119c2d
From 84cedeca547585a51f6044186d241a501ff757d2 Mon Sep 17 00:00:00 2001
119c2d
Message-Id: <84cedeca547585a51f6044186d241a501ff757d2@dist-git>
119c2d
From: Michal Privoznik <mprivozn@redhat.com>
119c2d
Date: Mon, 31 Jan 2022 12:55:47 +0100
119c2d
Subject: [PATCH] qemu: Validate domain definition even on migration
119c2d
119c2d
When we are about to spawn QEMU, we validate the domain
119c2d
definition against qemuCaps. Except when domain is/was already
119c2d
running before (i.e. on incoming migration, snapshots, resume
119c2d
from a file). However, especially on incoming migration it may
119c2d
happen that the destination QEMU is different to the source
119c2d
QEMU, e.g. the destination QEMU may have some devices disabled.
119c2d
119c2d
And we have a function that validates devices/features requested
119c2d
in domain XML against the desired QEMU capabilities (aka
119c2d
qemuCaps) - it's virDomainDefValidate() which calls
119c2d
qemuValidateDomainDef() and qemuValidateDomainDeviceDef()
119c2d
subsequently.
119c2d
119c2d
But the problem here is that the validation function is
119c2d
explicitly skipped over in specific scenarios (like incoming
119c2d
migration, restore from a snapshot or previously saved file).
119c2d
119c2d
This in turn means that we may spawn QEMU and request
119c2d
device/features it doesn't support. When that happens QEMU fails
119c2d
to load migration stream:
119c2d
119c2d
  qemu-kvm: ... 'virtio-mem-pci' is not a valid device model name
119c2d
119c2d
(NB, while the example shows one particular device, the problem
119c2d
is paramount)
119c2d
119c2d
This problem is easier to run into since we are slowly moving
119c2d
validation from qemu_command.c into said validation functions.
119c2d
119c2d
The solution is simple: do the validation in all cases. And while
119c2d
it may happen that users would be unable to migrate/restore a
119c2d
guest due to a bug in our validator, spawning QEMU without
119c2d
validation is worse (especially when you consider that users can
119c2d
supply their own XMLs for migrate/restore operations - these were
119c2d
never validated).
119c2d
119c2d
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2048435
119c2d
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
119c2d
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
119c2d
(cherry picked from commit 517b8c12b98d7ac0bb4d582e0b491d50d776eb6d)
119c2d
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
119c2d
---
119c2d
 src/qemu/qemu_process.c | 6 +-----
119c2d
 1 file changed, 1 insertion(+), 5 deletions(-)
119c2d
119c2d
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
119c2d
index 5c9ca0fe4f..5c6657a876 100644
119c2d
--- a/src/qemu/qemu_process.c
119c2d
+++ b/src/qemu/qemu_process.c
119c2d
@@ -5411,11 +5411,7 @@ qemuProcessStartValidate(virQEMUDriver *driver,
119c2d
 
119c2d
     }
119c2d
 
119c2d
-    /* Checks below should not be executed when starting a qemu process for a
119c2d
-     * VM that was running before (migration, snapshots, save). It's more
119c2d
-     * important to start such VM than keep the configuration clean */
119c2d
-    if ((flags & VIR_QEMU_PROCESS_START_NEW) &&
119c2d
-        virDomainDefValidate(vm->def, 0, driver->xmlopt, qemuCaps) < 0)
119c2d
+    if (virDomainDefValidate(vm->def, 0, driver->xmlopt, qemuCaps) < 0)
119c2d
         return -1;
119c2d
 
119c2d
     if (qemuProcessStartValidateGraphics(vm) < 0)
119c2d
-- 
119c2d
2.35.1
119c2d