| Message ID | eb5635d6cbfc5bc3a4b937e314d3e1e0f76ed99d.1280225909.git.amit.shah@redhat.com |
|---|---|
| State | New |
| Headers | show |
On Tue, 27 Jul 2010 15:49:19 +0530 Amit Shah <amit.shah@redhat.com> wrote: > When a 'cont' is issued on a VM that's just waiting for an incoming > migration, the VM reboots and boots into the guest, possibly corrupting > its storage since it could be shared with another VM running elsewhere. > > Ensure that a VM started with '-incoming' is only run when an incoming > migration successfully completes. > > A new qerror, QERR_MIGRATION_EXPECTED, is added to signal that 'cont' > failed due to no incoming migration has been attempted yet. > > Reported-by: Laine Stump <laine@redhat.com> > Signed-off-by: Amit Shah <amit.shah@redhat.com> Looks good to me now. Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com> > --- > Luiz, does the QERR bit look OK? > > migration.c | 2 ++ > monitor.c | 4 ++++ > qerror.c | 4 ++++ > qerror.h | 3 +++ > sysemu.h | 1 + > vl.c | 2 ++ > 6 files changed, 16 insertions(+), 0 deletions(-) > > diff --git a/migration.c b/migration.c > index 650eb78..a160462 100644 > --- a/migration.c > +++ b/migration.c > @@ -67,6 +67,8 @@ void process_incoming_migration(QEMUFile *f) > qemu_announce_self(); > DPRINTF("successfully loaded vm state\n"); > > + incoming_expected = false; > + > if (autostart) > vm_start(); > } > diff --git a/monitor.c b/monitor.c > index 45fd482..5366c36 100644 > --- a/monitor.c > +++ b/monitor.c > @@ -1056,6 +1056,10 @@ static int do_cont(Monitor *mon, const QDict *qdict, QObject **ret_data) > { > struct bdrv_iterate_context context = { mon, 0 }; > > + if (incoming_expected) { > + qerror_report(QERR_MIGRATION_EXPECTED); > + return -1; > + } > bdrv_iterate(encrypted_bdrv_it, &context); > /* only resume the vm if all keys are set and valid */ > if (!context.err) { > diff --git a/qerror.c b/qerror.c > index 2f6f590..0af3ab3 100644 > --- a/qerror.c > +++ b/qerror.c > @@ -141,6 +141,10 @@ static const QErrorStringTable qerror_table[] = { > .desc = "Using KVM without %(capability), %(feature) unavailable", > }, > { > + .error_fmt = QERR_MIGRATION_EXPECTED, > + .desc = "An incoming migration is expected before this command can be executed", > + }, > + { > .error_fmt = QERR_MISSING_PARAMETER, > .desc = "Parameter '%(name)' is missing", > }, > diff --git a/qerror.h b/qerror.h > index 9ad00b4..62802ea 100644 > --- a/qerror.h > +++ b/qerror.h > @@ -121,6 +121,9 @@ QError *qobject_to_qerror(const QObject *obj); > #define QERR_KVM_MISSING_CAP \ > "{ 'class': 'KVMMissingCap', 'data': { 'capability': %s, 'feature': %s } }" > > +#define QERR_MIGRATION_EXPECTED \ > + "{ 'class': 'MigrationExpected', 'data': {} }" > + > #define QERR_MISSING_PARAMETER \ > "{ 'class': 'MissingParameter', 'data': { 'name': %s } }" > > diff --git a/sysemu.h b/sysemu.h > index 9c988bb..a1f6466 100644 > --- a/sysemu.h > +++ b/sysemu.h > @@ -99,6 +99,7 @@ typedef enum DisplayType > } DisplayType; > > extern int autostart; > +extern int incoming_expected; > extern int bios_size; > > typedef enum { > diff --git a/vl.c b/vl.c > index ba6ee11..c2e7cc1 100644 > --- a/vl.c > +++ b/vl.c > @@ -182,6 +182,7 @@ int nb_nics; > NICInfo nd_table[MAX_NICS]; > int vm_running; > int autostart; > +int incoming_expected; /* Started with -incoming and waiting for incoming */ > static int rtc_utc = 1; > static int rtc_date_offset = -1; /* -1 means no change */ > QEMUClock *rtc_clock; > @@ -2557,6 +2558,7 @@ int main(int argc, char **argv, char **envp) > break; > case QEMU_OPTION_incoming: > incoming = optarg; > + incoming_expected = true; > break; > case QEMU_OPTION_nodefaults: > default_serial = 0;
On Tue, Jul 27, 2010 at 03:49:19PM +0530, Amit Shah wrote: > When a 'cont' is issued on a VM that's just waiting for an incoming > migration, the VM reboots and boots into the guest, possibly corrupting > its storage since it could be shared with another VM running elsewhere. > > Ensure that a VM started with '-incoming' is only run when an incoming > migration successfully completes. > > A new qerror, QERR_MIGRATION_EXPECTED, is added to signal that 'cont' > failed due to no incoming migration has been attempted yet. > > Reported-by: Laine Stump <laine@redhat.com> > Signed-off-by: Amit Shah <amit.shah@redhat.com> > --- > Luiz, does the QERR bit look OK? > > migration.c | 2 ++ > monitor.c | 4 ++++ > qerror.c | 4 ++++ > qerror.h | 3 +++ > sysemu.h | 1 + > vl.c | 2 ++ > 6 files changed, 16 insertions(+), 0 deletions(-) Thanks, applied. > diff --git a/migration.c b/migration.c > index 650eb78..a160462 100644 > --- a/migration.c > +++ b/migration.c > @@ -67,6 +67,8 @@ void process_incoming_migration(QEMUFile *f) > qemu_announce_self(); > DPRINTF("successfully loaded vm state\n"); > > + incoming_expected = false; > + > if (autostart) > vm_start(); > } > diff --git a/monitor.c b/monitor.c > index 45fd482..5366c36 100644 > --- a/monitor.c > +++ b/monitor.c > @@ -1056,6 +1056,10 @@ static int do_cont(Monitor *mon, const QDict *qdict, QObject **ret_data) > { > struct bdrv_iterate_context context = { mon, 0 }; > > + if (incoming_expected) { > + qerror_report(QERR_MIGRATION_EXPECTED); > + return -1; > + } > bdrv_iterate(encrypted_bdrv_it, &context); > /* only resume the vm if all keys are set and valid */ > if (!context.err) { > diff --git a/qerror.c b/qerror.c > index 2f6f590..0af3ab3 100644 > --- a/qerror.c > +++ b/qerror.c > @@ -141,6 +141,10 @@ static const QErrorStringTable qerror_table[] = { > .desc = "Using KVM without %(capability), %(feature) unavailable", > }, > { > + .error_fmt = QERR_MIGRATION_EXPECTED, > + .desc = "An incoming migration is expected before this command can be executed", > + }, > + { > .error_fmt = QERR_MISSING_PARAMETER, > .desc = "Parameter '%(name)' is missing", > }, > diff --git a/qerror.h b/qerror.h > index 9ad00b4..62802ea 100644 > --- a/qerror.h > +++ b/qerror.h > @@ -121,6 +121,9 @@ QError *qobject_to_qerror(const QObject *obj); > #define QERR_KVM_MISSING_CAP \ > "{ 'class': 'KVMMissingCap', 'data': { 'capability': %s, 'feature': %s } }" > > +#define QERR_MIGRATION_EXPECTED \ > + "{ 'class': 'MigrationExpected', 'data': {} }" > + > #define QERR_MISSING_PARAMETER \ > "{ 'class': 'MissingParameter', 'data': { 'name': %s } }" > > diff --git a/sysemu.h b/sysemu.h > index 9c988bb..a1f6466 100644 > --- a/sysemu.h > +++ b/sysemu.h > @@ -99,6 +99,7 @@ typedef enum DisplayType > } DisplayType; > > extern int autostart; > +extern int incoming_expected; > extern int bios_size; > > typedef enum { > diff --git a/vl.c b/vl.c > index ba6ee11..c2e7cc1 100644 > --- a/vl.c > +++ b/vl.c > @@ -182,6 +182,7 @@ int nb_nics; > NICInfo nd_table[MAX_NICS]; > int vm_running; > int autostart; > +int incoming_expected; /* Started with -incoming and waiting for incoming */ > static int rtc_utc = 1; > static int rtc_date_offset = -1; /* -1 means no change */ > QEMUClock *rtc_clock; > @@ -2557,6 +2558,7 @@ int main(int argc, char **argv, char **envp) > break; > case QEMU_OPTION_incoming: > incoming = optarg; > + incoming_expected = true; > break; > case QEMU_OPTION_nodefaults: > default_serial = 0; > -- > 1.7.2 > > >
diff --git a/migration.c b/migration.c index 650eb78..a160462 100644 --- a/migration.c +++ b/migration.c @@ -67,6 +67,8 @@ void process_incoming_migration(QEMUFile *f) qemu_announce_self(); DPRINTF("successfully loaded vm state\n"); + incoming_expected = false; + if (autostart) vm_start(); } diff --git a/monitor.c b/monitor.c index 45fd482..5366c36 100644 --- a/monitor.c +++ b/monitor.c @@ -1056,6 +1056,10 @@ static int do_cont(Monitor *mon, const QDict *qdict, QObject **ret_data) { struct bdrv_iterate_context context = { mon, 0 }; + if (incoming_expected) { + qerror_report(QERR_MIGRATION_EXPECTED); + return -1; + } bdrv_iterate(encrypted_bdrv_it, &context); /* only resume the vm if all keys are set and valid */ if (!context.err) { diff --git a/qerror.c b/qerror.c index 2f6f590..0af3ab3 100644 --- a/qerror.c +++ b/qerror.c @@ -141,6 +141,10 @@ static const QErrorStringTable qerror_table[] = { .desc = "Using KVM without %(capability), %(feature) unavailable", }, { + .error_fmt = QERR_MIGRATION_EXPECTED, + .desc = "An incoming migration is expected before this command can be executed", + }, + { .error_fmt = QERR_MISSING_PARAMETER, .desc = "Parameter '%(name)' is missing", }, diff --git a/qerror.h b/qerror.h index 9ad00b4..62802ea 100644 --- a/qerror.h +++ b/qerror.h @@ -121,6 +121,9 @@ QError *qobject_to_qerror(const QObject *obj); #define QERR_KVM_MISSING_CAP \ "{ 'class': 'KVMMissingCap', 'data': { 'capability': %s, 'feature': %s } }" +#define QERR_MIGRATION_EXPECTED \ + "{ 'class': 'MigrationExpected', 'data': {} }" + #define QERR_MISSING_PARAMETER \ "{ 'class': 'MissingParameter', 'data': { 'name': %s } }" diff --git a/sysemu.h b/sysemu.h index 9c988bb..a1f6466 100644 --- a/sysemu.h +++ b/sysemu.h @@ -99,6 +99,7 @@ typedef enum DisplayType } DisplayType; extern int autostart; +extern int incoming_expected; extern int bios_size; typedef enum { diff --git a/vl.c b/vl.c index ba6ee11..c2e7cc1 100644 --- a/vl.c +++ b/vl.c @@ -182,6 +182,7 @@ int nb_nics; NICInfo nd_table[MAX_NICS]; int vm_running; int autostart; +int incoming_expected; /* Started with -incoming and waiting for incoming */ static int rtc_utc = 1; static int rtc_date_offset = -1; /* -1 means no change */ QEMUClock *rtc_clock; @@ -2557,6 +2558,7 @@ int main(int argc, char **argv, char **envp) break; case QEMU_OPTION_incoming: incoming = optarg; + incoming_expected = true; break; case QEMU_OPTION_nodefaults: default_serial = 0;
When a 'cont' is issued on a VM that's just waiting for an incoming migration, the VM reboots and boots into the guest, possibly corrupting its storage since it could be shared with another VM running elsewhere. Ensure that a VM started with '-incoming' is only run when an incoming migration successfully completes. A new qerror, QERR_MIGRATION_EXPECTED, is added to signal that 'cont' failed due to no incoming migration has been attempted yet. Reported-by: Laine Stump <laine@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com> --- Luiz, does the QERR bit look OK? migration.c | 2 ++ monitor.c | 4 ++++ qerror.c | 4 ++++ qerror.h | 3 +++ sysemu.h | 1 + vl.c | 2 ++ 6 files changed, 16 insertions(+), 0 deletions(-)