Today, when notifying a VM state change with vm_state_notify(),
we pass a VMSTOP macro as the 'reason' argument. This is not ideal
because the VMSTOP macros tell why qemu stopped and not exactly
what the current VM state is.
One example to demonstrate this problem is that vm_start() calls
vm_state_notify() with reason=0, which turns out to be VMSTOP_USER.
This commit fixes that by replacing the VMSTOP macros with a proper
state type called RunState.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This patch fixes the spacing of the PC output from 'info cpus' for
SPARC.
Signed-off-by: Nathan Kunkee <nkunkee42@hotmail.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
The current interface is generic for this small set of operations, and thus
other backends can easily modify the "trace/control.c" file to add their own
implementation.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Generalize the 'st_print_trace_events' and 'st_change_trace_event_state' into
backend-specific 'trace_print_events' and 'trace_event_set_state' (respectively)
in the "trace/control.h" file.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Provides a more hierarchical view of the variable domain.
Also adds the CONFIG_TRACE_* variables for all backends.
[Stefan added missing 'test' in stap if statement]
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Commit c62f6d1 (monitor: fix build breakage with --disable-vnc)
conditionalised some VNC setup code but left an unused variable. Move
the variable into the conditional code to fix the build breakage.
Cc: Luiz Capitulino <lcapitulino@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This is the same fix that was recently applied to info mem. Before
this change, info tlb output looked like:
ffffffffffffc000: 000000000fffc000 --------W
ffffffffffffd000: 000000000fffd000 --------W
ffffffffffffe000: 000000000fffe000 --------W
fffffffffffff000: 000000000ffff000 --------W
With this change, it looks like
00000000ffffc000: 000000000fffc000 --------W
00000000ffffd000: 000000000fffd000 --------W
00000000ffffe000: 000000000fffe000 --------W
00000000fffff000: 000000000ffff000 --------W
Signed-off-by: Austin Clements <amdragon@mit.edu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Previously, "info mem" considered and displayed only the last-level
protection bits for a memory range, which doesn't accurrately
represent the protection of that range. Now it shows the combined
protection.
Signed-off-by: Austin Clements <amdragon@mit.edu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
"info mem" groups its output into contiguous ranges with identical
protection bits, but previously forgot to print the last range.
Signed-off-by: Austin Clements <amdragon@mit.edu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Previously, on 32-bit i386, info mem used signed 32-bit int's to store
the page table indexes. As a result, address calculation was done in
32 bits and then incorrectly sign-extended to 64 bits, yielding output
like
ffffffffef000000-ffffffffef031000 0000000000031000 ur-
ffffffffef7bc000-ffffffffef7bd000 0000000000001000 urw
ffffffffef7bd000-ffffffffef7be000 0000000000001000 ur-
This makes these indexes unsigned, which yields correct output
00000000ef000000-00000000ef031000 0000000000031000 ur-
00000000ef7bc000-00000000ef7bd000 0000000000001000 urw
00000000ef7bd000-00000000ef7be000 0000000000001000 ur-
Signed-off-by: Austin Clements <amdragon@mit.edu>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Allow client connections for VNC and socket based character
devices to be passed in over the monitor using SCM_RIGHTS.
One intended usage scenario is to start QEMU with VNC on a
UNIX domain socket. An unprivileged user which cannot access
the UNIX domain socket, can then connect to QEMU's VNC server
by passing an open FD to libvirt, which passes it onto QEMU.
{ "execute": "get_fd", "arguments": { "fdname": "myclient" } }
{ "return": {} }
{ "execute": "add_client", "arguments": { "protocol": "vnc",
"fdname": "myclient",
"skipauth": true } }
{ "return": {} }
In this case 'protocol' can be 'vnc' or 'spice', or the name
of a character device (eg from -chardev id=XXXX)
The 'skipauth' parameter can be used to skip any configured
VNC authentication scheme, which is useful if the mgmt layer
talking to the monitor has already authenticated the client
in another way.
* console.h: Define 'vnc_display_add_client' method
* monitor.c: Implement 'client_add' command
* qemu-char.c, qemu-char.h: Add 'qemu_char_add_client' method
* qerror.c, qerror.h: Add QERR_ADD_CLIENT_FAILED
* qmp-commands.hx: Declare 'client_add' command
* ui/vnc.c: Implement 'vnc_display_add_client' method
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This **CHANGES** the human monitor "nmi" command behavior.
Currently it accepts an CPU argument which, when provided, will send
the NMI to the specified CPU. This feature is of discussable value
though and HMP shouldn't have more features than QMP, so let's use
QMP's instead (it's also simpler).
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
inject-nmi command injects an NMI on all CPUs of guest.
It is only supported for x86 guest currently, it will
returns "Unsupported" error for non-x86 guest.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Read them via KVM_GET_SREGS in kvm_arch_get_registers(),
and display them in "info registers".
Also get CR and PID from the existing KVM_GET_REGS.
Signed-off-by: Scott Wood <scottwood@freescale.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Using cpu_physical_memory_read, cpu_physical_memory_write and ldub_phys
improves readability and allows removing some type casts.
lduw_phys and ldl_phys were not used because both require aligned
addresses. Therefore it is not possible to simply replace existing
calls by one of these functions.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
All other type casts in calls of cpu_physical_memory_read are
used by hardware emulations and will be fixed by separate patches.
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
On ppc machines with hash table MMUs, the special purpose register SDR1
contains both the base address of the encoded size (hashed) page tables.
At present, we interpret the SDR1 value within the address translation
path. But because the encodings of the size for 32-bit and 64-bit are
different this makes for a confusing branch on the MMU type with a bunch
of curly shifts and masks in the middle of the translate path.
This patch cleans things up by moving the interpretation on SDR1 into the
helper function handling the write to the register. This leaves a simple
pre-sanitized base address and mask for the hash table in the CPUState
structure which is easier to work with in the translation path.
This makes the translation path more readable. It addresses the FIXME
comment currently in the mtsdr1 helper, by validating the SDR1 value during
interpretation. Finally it opens the way for emulating a pSeries-style
partition where the hash table used for translation is not mapped into
the guests's RAM.
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
This was done with:
sed -i 's/qemu_get_clock\>/qemu_get_clock_ns/' \
$(git grep -l 'qemu_get_clock\>' )
sed -i 's/qemu_new_timer\>/qemu_new_timer_ns/' \
$(git grep -l 'qemu_new_timer\>' )
after checking that get_clock and new_timer never occur twice
on the same line. There were no missed occurrences; however, even
if there had been, they would have been caught by the compiler.
There was exactly one false positive in qemu_run_timers:
- current_time = qemu_get_clock (clock);
+ current_time = qemu_get_clock_ns (clock);
which is of course not in this patch.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Based on patch by Glauber Costa:
To allow management applications like libvirt to apply CPU affinities to
the VCPU threads, expose their ID via info cpus. This patch provides the
pre-existing and used interface from qemu-kvm.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Allow to tell cpu_x86_inject_mce that it should ignore Action Optional
MCE events when the target VCPU is still processing another one. This
will be used by KVM soon.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
As this service is used by the human monitor, make sure that errors get
reported to the right channel, and also raise the verbosity.
This requires to move Monitor typedef in qemu-common.h to resolve the
include dependency.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
CC: Huang Ying <ying.huang@intel.com>
CC: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
CC: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Define and use dedicated constants for vm_stop reasons, they actually
have nothing to do with the EXCP_* defines used so far. At this chance,
specify more detailed reasons so that VM state change handlers can
evaluate them.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
commit 52c18be9e9 introduced a regression in the
change vnc password command that changed the behavior of setting the VNC
password to an empty string from disabling login to disabling authentication.
This commit refactors the code to eliminate this overloaded semantics in
vnc_display_password and instead introduces the vnc_display_disable_login. The
monitor implementation then determines the behavior of an empty or missing
string.
Recently, a set_password command was added that allows both the Spice and VNC
password to be set. This command has not shown up in a release yet so the
behavior is not yet defined.
This patch proposes that an empty password be treated as an empty password with
no special handling. For specifically disabling login, I believe a new command
should be introduced instead of overloading semantics.
I'm not sure how Spice handles this but I would recommend that we have Spice
and VNC have consistent semantics here for the 0.14.0 release.
Reported-by: Neil Wilson <neil@aldur.co.uk>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---
v1 -> v2
- Add a proper return to make sure that login is really disabled instead of
relying on the VNC server to treat empty passwords specially
use after free in do_wav_capture() on the error path.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Handle spice client migration, i.e. inform a spice client connected
about the new host and connection parameters, so it can move over the
connection automatically.
The monitor command has a not-yet used protocol argument simliar to
set_password and expire_password commands. This allows to add a simliar
feature to vnc in the future. Daniel Berrange plans to work on this.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
strtosz() needs to return a 64 bit type even on 32 bit
architectures. Otherwise qemu-img will fail to create disk
images >= 2GB
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
When the following test case is injected with mce command, maybe user could not
get the expected result.
DATA
command cpu bank status mcg_status addr misc
(qemu) mce 1 1 0xbd00000000000000 0x05 0x1234 0x8c
Expected Result
panic type: "Fatal Machine check"
That is because each mce command can only inject the given cpu and could not
inject mce interrupt to other cpus. So user will get the following result:
panic type: "Fatal machine check on current CPU"
"broadcast" option is used for injecting dummy data into other cpus. Injecting
mce with this option the expected result could be gotten.
Usage:
Broadcast[on]
command broadcast cpu bank status mcg_status addr misc
(qemu) mce -b 1 1 0xbd00000000000000 0x05 0x1234 0x8c
Broadcast[off]
command cpu bank status mcg_status addr misc
(qemu) mce 1 1 0xbd00000000000000 0x05 0x1234 0x8c
Signed-off-by: Jin Dongming <jin.dongming@np.css.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Fix usage of wrong variable, spotted by clang:
/src/qemu/monitor.c:2278:36: warning: The left operand of '&' is a garbage value
prot = pde & (PG_USER_MASK | PG_RW_MASK |
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
'info mem' didn't show correct information for PAE mode and
x86_64 long mode.
Fix by implementing the output for missing modes.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
'info tlb' didn't show correct information for PAE mode and
x86_64 long mode.
Implement the missing modes. Also print NX bit for PAE and long modes.
Fix off-by-one error in 32 bit mode mask.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This patch adds new set_password and expire_password monitor commands
which allows to change and expire the password for spice and vnc
connections. See the doc update patch chunk for details.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The patch adds a 'query-spice' monitor command which returns
informations about the spice server configuration and also a list of
channel connections.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This patch adds support for connection events to spice. The events are
quite simliar to the vnc events. Unlike vnc spice uses multiple tcp
channels though. qemu will report every single tcp connection (aka
spice channel). If you want track spice sessions only you can filter
for the main channel (channel-type == 1).
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
The first if/else clause in handler_audit() makes no sense for two
reasons:
1. this function is now called only by QMP code, so testing if
it's a QMP call makes no sense anymore
2. the else clause first asserts that there's no error in the
monitor object, then it tries to free it!
Just drop it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Commit 030db6e89d dropped do_info() usage from QMP and introduced
qmp_call_query_cmd(). However, the new function doesn't emit QMP's
default OK response when the handler doesn't return data.
Fix that by also calling monitor_protocol_emitter() when
ret_data == NULL, so that the default response is emitted.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This command allows QMP clients to execute HMP commands.
Please, check the documentation added to the qmp-commands.hx file
for additional details about the interface and its limitations.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
'f' double is no longer used, and we should be using floating point
variables to store byte sizes. Remove it.
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Octet format relies on strtosz which supports K/k, M/m, G/g, T/t
suffixes and unit support for humans, like 1.3G
Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
There was no warning if a bad trace event name was given to
'trace-event' command, thus the user could think that the command
was successful even if this was not the case.
Print a warning if the user tries to enable a trace event which is not
known.
Acked-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Let's be consistent and call it hmp-commands.hx, so that we have
qmp-commands.hx for QMP and hmp-commands.hx for HMP.
Please, note that this commit doesn't touch qemu-monitor.texi. All
texi files have the qemu- prefix and I don't think it's worth
changing that.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Calls a QObject handler and emits the QMP response, also drops
monitor_call_handler() which is now unused.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This avoids handle_user_command() calling monitor_call_handler(),
which is currently shared with QMP.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
That name makes no sense anymore, as dispatch tables have been split,
a better name is handler_is_qobject(), which really communicates
the handler's type.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This function was only needed when QMP and HMP were sharing dispatch
tables, this is no longer true so just drop it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
QMP has its own dispatch table and documentation file
(qmp-commands.hx), we can now drop the following QMP specific info
from qemu-monitor.hx:
o SQMP/EQMP sections
o The qmp_capabilities command
o The query-commands command
However, note that QObject handlers entries are not being removed.
This will only happen when we introduce a proper QMP call interface.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
QMP has its own dispatch tables, we can now drop the following
checks:
o 'info' command: this command doesn't exist in QMP's
dispatch table, the right thing will happen when it's
issued by a client (ie. command not found error)
o monitor_handler_ported(): all QMP handlers are 'ported', no
need to check for that
o monitor_cmd_user_only(): no HMP handler will exist in QMP's
dispatch tables, that's why we have split them after all :-)
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The new table is a copy of HMP's table, containing only QObject
handlers.
In the near future HMP will be making QMP calls and then we will
be able to drop QObject handlers from HMP's table.
From now on, QMP and HMP have different query command dispatch
tables.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Also update QMP functions to use it. The table is generated
from the qmp-commands.hx file.
From now on, QMP and HMP have different command dispatch
tables.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Next commit needs this new function: it will introduce the
the QMP's command dispatch table and qmp_find_cmd() will be
used to search on it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
If I understood it correcty, the is_async_return() logic was only
used to prevent QMP from issuing duplicated success responses
for asynchronous handlers.
However, QMP doesn't use do_info() anymore so this is dead logic
and (hopefully) can be safely dropped.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Since its inception, QMP has been using HMP's do_info() function
to run query commands.
This was a bad choice, as it made do_info() more complex and
contributed to couple QMP and HMP.
This commit fixes that by doing the following changes:
1. Introduce qmp_find_query_cmd() and use it to directly lookup
the info_cmds table
2. Introduce qmp_call_query_cmd() so that QMP code is able
to call query handlers without using do_info()
3. Drop do_info() usage (via monitor_find_command("info"))
We need all the three changes in one shot so that we don't break
the calling of query commands in QMP.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Next commit will change how query commands are handled in a
way that the 'cmd' sanity check is also going to be needed
for query commands handling.
Let's move it out of the else body then.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
It's a generic version of monitor_find_command() which searches
the dispatch table passed as an argument.
Future commits will introduce new dispatch tables, so we need
common code to search them.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Expaned '-mon' arg to allow a 'pretty=on' flag. This makes the
monitor pretty print its replies to easy human debugging / reading
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This patch adds the trace-file command:
trace-file [on|off|flush]
Open, close, or flush the trace file. If no argument is given,
the status of the trace file is displayed.
The trace file is turned on by default but is only written out when the
trace buffer becomes full. The flush operation can be used to force
write out at any time.
Turning off the trace file does not change the state of trace events;
tracing will continue to the trace buffer. When the trace file is off,
use "info trace" to display the contents of the trace buffer in memory.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This commit also contains the trace-file sub-command from the following
commit:
commit 5ce8d1a957afae2c52ad748944ce72848ccf57bd
Author: Prerna Saxena <prerna@linux.vnet.ibm.com>
Date: Wed Aug 4 16:23:54 2010 +0530
trace: Add options to specify trace file name at startup and runtime
This patch adds an optional command line switch '-trace' to specify the
filename to write traces to, when qemu starts.
Eg, If compiled with the 'simple' trace backend,
[temp@system]$ qemu -trace FILENAME IMAGE
Allows the binary traces to be written to FILENAME instead of the option
set at config-time.
Also, this adds monitor sub-command 'set' to trace-file commands to
dynamically change trace log file at runtime.
Eg,
(qemu)trace-file set FILENAME
This allows one to set trace outputs to FILENAME from the default
specified at startup.
Signed-off-by: Prerna Saxena <prerna@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This patch adds support for dynamically enabling/disabling of trace events.
This is done by internally maintaining each trace event's state, and
permitting logging of data from a trace event only if it is in an
'active' state.
Monitor commands added :
1) info trace-events : to view all available trace events and
their state.
2) trace-event NAME on|off : to enable/disable data logging from a
given trace event.
Eg, trace-event paio_submit off
disables logging of data when
paio_submit is hit.
By default, all trace-events are disabled. One can enable desired trace-events
via the monitor.
Signed-off-by: Prerna Saxena <prerna@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
trace: Monitor command 'info trace'
Monitor command 'info trace' to display contents of trace buffer
Signed-off-by: Prerna Saxena <prerna@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
trace: Remove monitor.h dependency from simpletrace
User-mode targets don't have a monitor so the simple trace backend
currently does not build on those targets. This patch abstracts the
monitor printing interface so there is no direct coupling between
simpletrace and the monitor.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
This code was originally developed by Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Miguel Di Ciurcio Filho <miguel.filho@gmail.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch improves the resilience of the load_vmstate() function, doing
further and better ordered tests.
In load_vmstate(), if there is any error on bdrv_snapshot_goto(), except if the
error is on VM state device, load_vmstate() will return zero and the VM will be
started with major corruption chances.
The current process:
- test if there is any writable device without snapshot support
- if exists return -error
- get the device that saves the VM state, possible return -error but unlikely
because it was tested earlier
- flush I/O
- run bdrv_snapshot_goto() on devices
- if fails, give an warning and goes to the next (not good!)
- if fails on the VM state device, return zero (not good!)
- check if the requested snapshot exists on the device that saves the VM state
and the state is not zero
- if fails return -error
- open the file with the VM state
- if fails return -error
- load the VM state
- if fails return -error
- return zero
New behavior:
- get the device that saves the VM state
- if fails return -error
- check if the requested snapshot exists on the device that saves the VM state
and the state is not zero
- if fails return -error
- test if there is any writable device without snapshot support
- if exists return -error
- test if the devices with snapshot support have the requested snapshot
- if anyone fails, return -error
- flush I/O
- run snapshot_goto() on devices
- if anyone fails, return -error
- open the file with the VM state
- if fails return -error
- load the VM state
- if fails return -error
- return zero
do_loadvm must not call vm_start if any error has occurred in load_vmstate.
Signed-off-by: Miguel Di Ciurcio Filho <miguel.filho@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
When a 'cont' is issued on a VM that's just waiting for an incoming
migration, the VM reboots and boots into the guest, possibly corrupting
its storage since it could be shared with another VM running elsewhere.
Ensure that a VM started with '-incoming' is only run when an incoming
migration successfully completes.
A new qerror, QERR_MIGRATION_EXPECTED, is added to signal that 'cont'
failed due to no incoming migration has been attempted yet.
Reported-by: Laine Stump <laine@redhat.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Ported commands that are marked 'user_only' will not be considered for
QMP monitor sessions. This allows to implement new commands that do not
(yet) provide a sufficiently stable interface for QMP use.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This is similar to qmp_check_client_args(), but it checks if
the input object follows the specification (QMP/qmp-spec.txt
section 2.3).
As we're limited to three keys, the work here is quite simple:
we iterate over the input object, checking each time if the
current argument complies to the specification.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Previous two commits added qmp_check_client_args(), which
fully replaces this code and is way better.
It's important to note that the new checker doesn't support
the '/' arg type. As we don't have any of those handlers
converted to QMP, this is just dead code.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This commit introduces the second (and last) part of QMP's new
argument checker.
The job is done by check_client_args_type(), it iterates over
the client's argument qdict and for for each argument it checks
if it exists and if its type is valid.
It's important to observe the following changes from the existing
argument checker:
- If the handler accepts an O-type argument, unknown arguments
are passed down to it. It's up to O-type handlers to validate
their arguments
- Boolean types (eg. 'b' and '-') don't accept integers anymore,
only json-bool
- Argument types '/' and '.' are currently unsupported under QMP,
thus they're not handled
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Current QMP's argument checker is more complex than it should be
and has (at least) one serious bug: it ignores unknown arguments.
To solve both problems we introduce a new argument checker. It's
added on top of the existing one, so that there are no regressions
during the transition.
This commit introduces the first part of the new checker, which
is run by qmp_check_client_args() and does the following:
1. Check if all mandatory arguments were provided
2. Set flags for argument validation
In order to do that, we transform the args_type string (from
qemu-montor.hx) into a qdict and iterate over it.
Next commit adds the new checker's second part: type checking and
invalid argument detection.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Historically, user monitor arguments beginning with '-' (eg. '-f')
were passed as integers down to handlers.
I've maintained this behavior in the new monitor because we didn't
have a boolean type at the very beginning of QMP. Today we have it
and this behavior is causing trouble to QMP's argument checker.
This commit fixes the problem by doing the following changes:
1. User Monitor
Before: the optional arg was represented as a QInt, we'd pass 1
down to handlers if the user specified the argument or
0 otherwise
This commit: the optional arg is represented as a QBool, we pass
true down to handlers if the user specified the
argument, otherwise _nothing_ is passed
2. QMP
Before: the client was required to pass the arg as QBool, but we'd
convert it to QInt internally. If the argument wasn't passed,
we'd pass 0 down
This commit: still require a QBool, but doesn't do any conversion and
doesn't pass any default value
3. Convert existing handlers (do_eject()/do_migrate()) to the new way
Before: Both handlers would expect a QInt value, either 0 or 1
This commit: Change the handlers to accept a QBool, they handle the
following cases:
A) true is passed: the option is enabled
B) false is passed: the option is disabled
C) nothing is passed: option not specified, use
default behavior
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The current asynchronous command API doesn't return a QMP response
when the async command fails.
This is easy to reproduce with the balloon command (the sole async
command we have so far): run qemu w/o the '-balloon virtio' option
and try to issue the balloon command via QMP: no response will be
sent to the client.
This commit fixes the problem by making qmp_async_cmd_handler()
return the handler's error code and then calling
monitor_protocol_emitter() if the handler has returned an error.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
As we want to add more flags to monitor commands, convert the only so
far existing one accordingly.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
We now have to move forward to the next argument type via next_arg_type.
This patch fixes completion for 'eject' and maybe also other commands.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Given too many arguments or an invalid command, we were leaking the
duplicated argument strings.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The code comes from
http://lists.gnu.org/archive/html/qemu-devel/2010-05/msg02788.html
Without this patch it is not possible to send at least 10 special
characters (\|'"`~:;[]{}) via the monitor sendkey command.
Signed-off-by: Bernhard M. Wiedemann <qemudevbmw@lsmod.de>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This command was of minimal use before, now it is useless as the hpet
become a qdev device and is thus easily discoverable. We should
definitely not set query-hpet in QMP's stone, and there is also no good
reason to keep it for the interactive monitor.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Anything that moves hundreds of lines out of vl.c can't be all bad.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Previous commit added QMP documentation to the qemu-monitor.hx
file, it's is a copy of this information.
While it's good to keep it near code, maintaining two copies of
the same information is too hard and has little benefit as we
don't expect client writers to consult the code to find how to
use a QMP command.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is a new version of the (now reverted) following commit:
0e8d2b5575
The 'quit' Monitor command (implemented by do_quit()) calls
exit() directly, this is problematic under QMP because QEMU
exits before having a chance to send the ok response.
Clients don't know if QEMU exited because of a problem or
because the 'quit' command has been executed.
This commit fixes that by making do_quit() use
qemu_system_shutdown_request(), so that we exit gracefully.
Thanks to Paolo Bonzini <pbonzini@redhat.com> for suggesting
this solution.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Recalculate Sparc64 CPU flags on interrupts, otherwise some earlier
flags could be stored to pstate.
Refactor PSR/CCR/CWP handling: concentrate the actual
functions to op_helper.c.
Thanks to Igor Kovalenko for reporting.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Current code of monitor command: 'change', used to open file for read-write
uncoditionally. Change to open it as read-only for CDROM, and read-write for all others.
Signed-off-by: Naphtali Sprei <nsprei@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It's emitted when the Virtual Machine resumes execution.
We currently have the STOP event but don't have the matching
RESUME one, this means that clients are notified when the VM
is stopped but don't get anything when it resumes.
Let's fix that as it's already causing some trouble to libvirt.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
If there is already a fd in s->msgfd before recvmsg it is
closed by parts that this patch does not touch. So, only
one descriptor can be "leaked" by attaching it to a command
other than getfd.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The 'quit' Monitor command (implemented by do_quit()) calls
exit() directly, this is problematic under QMP because QEMU
exits before having a chance to send the ok response.
Clients don't know if QEMU exited because of a problem or
because the 'quit' command has been executed.
This commit fixes that by moving the exit() call to the main
loop, so that do_quit() requests the system to quit, instead
of calling exit() directly.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
The QERR_QMP_BAD_INPUT_OBJECT error is going to be used only
for two problems: the input is not an object or the "execute"
key is missing.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
What is known today as bdrv_open2 becomes the new bdrv_open. All remaining
callers of the old function are converted to the new one. In some places they
even know the right format, so they should have used bdrv_open2 from the
beginning.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Trivial, as it never fails, doesn't have output nor return
any data.
Note that it's also available under QMP, as kvm-autotest
needs this.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
This is a boolean value. Human monitor accepts "on" or "off".
Consistent with option parsing (see parse_option_bool()).
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
To make 'b' available for boolean argument.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Currently when using the change command to switch the file in the cd drive
the command doesn't complain if the file doesn't exit or can't be opened
and the drive keeps the existing image. This patch adds a qerror_report
call to print a message out indicating the failure. This error message
can be used to catch failures.
Current behavior:
QEMU 0.12.50 monitor - type 'help' for more information
(qemu) info block
ide0-hd0: type=hd removable=0 file=/dev/null ro=0 drv=host_device encrypted=0
ide1-cd0: type=cdrom removable=1 locked=0 [not inserted]
floppy0: type=floppy removable=1 locked=0 [not inserted]
sd0: type=floppy removable=1 locked=0 [not inserted]
(qemu) change ide1-cd0 /home/rharper/work/isos/Fedora-9-i386-DVD.iso
(qemu) info block
ide0-hd0: type=hd removable=0 file=/dev/null ro=0 drv=host_device encrypted=0
ide1-cd0: type=cdrom removable=1 locked=0
file=/home/rharper/work/isos/Fedora-9-i386-DVD.iso ro=0 drv=raw encrypted=0
floppy0: type=floppy removable=1 locked=0 [not inserted]
sd0: type=floppy removable=1 locked=0 [not inserted]
(qemu) change ide1-cd0 /tmp/non_existent_file.iso
(qemu) info block
ide0-hd0: type=hd removable=0 file=/dev/null ro=0 drv=host_device encrypted=0
ide1-cd0: type=cdrom removable=1 locked=0 [not inserted]
floppy0: type=floppy removable=1 locked=0 [not inserted]
sd0: type=floppy removable=1 locked=0 [not inserted]
(qemu)
With patch:
QEMU 0.12.50 monitor - type 'help' for more information
(qemu) change ide1-cd0 /tmp/non_existent_file.iso
Could not open '/tmp/non_existent_file.iso'
(qemu)
Signed-off-by: Ryan Harper <ryanh@us.ibm.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
In the human monitor, it declares a single optional argument to be
parsed according to the QemuOptsList given by its name.
In QMP, it declares an optional argument for each member of the
QemuOptsList.
Restriction: only lists with empty desc are supported for now. Good
enough for the job at hand. We'll lift the restriction when we need
that.
While fully converted handlers are not supposed to print anything when
running in a QMP monitor, they are free to print in a human monitor.
For instance, device_add (not yet converted) prints help, and will
continue to do so after conversion.
Moreover, utility functions converted to QError should remain usable
from unconverted handlers.
Two problems:
* handler_audit() complains when a converted handler prints. Limit
that to QMP monitors.
* With QMP, handlers need to pass the error object by way of
monitor_set_error(). However, we do that both for QMP and for the
human monitor. The human monitor prints the error object after the
handler returns. If the handler prints anything else, that output
"overtakes" the error message.
Limit use of monitor_set_error() to QMP monitors. Update
handler_audit() accordingly.
qemu_error_sink can either point to a monitor or a file. In practice,
it always points to the current monitor if we have one, else to
stderr. Simply route errors to the current monitor or else to stderr,
and remove qemu_error_sink along with the functions to control it.
Actually, the old code switches the sink slightly later, in
handle_user_command() and handle_qmp_command(), than it gets switched
now, implicitly, by setting the current monitor in monitor_read() and
monitor_control_read(). Likewise, it switches back slightly earlier
(same places). Doesn't make a difference, because there are no calls
of qemu_error() in between.
Commits 376253ec..731b0364 introduced global variable cur_mon, which
points to the "default monitor" (if any), except during execution of
monitor_read() or monitor_control_read() it points to the monitor from
which we're reading instead (the "current monitor"). Monitor command
handlers run within monitor_read() or monitor_control_read().
Default monitor and current monitor are really separate things, and
squashing them together is confusing and error-prone.
For instance, usb_host_scan() can run both in "info usbhost" and
periodically via usb_host_auto_check(). It prints to cur_mon, which
is what we want in the former case: the monitor executing "info
usbhost". But since that's the default monitor in the latter case, it
periodically spams the default monitor there.
A few places use cur_mon to log stuff to the default monitor. If we
ever log something while cur_mon points to current monitor instead of
default monitor, the log temporarily "jumps" to another monitor.
Whether that can or cannot happen isn't always obvious.
Maybe logging to the default monitor (which may not even exist) is a
bad idea, and we should log to stderr or a logfile instead. But
that's outside the scope of this commit.
Change cur_mon to point to the current monitor. Create new
default_mon to point to the default monitor. Update users of cur_mon
accordingly.
This fixes the periodical spamming of the default monitor by
usb_host_scan(). It also stops "log jumping", should that problem
exist.
It's emitted whenever the watchdog device's timer expires. The action
taken is provided in the 'data' member.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This event has been introduced in the first round of QMP commits,
turns out that it's based on the usage of the EXCP_DEBUG macro,
which has discussable semantics when exposed through QMP.
As libvirt doesn't use this, let's just drop it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch application failed. My patch adds a cb() call in
do_balloon(), but the change in git has added the cb() call to
do_info_balloon(). That is causing qemu segfaults. Applying the
following should correct the damage. Thanks.
Fix for commit: 5c366a8a3d
The cb() call is needed in do_balloon(), not do_info_balloon().
Signed-off-by: Adam Litke <agl@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It was broken by 09b9418c6d. (!env && !is_physical) != (!is_physical)
when env is true.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Arghh... Adding missing S-O-B
Hi Anthony. I wonder if there was a problem when importing my async
command handler patchset. Since the 'balloon' command completes
immediately, it must call the completion callback before returning.
That call was missing but is added by the patch below.
Signed-off-by: Adam Litke <agl@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Handlers can generate only one error in a call, we let the
programmer know if they brake this rule and clients will only
get the first generated error.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
QObject Monitor handlers should not call any Monitor print
function: they should only build objects, printing is done
by common code.
Current QMP code will ignore such calls, as we can't send
garbage to clients, additionally it will also emit an
undefined error on the assumption that print calls usually
report errors.
However, the right way to deal with this is to rely on a
return code. This has been fixed by other commit already.
Now, this commit drops the error from monitor_vprintf() and
adds a better debugging mechanism for those 'stray' prints:
we count them if debug is enabled and let the developer know
if a QObject handler is trying to print anything.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit verifies the following two rules specified by
Markus Armbruster:
1. If the handler returns failure, it must have passed an error.
If it didn't, it's broken. Report an internal error to the client,
and report the bug to the programmer.
2. If the handler returns success, it must not have passed an error.
If it did, it's broken. Report the error to the client, and report
the bug to the programmer.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We can ignore calls to monitor_vprintf() in QMP mode and use
monitor_puts() directly in monitor_json_emitter().
This allows us to drop this ugly hack.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Add configure options (--enable-debug-mon and --disable-debug-mon)
plus the MON_DEBUG() macro.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Now that all handlers are converted to cmd_new_ret(), we can rename
it back to cmd_new(). But now it returns a value.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Not that trivial as the call chain also has to be modified.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Note that this function only fails in QMP, in the user Monitor
it prints the help text instead.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The following handlers always succeed and hence can be converted
to cmd_new_ret() in the same commit.
- do_stop()
- do_quit()
- do_system_reset()
- do_system_powerdown()
- do_migrate_cancel()
- do_qmp_capabilities()
- do_migrate_set_speed()
- do_migrate_set_downtime()
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In order to implement the new error handling and debugging
mechanism for command handlers, we need to change the cmd_new()
callback to return a value.
This commit introduces cmd_new_ret(), which returns a value and
will be used only temporarily to handle the transition from
cmd_new().
That is, as soon as all command handlers are ported to cmd_new_ret(),
it will be renamed back to cmd_new() and the new error handling
and debugging mechanism will be added on top of it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
QMP's chardev event callback doesn't call
json_message_parser_destroy() on CHR_EVENT_CLOSED. As the call
to json_message_parser_init() on CHR_EVENT_OPENED allocates memory,
we'are leaking on close.
Fix that by just calling json_message_parser_destroy() on
CHR_EVENT_CLOSED.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Ideally, Monitor code should report an error only once and
return the error information up the call chain.
To assure that this happens as expected and that no error is
lost, we have an assert() in qemu_error_internal().
However, we still have not fully converted handlers using
monitor_printf() to report errors. As there can be multiple
monitor_printf() calls on an error, the assertion is easily
triggered when debugging is enabled; and we will get a memory
leak if it's not.
The solution to this problem is to allow multiple faults by only
reporting the first one, and to release the additional error objects.
A better mechanism to report multiple errors to programmers is
underway.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It's not needed to check the return of qobject_from_jsonf()
anymore, as an assert() has been added there.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
With this commit QMP will be started in Capabilities Negotiation
mode, where the only command allowed to run is 'qmp_capabilities'.
All other commands will return CommandNotFound error. Asynchronous
messages are not delivered either.
When 'qmp_capabilities' is successfully executed QMP enters in
Command mode, where all commands (except 'qmp_capabilities') are
allowed to run and asynchronous messages are delivered.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This command will be used to enable QMP capabilities advertised
by the capabilities array.
Note that it will be mandatory to issue this command in order
to make QMP functional (although this behavior is not being
enforced by this commit).
Also, as we don't have any capabilities yet, the new command
doesn't accept any arguments. I will postpone the decision for
a format for this until we get our first capability.
Finally, this command is visible from the user Monitor too, in
the meaning that you can execute it but it won't do anything.
Making it only visible in QMP is beyond this series' goal, as
it requires changes in unrelated places.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
With capability negotiation support clients will only have a chance
to check QEMU's version (ie. issue 'query-version') after the
negotiation procedure is done.
It might be useful to clients to check QEMU's version before
negotiating features, though.
To allow that, this commit adds the QEMU's version object to the
greeting message.
Not really sure this is needed, but doesn't hurt anyway.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit adds the basic definitions for the BLOCK_IO_ERROR
event, but actual event emission will be introduced by the
next commits.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This changes the error message from "Invalid CPU index" to "Invalid
parameter index" in the human monitor.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is a double value with optional suffixes ms, us, ns. We'll need
this to get migrate_set_downtime() QMP-ready.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is a double value with optional suffixes G, g, M, m, K, k. We'll
need this to get migrate_set_speed() QMP-ready.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Function is_async_return() added by commit 940cc30d0d assumes
that 'data', which is returned by handlers, is always a QDict.
This is not true, as QLists can also be returned, in this case
we'll get a segfault.
Fix that by checking if 'data' is a QDict.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
When using ballooning to manage overcommitted memory on a host, a system for
guests to communicate their memory usage to the host can provide information
that will minimize the impact of ballooning on the guests. The current method
employs a daemon running in each guest that communicates memory statistics to a
host daemon at a specified time interval. The host daemon aggregates this
information and inflates and/or deflates balloons according to the level of
host memory pressure. This approach is effective but overly complex since a
daemon must be installed inside each guest and coordinated to communicate with
the host. A simpler approach is to collect memory statistics in the virtio
balloon driver and communicate them directly to the hypervisor.
Signed-off-by: Adam Litke <agl@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Qemu has a number of commands that can operate asynchronously (savevm, migrate,
etc) and it will be getting more. For these commands, the user monitor needs
to be suspended, but QMP monitors could continue to to accept other commands.
This patch introduces a new command API that isolates the details of handling
different monitor types from the actual command execution.
A monitor command can use this API by implementing the mhandler.cmd_async
handler (or info_async if appropriate). This function is responsible for
submitting the command and does not return any data although it may raise
errors. When the command completes, the QMPCompletion callback should be
invoked with its opaque data and the command result.
The process for submitting and completing an asynchronous command is different
for QMP and user monitors. A user monitor must be suspended at submit time and
resumed at completion time. The user_print() function must be passed to the
QMPCompletion callback so the result can be displayed properly. QMP monitors
are simpler. No submit time setup is required. When the command completes,
monitor_protocol_emitter() writes the result in JSON format.
This API can also be used to implement synchronous commands. In this case, the
cmd_async handler should immediately call the QMPCompletion callback. It is my
hope that this new interface will work for all commands, leading to a
drastically simplified monitor.c once all commands are ported.
Signed-off-by: Adam Litke <agl@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The returned QObject is a QList of all buses. Each bus is
represented by a QDict, which has a key with a QList of all
PCI devices attached to it. Each device is represented by
a QDict.
As has happended to other complex conversions, it's hard to
split this commit as part of it are new functions which are
called by each other.
IMPORTANT: support for printing PCI bridge attached devices
is NOT part of this commit, it's going to be added by the
next commit, as it's untested.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
CC i386-softmmu/monitor.o
cc1: warnings being treated as errors
/usr/src/RPM/BUILD/qemu-0.11.92/monitor.c: In function 'do_memory_save':
/usr/src/RPM/BUILD/qemu-0.11.92/monitor.c:1318: error: ignoring return value of 'fwrite', declared with attribute warn_unused_result
/usr/src/RPM/BUILD/qemu-0.11.92/monitor.c: In function 'do_physical_memory_save':
/usr/src/RPM/BUILD/qemu-0.11.92/monitor.c:1345: error: ignoring return value of 'fwrite', declared with attribute warn_unused_result
make[1]: *** [monitor.o] Error 1
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
mon_get_cpu() can't return null pointer, because it passes its return
value to cpu_synchronize_state() first, which crashes if its argument
is null.
Remove the (pretty cheesy) handling of this non-existing error.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Commit f039a563f2 introduces
a regression as monitor_protocol_event() will return in
the first user Monitor it finds in the QLIST_FOREACH()
loop.
The right thing to do is to only delivery an asynchronous
event if the 'mon' is a QMP Monitor.
The aforementioned commit was an early version, if it was
applied to stable (it should) this one has to be applied
there too.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Instead of using the field 'readonly' of the BlockDriverState struct for passing the request,
pass the request in the flags parameter to the function.
Signed-off-by: Naphtali Sprei <nsprei@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When using a control/QMP monitor in tandem with a regular monitor, asynchronous
messages can get lost depending on the order of the QEMU program arguments.
QEMU events issued by monitor_protocol_event() always go to cur_mon. If the
user monitor was specified on the command line first (or it has ,default), the
message will be directed to the user monitor (not the QMP monitor).
Additionally, only one QMP session is currently able to receive async messages.
To avoid this confusion, scan through the list of monitors and emit the message
on each QMP monitor.
Signed-off-by: Adam Litke <agl@us.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It's emitted when a VNC client session is activated by QEMU,
client's information such as port, IP and auth ID (if the
session is authenticated) are provided.
Event example:
{ "event": "VNC_INITIALIZED",
"timestamp": {"seconds": 1263475302, "microseconds": 150772},
"data": {
"server": { "auth": "sasl", "family": "ipv4",
"service": "5901", "host": "0.0.0.0"},
"client": { "family": "ipv4", "service": "46089",
"host": "127.0.0.1", "sasl_username": "lcapitulino" } } }
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It's emitted when a VNC client connects to QEMU, client's information
such as port and IP address are provided.
Note that this event is emitted right when the connection is
established. This means that it happens before authentication
procedure and session initialization.
Event example:
{ "event": "VNC_CONNECTED",
"timestamp": { "seconds": 1262976601, "microseconds": 975795 },
"data": {
"server": { "auth": "sasl", "family": "ipv4",
"service": "5901", "host": "0.0.0.0" },
"client": { "family": "ipv4", "service": "58425",
"host": "127.0.0.1" } } }
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The monitor_protocol_event() function will free the
event's data, this is wrong as 'data' management is up
to the caller.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Some commands return a QList of QDicts, which is valid,
but will trig the assert().
Just drop it.
Reported-by: Nathan Baum <nathan@parenthephobia.org.uk>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This makes do_balloon() accept megabyte values from the user
Monitor while accepting byte values for QMP.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This is a target long value in megabytes which should be
converted to bytes.
It will be used by handlers which accept a megabyte value
when in "user mode".
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Currently, when a regular command doesn't have any data to output,
QMP will emit:
{ "return": "OK" }
Returning an empty dict is better though, because dicts can support
some protocol changes in a compatible way.
So, with this commit we will return:
{ "return": {} }
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Looks like I dropped this check when addressing the 'query-'
commands request.
QMP should only handle converted commands, obviously.
Reported-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This allows to suspend command interpretation and execution
synchronously, e.g. during migration.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The monitor_vprintf() function now touches the 'mon' pointer
before calling monitor_puts(), this causes block migration
to segfault as its functions call monitor_printf() with a
NULL 'mon'.
To fix the problem this commit moves the 'mon' NULL check
from monitor_puts() to monitor_vprintf().
This can potentially hide bugs, but for some reason this has
been the behavior for a long time.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The monitor_read_command() function is readline specific
and should only be used when readline is available.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
do_balloon() should check for ballooning availability as
do_info_balloon() does.
Noted by Daniel P. Berrange <berrange@redhat.com>.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Monitor's eject command uses 'filename' for the device name
argument, but 'device' is a better name.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Return a QDict with server information. Connected clients are returned
as a QList of QDicts.
The new functions (vnc_qdict_remote_addr(), vnc_qdict_local_addr() and
put_addr_qdict()) are used to insert 'host' and 'service' information
in the returned QDict.
This patch is big, but I don't see how to split it.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Each device is represented by a QDict. The returned QObject is a QList
of all devices.
This commit should not change user output.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Each device statistic information is stored in a QDict and
the returned QObject is a QList of all devices.
This commit should not change user output.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Each block device information is stored in a QDict and the
returned QObject is a QList of all devices.
This commit should not change user output.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Return a QDict, which may contain up to more two QDicts, depending
on the type of migration we're performing.
IMPORTANT: as a QInt stores a int64_t integer, RAM values are going
to be stored as int64_t and not as uint64_t as they are today. If
this is a problem QInt will have to be changed.
This commit should not change user output.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Each mouse is represented by a QDict, the returned QObject is a QList of
all mice.
This commit should not change user output.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
snprintf() is used because the UUID_FMT is too complex for
qobject_from_jsonf().
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
All 'info' commands should use QDict, this commit also kills
monitor_print_qobject() as do_info_version() doesn't use it
anymore (and no handler will).
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
While there update the documentation as well.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Should return a QDict and should not print the user protocol bits
(eg. "c|cont").
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Monitor commands should always return values in bytes and info
commands should always return a QDict.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Also affects do_change(), because the two share eject_device().
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The do_cont() function will ask the user to enter a password if a
device is encrypted.
This is invalid under QMP, so we raise a QERR_DEVICE_ENCRYPTED
error.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
When using encrypted disk images, QEMU will prompt the user
for passwords when started.
This makes sense for the user protocol, but doesn't for QMP.
The solution is to have Monitor command which allows the user
or a Client to set passwords in advance, so that we avoid
the prompt completely.
This is what block_passwd does, for example:
(QEMU) block_passwd ide0-hd0 foobar
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We still have handlers which will call monitor print functions
in several places. Usually to report errors.
If they do this when we are in control mode, we will be emitting
garbage to our clients.
To avoid this problem, this commit adds a way to disable those
functions. If any of them is called when in control mode, we will
emit a generic error.
Although this is far from the perfect solution, it guarantees
that only JSON is sent to Clients.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Debug, shutdown, reset, powerdown and stop are all basic events,
as they are very simple they can be added in the same commit.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Asynchronous events are generated with a call to
monitor_protocol_event().
This function builds the right data-type and emit the event
right away. The emitted data is always a JSON object and its
format is as follows:
{ "event": json-string,
"timestamp": { "seconds": json-number, "microseconds": json-number },
"data": json-value }
This design is based on ideas by Amit Shah <amit.shah@redhat.com>.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The 'info' command makes sense for the user protocol, but for QMP
it doesn't, as its return data is not well defined. That is, it
can return anything.
To fix this Avi proposes having 'query-' commands when in protocol
mode. For example, 'info balloon' would become 'query-balloon'.
The right way of supporting this would probably be to move all
info handlers to qemu-monitor.hx, add a flags field to mon_cmd_t
to identify them and then modify do_info() to do its search based
on that flag.
Unfortunately, this would require a big change in the Monitor.
To make things simpler for now, this commit takes a different
approach: a check for commands starting with "query-" is added to
toplevel QMP code, if it's true we setup things so that do_info()
is called with the appropriate arguments.
This is a hack, but is a temporary one and guarantees that query-
commands will work from the first day.
Also note that 'info' is not allowed in protocol mode.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The JSON stream parser is used to do QMP input. When there
are enough characters to be parsed it calls Monitor's
handle_qmp_command() function to handle the input.
This function's job is to check if the input is correct and
call the appropriate handler. In other words, it does for QMP
what handle_user_command() does for the user protocol.
This means that handle_qmp_command() also has to parse the
(ugly) "args_type" format to able to get the arguments names
and types expected by the handler.
The format to input commands in QMP is as follows:
{ "execute": json-string,
"id": json-value, "arguments": json-object }
Please, note that this commit also adds "id" support.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit adds specific QMP checks to do_info(), so that
it behaves as expected in QMP mode.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
In the new Monitor output is always performed by only two
functions: do_info() and monitor_call_handler().
To support QMP output, we modify those functions to check if we
are in control mode. If so, we call monitor_protocol_emitter()
to emit QMP output, otherwise we do regular output.
QMP has two types of responses to issued commands: success and
error. The outputed data is always a JSON object.
Success responses have the following format:
{ "return": json-value, "id": json-value }
Error responses have the following format:
{ "error": { "class": json-string,
"desc": json-string,
"data": json-value } "id": json-value }
Please, note that the "id" key is part of the input code, and
thus is not added in this commit.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit adds initial QMP support in QEMU. It's important
to notice that most QMP code will be part of the Monitor.
Input will be read by monitor_control_read(). Currently it
does nothing but next patches will add proper input support.
The function monitor_json_emitter(), as its name implies, is
used by the Monitor to emit JSON output. In this commit it's
used by monitor_control_event() to print our greeting message.
Finally, control mode support is also added to monitor_init(),
allowing QMP to be really enabled.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
List QMP available commands. Only valid in control mode, where
has to be used as 'query-commands.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
As this series will add a new kind of Monitor command, it's better
to rename monitor_handle_command() to what it really is:
handle_user_command().
This will avoid confusion.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit moves the loop which searches for the command
entry corresponding to a command name to its own function.
It will be used by QMP code as well.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit moves the code which calls Monitor handlers to
its own function, as it will be used by QMP code as well.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit adds a flag called 'control' to the '-monitor'
command-line option. This flag enables control mode.
The syntax is:
qemu [...] -monitor control,<device>
Where <device> is a chardev (excluding 'vc', for obvious reasons).
For example:
$ qemu [...] -monitor control,tcp:localhost:4444,server
Will run QEMU in control mode, waiting for a client TCP connection
on localhost port 4444.
NOTE: I've tried using QemuOpts for this, but turns out that it
will try to parse the device part, which should be untouched.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This flag will be set when Monitor enters "control mode", in
which the output will be defined by the QEMU Monitor Protocol.
This also introduces a macro to check if the flag is set.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This commit adds QError support in the Monitor.
A QError member is added to the Monitor struct. This new member
stores error information and is also used to check if an error
has occurred when the called handler returns.
Additionally, a new macro called qemu_error_new() is introduced.
It builds on top of the QemuErrorSink API and should be used in
place of qemu_error().
When all conversion to qemu_error_new() is done, qemu_error() can
be turned private.
Basically, Monitor's error flow is something like this:
1. An error occurs in the handler, it calls qemu_error_new()
2. qemu_error_new() builds a new QError object and stores it in
the Monitor struct
3. The handler returns
4. Top level Monitor code checks the Monitor struct and calls
qerror_print() to print the error
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
This patch adds the option to activate non-shared storage migration from the
monitor.
The migration command is as follows:
(qemu) migrate -d tcp:0:4444 # for ordinary live migration
(qemu) migrate -d -b tcp:0:4444 # for live migration with complete storage copy
(qemu) migrate -d -i tcp:0:4444 # for live migration with incremental storage copy, storage is cow based.
Changes from v4:
- Minor coding style issues.
Signed-off-by: Liran Schour <lirans@il.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
We have code for a quite a few block formats. While I trust that all
of these formats are useful at least for some people in some
circumstances, some of them are of a kind that friends don't let
friends use in production.
This patch provides an optional block format whitelist, default off.
If a whitelist is configured with --block-drv-whitelist, QEMU proper
can use only whitelisted formats. Other programs, like qemu-img, are
not affected.
Drivers for formats off the whitelist still participate in format
probing, to ensure all programs probe exactly the same. Without that,
QEMU proper would be prone to treat images with a format off the
whitelist as raw when the image's format is probed.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Note that errors are not being converted yet.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Note that errors are not being converted yet.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Note that errors are not being converted yet.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Note that errors are not being converted yet.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Note that errors are not being converted yet.
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The char event RESET is emitted when a char device is opened.
Give it a better name.
Patchworks-ID: 35287
Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Each CPU information is stored in a QDict and the returned
QObject is a QList of all CPUs.
The QDict contains the following information:
- "CPU": cpu index
- "current": "yes" or "no"
- "pc": current PC
- "halted": "yes" or "no"
The user output in the Monitor should not change and the
future monitor protocol is expected to emit something like:
[ { "CPU": 0, "current": "yes", "pc": 0x..., "halted": "no" },
{ "CPU": 1, "current": "no", "pc": 0x..., "halted": "yes" } ]
which corresponds to the following user output:
* CPU #0: pc=0x00000000fffffff0
CPU #1: pc=0x00000000fffffff0 (halted)
Patchworks-ID: 35352
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
On success return a QInt with the balloon's value.
This also introduces monitor_print_balloon() to print the
balloon information in the user protocol.
Please, note that errors are not being converted yet.
Patchworks-ID: 35351
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The returned data is always a QString.
Also introduces monitor_print_qobject(), which can be used as
a standard way to print QObjects in the user protocol format.
Patchworks-ID: 35350
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
It is important to note that it never fails, as big refactoring
of the virtio code would be needed to get the proper error code.
Patchworks-ID: 35349
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Appropriate error handling support will be needed to have
encrypted images working under the future machine protocol,
but this initial conversion will work with the current
user protocol.
Patchworks-ID: 35348
Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>