migration: Accept 'cont' only after successful incoming migration
When a 'cont' is issued on a VM that's just waiting for an incoming migration, the VM reboots and boots into the guest, possibly corrupting its storage since it could be shared with another VM running elsewhere. Ensure that a VM started with '-incoming' is only run when an incoming migration successfully completes. A new qerror, QERR_MIGRATION_EXPECTED, is added to signal that 'cont' failed due to no incoming migration has been attempted yet. Reported-by: Laine Stump <laine@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This commit is contained in:
parent
7899f799b7
commit
8e84865e54
|
@ -67,6 +67,8 @@ void process_incoming_migration(QEMUFile *f)
|
||||||
qemu_announce_self();
|
qemu_announce_self();
|
||||||
DPRINTF("successfully loaded vm state\n");
|
DPRINTF("successfully loaded vm state\n");
|
||||||
|
|
||||||
|
incoming_expected = false;
|
||||||
|
|
||||||
if (autostart)
|
if (autostart)
|
||||||
vm_start();
|
vm_start();
|
||||||
}
|
}
|
||||||
|
|
|
@ -1056,6 +1056,10 @@ static int do_cont(Monitor *mon, const QDict *qdict, QObject **ret_data)
|
||||||
{
|
{
|
||||||
struct bdrv_iterate_context context = { mon, 0 };
|
struct bdrv_iterate_context context = { mon, 0 };
|
||||||
|
|
||||||
|
if (incoming_expected) {
|
||||||
|
qerror_report(QERR_MIGRATION_EXPECTED);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
bdrv_iterate(encrypted_bdrv_it, &context);
|
bdrv_iterate(encrypted_bdrv_it, &context);
|
||||||
/* only resume the vm if all keys are set and valid */
|
/* only resume the vm if all keys are set and valid */
|
||||||
if (!context.err) {
|
if (!context.err) {
|
||||||
|
|
4
qerror.c
4
qerror.c
|
@ -140,6 +140,10 @@ static const QErrorStringTable qerror_table[] = {
|
||||||
.error_fmt = QERR_KVM_MISSING_CAP,
|
.error_fmt = QERR_KVM_MISSING_CAP,
|
||||||
.desc = "Using KVM without %(capability), %(feature) unavailable",
|
.desc = "Using KVM without %(capability), %(feature) unavailable",
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
.error_fmt = QERR_MIGRATION_EXPECTED,
|
||||||
|
.desc = "An incoming migration is expected before this command can be executed",
|
||||||
|
},
|
||||||
{
|
{
|
||||||
.error_fmt = QERR_MISSING_PARAMETER,
|
.error_fmt = QERR_MISSING_PARAMETER,
|
||||||
.desc = "Parameter '%(name)' is missing",
|
.desc = "Parameter '%(name)' is missing",
|
||||||
|
|
3
qerror.h
3
qerror.h
|
@ -121,6 +121,9 @@ QError *qobject_to_qerror(const QObject *obj);
|
||||||
#define QERR_KVM_MISSING_CAP \
|
#define QERR_KVM_MISSING_CAP \
|
||||||
"{ 'class': 'KVMMissingCap', 'data': { 'capability': %s, 'feature': %s } }"
|
"{ 'class': 'KVMMissingCap', 'data': { 'capability': %s, 'feature': %s } }"
|
||||||
|
|
||||||
|
#define QERR_MIGRATION_EXPECTED \
|
||||||
|
"{ 'class': 'MigrationExpected', 'data': {} }"
|
||||||
|
|
||||||
#define QERR_MISSING_PARAMETER \
|
#define QERR_MISSING_PARAMETER \
|
||||||
"{ 'class': 'MissingParameter', 'data': { 'name': %s } }"
|
"{ 'class': 'MissingParameter', 'data': { 'name': %s } }"
|
||||||
|
|
||||||
|
|
1
sysemu.h
1
sysemu.h
|
@ -99,6 +99,7 @@ typedef enum DisplayType
|
||||||
} DisplayType;
|
} DisplayType;
|
||||||
|
|
||||||
extern int autostart;
|
extern int autostart;
|
||||||
|
extern int incoming_expected;
|
||||||
extern int bios_size;
|
extern int bios_size;
|
||||||
|
|
||||||
typedef enum {
|
typedef enum {
|
||||||
|
|
2
vl.c
2
vl.c
|
@ -182,6 +182,7 @@ int nb_nics;
|
||||||
NICInfo nd_table[MAX_NICS];
|
NICInfo nd_table[MAX_NICS];
|
||||||
int vm_running;
|
int vm_running;
|
||||||
int autostart;
|
int autostart;
|
||||||
|
int incoming_expected; /* Started with -incoming and waiting for incoming */
|
||||||
static int rtc_utc = 1;
|
static int rtc_utc = 1;
|
||||||
static int rtc_date_offset = -1; /* -1 means no change */
|
static int rtc_date_offset = -1; /* -1 means no change */
|
||||||
QEMUClock *rtc_clock;
|
QEMUClock *rtc_clock;
|
||||||
|
@ -2555,6 +2556,7 @@ int main(int argc, char **argv, char **envp)
|
||||||
break;
|
break;
|
||||||
case QEMU_OPTION_incoming:
|
case QEMU_OPTION_incoming:
|
||||||
incoming = optarg;
|
incoming = optarg;
|
||||||
|
incoming_expected = true;
|
||||||
break;
|
break;
|
||||||
case QEMU_OPTION_nodefaults:
|
case QEMU_OPTION_nodefaults:
|
||||||
default_serial = 0;
|
default_serial = 0;
|
||||||
|
|
Reference in New Issue