsi-disk", because scsi-disk could mean either scsi-disk.c (which is correct) or device model scsi-disk (which would be incorrect). Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1494327362-30727-2-git-send-email-armbru@redhat.com> Acked-by: Paolo Bonzini <pbonzini@redhat.com>
* qapi: Fix some QMP documentation regressionsEric Blake2017-06-042-15/+15
| | | | | | | | | | | | | | | | | | In the process of getting rid of docs/qmp-commands.txt, we managed to regress on some of the text that changed after the point where the move was first branched and when the move actually occurred. For example, commit 3282eca for blockdev-snapshot re-added the extra "options" layer which had been cleaned up in commit 0153d2f. This clears up all regressions identified over the range 02b351d..bd6092e: https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg05127.html as well as a cleanup to x-blockdev-remove-medium to prefer 'id' over 'device' (matching the cleanup for 'eject'). Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* block: Correct documentation for BLOCK_WRITE_THRESHOLDEric Blake2017-06-041-1/+1
| | | | | | | Use the correct command name. Signed-off-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
* qobject-input-visitor: Reject non-finite numbers with keyvalMarkus Armbruster2017-05-311-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | The QObject input visitor can produce only finite numbers when its input comes out of the JSON parser, because the the JSON parser implements RFC 7159, which provides no syntax for infinity and NaN. However, it can produce infinity and NaN when its input comes out of keyval_parse(), because we parse with strtod() then. The keyval variant should not be able to express things the JSON variant can't. Rejecting non-finite numbers there is the conservative fix. It's also minimally invasive. We could instead extend our JSON dialect to provide for infinity and NaN. Not today. Note that the JSON formatter can emit non-finite numbers (marked FIXME in commit 6e8e5cb). Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1495471335-23707-2-git-send-email-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
* shutdown: Expose bool cause in SHUTDOWN and RESET eventsEric Blake2017-05-231-4/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Libvirt would like to be able to distinguish between a SHUTDOWN event triggered solely by guest request and one triggered by a SIGTERM or other action on the host. While qemu_kill_report() was already able to give different output to stderr based on whether a shutdown was triggered by a host signal (but NOT by a host UI event, such as clicking the X on the window), that information was then lost to management. The previous patches improved things to use an enum throughout all callsites, so now we have something ready to expose through QMP. Note that for now, the decision was to expose ONLY a boolean, rather than promoting ShutdownCause to a QAPI enum; this is because libvirt has not expressed an interest in anything finer-grained. We can still add additional details, in a backwards-compatible manner, if a need later arises (if the addition happens before 2.10, we can replace the bool with an enum; otherwise, the enum will have to be in addition to the bool); this patch merely adds a helper shutdown_caused_by_guest() to map the internal enum into the external boolean. Update expected iotest outputs to match the new data (complete coverage of the affected tests is obtained by -raw, -qcow2, and -nbd). Here is output from 'virsh qemu-monitor-event --loop' with the patch installed: event SHUTDOWN at 1492639680.731251 for domain fedora_13: {"guest":true} event STOP at 1492639680.732116 for domain fedora_13: <null> event SHUTDOWN at 1492639680.732830 for domain fedora_13: {"guest":false} Note that libvirt runs qemu with -no-shutdown: the first SHUTDOWN event was triggered by an action I took directly in the guest (shutdown -h), at which point qemu stops the vcpus and waits for libvirt to do any final cleanups; the second SHUTDOWN event is the result of libvirt sending SIGTERM now that it has completed cleanup. Libvirt is already smart enough to only feed the first qemu SHUTDOWN event to the end user (remember, virsh qemu-monitor-event is a low-level debugging interface that is explicitly unsupported by libvirt, so it sees things that normal end users do not); changing qemu to emit SHUTDOWN only once is outside the scope of this series. See also https://bugzilla.redhat.com/1384007 Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20170515214114.15442-6-eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* Merge remote-tracking branch 'dgilbert/tags/pull-hmp-20170517' into stagingStefan Hajnoczi2017-05-181-16/+6Star
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | HMP pull # gpg: Signature made Wed 17 May 2017 07:03:39 PM BST # gpg: using RSA key 0x0516331EBC5BFDE7 # gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A 9FA9 0516 331E BC5B FDE7 * dgilbert/tags/pull-hmp-20170517: ramblock: add new hmp command "info ramblock" utils: provide size_to_str() ramblock: add RAMBLOCK_FOREACH() Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
| * utils: provide size_to_str()Peter Xu2017-05-171-16/+6Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Moving the algorithm from print_type_size() into size_to_str() so that other component can also leverage it. With that, refactor print_type_size(). The assert() in that logic is removed though, since even UINT64_MAX would not overflow. Signed-off-by: Peter Xu <peterx@redhat.com> Message-Id: <1494562661-9063-3-git-send-email-peterx@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
* | block: curl: Allow passing cookies via QCryptoSecretPeter Krempa2017-05-161-2/+10
|/ | | | | | | | | | | | | | Since cookies can contain sensitive data (session ID, etc ...) it is desired to hide them from the prying eyes of users. Add a possibility to pass them via the secret infrastructure. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1447413 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Message-id: f4a22cdebdd0bca6a13a43a2a6deead7f2ec4bb3.1493906281.git.pkrempa@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
* blkdebug: Add ability to override unmap geometriesEric Blake2017-05-111-3/+30
| | | | | | | | | | | | | | | Make it easier to simulate various unusual hardware setups (for example, recent commits 3482b9b and b8d0a98 affect the Dell Equallogic iSCSI with its 15M preferred and maximum unmap and write zero sizing, or b2f95fe deals with the Linux loopback block device having a max_transfer of 64k), by allowing blkdebug to wrap any other device with further restrictions on various alignments. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 20170429191419.30051-9-eblake@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* file-posix: Add 'locking' optionFam Zheng2017-05-111-0/+4
| | | | | | | | | | Making this option available even before implementing it will let converting tests easier: in coming patches they can specify the option already when necessary, before we actually write code to lock the images. Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
* block: Add, parse and store "force-share" optionFam Zheng2017-05-111-0/+3
| | | | | Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
* qobject-input-visitor: Catch misuse of end_struct vs. end_listMarkus Armbruster2017-05-091-2/+19
| | | | | | | Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1493282486-28338-5-git-send-email-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> [More elaborate assertions for clarity]
* qobject-input-visitor: Document full_name_nth()Markus Armbruster2017-05-091-0/+11
| | | | | | Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1493282486-28338-3-git-send-email-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
* qmp: Improve QMP dispatch error messagesMarkus Armbruster2017-05-091-7/+7
| | | | | | | | Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <1493282486-28338-2-git-send-email-armbru@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
* sockets: Rename SocketAddressFlat to SocketAddressMarkus Armbruster2017-05-091-3/+3
| | | | | | | Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1493192202-3184-6-git-send-email-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
* sockets: Rename SocketAddress to SocketAddressLegacyMarkus Armbruster2017-05-091-1/+1
| | | | | | | | | | | | | | | The next commit will rename SocketAddressFlat to SocketAddress, and the commit after that will replace most uses of SocketAddressLegacy by SocketAddress, replacing most of this commit's renames right back. Note that checkpatch emits a few "line over 80 characters" warnings. The long lines are all temporary; the SocketAddressLegacy replacement will shorten them again. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1493192202-3184-5-git-send-email-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* qapi: New QAPI_CLONE_MEMBERS()Markus Armbruster2017-05-091-0/+13
| | | | | | | | | | QAPI_CLONE() returns a newly allocated QAPI object. Inconvenient when we want to clone into an existing object. QAPI_CLONE_MEMBERS() does exactly that. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <1493192202-3184-4-git-send-email-armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
* qobject: Use simpler QDict/QList scalar insertion macrosEric Blake2017-05-091-1/+1
| | | | | | | | | | | | | | | | | | We now have macros in place to make it less verbose to add a scalar to QDict and QList, so use them. Patch created mechanically via: spatch --sp-file scripts/coccinelle/qobject.cocci \ --macro-file scripts/cocci-macro-file.h --dir . --in-place then touched up manually to fix a couple of '?:' back to original spacing, as well as avoiding a long line in monitor.c. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20170427215821.19397-7-eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* block/vxhs.c: Add support for a new block device type called "vxhs"Ashish Mittal2017-04-241-2/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source code for the qnio library that this code loads can be downloaded from: https://github.com/VeritasHyperScale/libqnio.git Sample command line using JSON syntax: ./x86_64-softmmu/qemu-system-x86_64 -name instance-00000008 -S -vnc 0.0.0.0:0 -k en-us -vga cirrus -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x5 -msg timestamp=on 'json:{"driver":"vxhs","vdisk-id":"c3e9095a-a5ee-4dce-afeb-2a59fb387410", "server":{"host":"172.172.17.4","port":"9999"}}' Sample command line using URI syntax: qemu-img convert -f raw -O raw -n /var/lib/nova/instances/_base/0c5eacd5ebea5ed914b6a3e7b18f1ce734c386ad vxhs://192.168.0.1:9999/c6718f6b-0401-441d-a8c3-1f0064d75ee0 Sample command line using TLS credentials (run in secure mode): ./qemu-io --object tls-creds-x509,id=tls0,dir=/etc/pki/qemu/vxhs,endpoint=client -c 'read -v 66000 2.5k' 'json:{"server.host": "127.0.0.1", "server.port": "9999", "vdisk-id": "/test.raw", "driver": "vxhs", "tls-creds":"tls0"}' [Jeff: Modified trace-events with the correct string formatting] Signed-off-by: Ashish Mittal <Ashish.Mittal@veritas.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Jeff Cody <jcody@redhat.com> Message-id: 1491277689-24949-2-git-send-email-Ashish.Mittal@veritas.com
* sheepdog: Fix blockdev-addMarkus Armbruster2017-04-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | Commit 831acdc "sheepdog: Implement bdrv_parse_filename()" and commit d282f34 "sheepdog: Support blockdev-add" have different ideas on how the QemuOpts parameters for the server address are named. Fix that. While there, rename BlockdevOptionsSheepdog member addr to server, for consistency with BlockdevOptionsSsh, BlockdevOptionsGluster, BlockdevOptionsNbd. Commit 831acdc's example becomes --drive driver=sheepdog,server.type=inet,server.host=fido,server.port=7000,vdi=dolly instead of --drive driver=sheepdog,host=fido,vdi=dolly Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Tested-by: Kashyap Chamarthy <kchamart@redhat.com> Message-id: 1490895797-29094-10-git-send-email-armbru@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
* nbd: Tidy up blockdev-add interfaceMarkus Armbruster2017-04-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SocketAddress is a simple union, and simple unions are awkward: they have their variant members wrapped in a "data" object on the wire, and require additional indirections in C. I intend to limit its use to existing external interfaces, and convert all internal interfaces to SocketAddressFlat. BlockdevOptionsNbd is an external interface using SocketAddress. We already use SocketAddressFlat elsewhere in blockdev-add. Replace it by SocketAddressFlat while we can (it's new in 2.9) for simplicity and consistency. For example, { "execute": "blockdev-add", "arguments": { "node-name": "foo", "driver": "nbd", "server": { "type": "inet", "data": { "host": "localhost", "port": "12345" } } } } becomes { "execute": "blockdev-add", "arguments": { "node-name": "foo", "driver": "nbd", "server": { "type": "inet", "host": "localhost", "port": "12345" } } } Since the internal interfaces still take SocketAddress, this requires conversion function socket_address_crumple(). It'll go away when I update the interfaces. Unfortunately, SocketAddress is also visible in -drive since 2.8: -drive if=none,driver=nbd,server.type=inet,server.data.host=127.0.0.1,server.data.port=12345 Nobody should be using it, as it's fairly new and has never been documented, so adding still more compatibility gunk to keep it working isn't worth the trouble. You now have to use -drive if=none,driver=nbd,server.type=inet,server.host=127.0.0.1,server.port=12345 Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-id: 1490895797-29094-9-git-send-email-armbru@redhat.com [mreitz: Change iotest 147 accordingly] Because of this interface change, iotest 147 has to be adapted. Unfortunately, we cannot just flatten all of the addresses because nbd-server-start still takes a plain SocketAddress. Therefore, we need both and this is most easily achieved by writing the SocketAddress into the code and flattening it where necessary. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20170330221243.17333-1-mreitz@redhat.com Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
* qapi/curl: Extend and fix blockdev-add schemaMax Reitz2017-03-311-9/+94
| | | | | | | | | | | | The curl block driver accepts more options than just "filename"; also, the URL is actually expected to be passed through the "url" option instead of "filename". Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 20170331120431.1767-2-mreitz@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
* Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into stagingPeter Maydell2017-03-281-29/+1Star
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | # gpg: Signature made Tue 28 Mar 2017 15:02:40 BST # gpg: using RSA key 0xBDBE7B27C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>" # gpg: aka "Jeffrey Cody <jeff@codyprime.org>" # gpg: aka "Jeffrey Cody <codyprime@gmail.com>" # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/block-pull-request: rbd: Fix bugs around -drive parameter "server" rbd: Revert -blockdev parameter password-secret rbd: Revert -blockdev and -drive parameter auth-supported rbd: Clean up qemu_rbd_create()'s detour through QemuOpts rbd: Clean up runtime_opts, fix -drive to reject filename rbd: Don't accept -drive driver=rbd, keyvalue-pairs=... rbd: Clean up after the previous commit rbd: Don't limit length of parameter values rbd: Fix to cleanly reject -drive without pool or image rbd: Reject -blockdev server.*.{numeric, to, ipv4, ipv6} Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| * rbd: Revert -blockdev parameter password-secretMarkus Armbruster2017-03-281-5/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts a part of commit 8a47e8e. We're having second thoughts on the QAPI schema (and thus the external interface), and haven't reached consensus, yet. Issues include: * BlockdevOptionsRbd member @password-secret isn't actually a password, it's a key generated by Ceph. * We're not sure where member @password-secret belongs (see the previous commit). * How @password-secret interacts with settings from a configuration file specified with @conf is undocumented. Let's avoid painting ourselves into a corner now, and revert the feature for 2.9. Note that users can still configure an authentication key with a configuration file. They probably do that anyway if they use Ceph outside QEMU as well. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Message-id: 1490691368-32099-10-git-send-email-armbru@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
| * rbd: Revert -blockdev and -drive parameter auth-supportedMarkus Armbruster2017-03-281-24/+0Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts half of commit 0a55679. We're having second thoughts on the QAPI schema (and thus the external interface), and haven't reached consensus, yet. Issues include: * The implementation uses deprecated rados_conf_set() key "auth_supported". No biggie. * The implementation makes -drive silently ignore invalid parameters "auth" and "auth-supported.*.X" where X isn't "auth". Fixable (in fact I'm going to fix similar bugs around parameter server), so again no biggie. * BlockdevOptionsRbd member @password-secret applies only to authentication method cephx. Should it be a variant member of RbdAuthMethod? * BlockdevOptionsRbd member @user could apply to both methods cephx and none, but I'm not sure it's actually used with none. If it isn't, should it be a variant member of RbdAuthMethod? * The client offers a *set* of authentication methods, not a list. Should the methods be optional members of BlockdevOptionsRbd instead of members of list @auth-supported? The latter begs the question what multiple entries for the same method mean. Trivial question now that RbdAuthMethod contains nothing but @type, but less so when RbdAuthMethod acquires other members, such the ones discussed above. * How BlockdevOptionsRbd member @auth-supported interacts with settings from a configuration file specified with @conf is undocumented. I suspect it's untested, too. Let's avoid painting ourselves into a corner now, and revert the feature for 2.9. Note that users can still configure authentication methods with a configuration file. They probably do that anyway if they use Ceph outside QEMU as well. Further note that this doesn't affect use of key "auth-supported" in -drive file=rbd:...:key=value. qemu_rbd_array_opts()'s parameter @type now must be RBD_MON_HOST, which is silly. This will be cleaned up shortly. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Message-id: 1490691368-32099-9-git-send-email-armbru@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
| * rbd: Reject -blockdev server.*.{numeric, to, ipv4, ipv6}Markus Armbruster2017-03-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We use InetSocketAddress in the QAPI schema. However, the code doesn't use inet_connect_saddr(), but formats "host" and "port" into a configuration string for rados_conf_set(). Thus, members "numeric", "to", "ipv4" and "ipv6" are silently ignored. Not nice. Example: -blockdev rbd,node-name=nn,pool=p,image=i,server.0.host=h0,server.0.port=12345,server.0.ipv4=off Factor a suitable InetSocketAddressBase out of InetSocketAddress, and use that. "numeric", "to", "ipv4" and "ipv6" are now rejected. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Message-id: 1490691368-32099-2-git-send-email-armbru@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
* | block: Declare blockdev-add and blockdev-del supportedMarkus Armbruster2017-03-281-57/+38Star
|/ | | | | | | | | | | | | | It's been a long journey, but here we are. The supported blockdev-add is not compatible to its experimental predecessors; bump all Since: tags to 2.9. x-blockdev-remove-medium, x-blockdev-insert-medium and x-blockdev-change need a bit more work, so leave them alone for now. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
* qapi: Fix QemuOpts visitor regression on unvisited inputEric Blake2017-03-221-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | An off-by-one in commit 15c2f669e meant that we were failing to check for unparsed input in all QemuOpts visitors. Recent testsuite additions show that fixing the obvious bug with bogus fields will also fix the case of an incomplete list visit; update the tests to match the new behavior. Simple testcase: ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -nographic -qmp stdio -numa node,size=1g failed to diagnose that 'size' is not a valid argument to -numa, and now once again reports: qemu-system-x86_64: -numa node,size=1g: Invalid parameter 'size' See also https://bugzilla.redhat.com/show_bug.cgi?id=1434666 CC: qemu-stable@nongnu.org Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> Tested-by: Laurent Vivier <lvivier@redhat.com> Message-Id: <20170322144525.18964-4-eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>