From 176ca1e59775810524a2375927725fbe419d9e5c Mon Sep 17 00:00:00 2001

Message-Id: <176ca1e59775810524a2375927725fbe419d9e5c@dist-git>

From: Laine Stump <laine@redhat.com>

Date: Mon, 18 May 2020 14:53:04 -0400

Subject: [PATCH] qemu: prevent attempts to detach a device on a controller

 with hotplug='off'

Although the original patches to support controllers with

hotplug='off' were checking during hotplug/attach requests that the

device was being plugged into a PCI controller that didn't have

hotplug disabled, but I forgot to do the same for device detach (the

main impetus for adding the feature was to prevent unplugs originating

from within the guest, so it slipped my mind). So although the guest

OS was ultimately unable to honor the unplug request, libvirt could

still be used to make such a request, and since device attach/detach

are asynchronous operations, the caller to libvirt would receive a

success status back (the device would stubbornly/correctly remain in

the domain status XML however)

This patch remedies that, by looking at the controller for the device

in the detach request, and immediately failing the operation if that

controller has hotplug=off.

Signed-off-by: Laine Stump <laine@redhat.com>

Reviewed-by: Erik Skultety <eskultet@redhat.com>

(cherry picked from commit c0e04c2e62957fe872b5bc3d89d5b1d95f10450c)

https://bugzilla.redhat.com/1802592

Signed-off-by: Laine Stump <laine@redhat.com>

Message-Id: <20200518185304.188810-1-laine@redhat.com>

Reviewed-by: Jiri Denemark <jdenemar@redhat.com>

---

 src/qemu/qemu_hotplug.c | 30 ++++++++++++++++++++++++++++++

 1 file changed, 30 insertions(+)

diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c

index 3ccc01f0b7..29e1a41f9d 100644

--- a/src/qemu/qemu_hotplug.c

+++ b/src/qemu/qemu_hotplug.c

@@ -5846,6 +5846,36 @@ qemuDomainDetachDeviceLive(virDomainObjPtr vm,

         return -1;

     }

+    if (info->type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) {

+

+        virDomainControllerDefPtr controller;

+        int controllerIdx = virDomainControllerFind(vm->def,

+                                                    VIR_DOMAIN_CONTROLLER_TYPE_PCI,

+                                                    info->addr.pci.bus);

+        if (controllerIdx < 0) {

+            virReportError(VIR_ERR_OPERATION_FAILED,

+                           _("cannot hot unplug %s device with PCI guest address: "

+                             VIR_PCI_DEVICE_ADDRESS_FMT

+                             " - controller not found"),

+                           virDomainDeviceTypeToString(detach.type),

+                           info->addr.pci.domain, info->addr.pci.bus,

+                           info->addr.pci.slot, info->addr.pci.function);

+            return -1;

+        }

+

+        controller = vm->def->controllers[controllerIdx];

+        if (controller->opts.pciopts.hotplug == VIR_TRISTATE_SWITCH_OFF) {

+            virReportError(VIR_ERR_OPERATION_FAILED,

+                           _("cannot hot unplug %s device with PCI guest address: "

+                             VIR_PCI_DEVICE_ADDRESS_FMT

+                             " - not allowed by controller"),

+                           virDomainDeviceTypeToString(detach.type),

+                           info->addr.pci.domain, info->addr.pci.bus,

+                           info->addr.pci.slot, info->addr.pci.function);

+            return -1;

+        }

+    }

+

     /*

      * Issue the qemu monitor command to delete the device (based on

      * its alias), and optionally wait a short time in case the

-- 

2.26.2