xref: /openbmc/qemu/tests/qtest/migration-test.c (revision e8d1e0cd)
1 /*
2  * QTest testcase for migration
3  *
4  * Copyright (c) 2016-2018 Red Hat, Inc. and/or its affiliates
5  *   based on the vhost-user-test.c that is:
6  *      Copyright (c) 2014 Virtual Open Systems Sarl.
7  *
8  * This work is licensed under the terms of the GNU GPL, version 2 or later.
9  * See the COPYING file in the top-level directory.
10  *
11  */
12 
13 #include "qemu/osdep.h"
14 
15 #include "libqtest.h"
16 #include "qapi/error.h"
17 #include "qapi/qmp/qdict.h"
18 #include "qemu/module.h"
19 #include "qemu/option.h"
20 #include "qemu/range.h"
21 #include "qemu/sockets.h"
22 #include "chardev/char.h"
23 #include "qapi/qapi-visit-sockets.h"
24 #include "qapi/qobject-input-visitor.h"
25 #include "qapi/qobject-output-visitor.h"
26 #include "crypto/tlscredspsk.h"
27 #include "qapi/qmp/qlist.h"
28 
29 #include "migration-helpers.h"
30 #include "tests/migration/migration-test.h"
31 #ifdef CONFIG_GNUTLS
32 # include "tests/unit/crypto-tls-psk-helpers.h"
33 # ifdef CONFIG_TASN1
34 #  include "tests/unit/crypto-tls-x509-helpers.h"
35 # endif /* CONFIG_TASN1 */
36 #endif /* CONFIG_GNUTLS */
37 
38 /* For dirty ring test; so far only x86_64 is supported */
39 #if defined(__linux__) && defined(HOST_X86_64)
40 #include "linux/kvm.h"
41 #endif
42 
43 /* TODO actually test the results and get rid of this */
44 #define qtest_qmp_discard_response(...) qobject_unref(qtest_qmp(__VA_ARGS__))
45 
46 unsigned start_address;
47 unsigned end_address;
48 static bool uffd_feature_thread_id;
49 
50 /*
51  * Dirtylimit stop working if dirty page rate error
52  * value less than DIRTYLIMIT_TOLERANCE_RANGE
53  */
54 #define DIRTYLIMIT_TOLERANCE_RANGE  25  /* MB/s */
55 
56 #if defined(__linux__)
57 #include <sys/syscall.h>
58 #include <sys/vfs.h>
59 #endif
60 
61 #if defined(__linux__) && defined(__NR_userfaultfd) && defined(CONFIG_EVENTFD)
62 #include <sys/eventfd.h>
63 #include <sys/ioctl.h>
64 #include "qemu/userfaultfd.h"
65 
66 static bool ufd_version_check(void)
67 {
68     struct uffdio_api api_struct;
69     uint64_t ioctl_mask;
70 
71     int ufd = uffd_open(O_CLOEXEC);
72 
73     if (ufd == -1) {
74         g_test_message("Skipping test: userfaultfd not available");
75         return false;
76     }
77 
78     api_struct.api = UFFD_API;
79     api_struct.features = 0;
80     if (ioctl(ufd, UFFDIO_API, &api_struct)) {
81         g_test_message("Skipping test: UFFDIO_API failed");
82         return false;
83     }
84     uffd_feature_thread_id = api_struct.features & UFFD_FEATURE_THREAD_ID;
85 
86     ioctl_mask = (__u64)1 << _UFFDIO_REGISTER |
87                  (__u64)1 << _UFFDIO_UNREGISTER;
88     if ((api_struct.ioctls & ioctl_mask) != ioctl_mask) {
89         g_test_message("Skipping test: Missing userfault feature");
90         return false;
91     }
92 
93     return true;
94 }
95 
96 #else
97 static bool ufd_version_check(void)
98 {
99     g_test_message("Skipping test: Userfault not available (builtdtime)");
100     return false;
101 }
102 
103 #endif
104 
105 static char *tmpfs;
106 
107 /* The boot file modifies memory area in [start_address, end_address)
108  * repeatedly. It outputs a 'B' at a fixed rate while it's still running.
109  */
110 #include "tests/migration/i386/a-b-bootblock.h"
111 #include "tests/migration/aarch64/a-b-kernel.h"
112 #include "tests/migration/s390x/a-b-bios.h"
113 
114 static void init_bootfile(const char *bootpath, void *content, size_t len)
115 {
116     FILE *bootfile = fopen(bootpath, "wb");
117 
118     g_assert_cmpint(fwrite(content, len, 1, bootfile), ==, 1);
119     fclose(bootfile);
120 }
121 
122 /*
123  * Wait for some output in the serial output file,
124  * we get an 'A' followed by an endless string of 'B's
125  * but on the destination we won't have the A.
126  */
127 static void wait_for_serial(const char *side)
128 {
129     g_autofree char *serialpath = g_strdup_printf("%s/%s", tmpfs, side);
130     FILE *serialfile = fopen(serialpath, "r");
131     const char *arch = qtest_get_arch();
132     int started = (strcmp(side, "src_serial") == 0 &&
133                    strcmp(arch, "ppc64") == 0) ? 0 : 1;
134 
135     do {
136         int readvalue = fgetc(serialfile);
137 
138         if (!started) {
139             /* SLOF prints its banner before starting test,
140              * to ignore it, mark the start of the test with '_',
141              * ignore all characters until this marker
142              */
143             switch (readvalue) {
144             case '_':
145                 started = 1;
146                 break;
147             case EOF:
148                 fseek(serialfile, 0, SEEK_SET);
149                 usleep(1000);
150                 break;
151             }
152             continue;
153         }
154         switch (readvalue) {
155         case 'A':
156             /* Fine */
157             break;
158 
159         case 'B':
160             /* It's alive! */
161             fclose(serialfile);
162             return;
163 
164         case EOF:
165             started = (strcmp(side, "src_serial") == 0 &&
166                        strcmp(arch, "ppc64") == 0) ? 0 : 1;
167             fseek(serialfile, 0, SEEK_SET);
168             usleep(1000);
169             break;
170 
171         default:
172             fprintf(stderr, "Unexpected %d on %s serial\n", readvalue, side);
173             g_assert_not_reached();
174         }
175     } while (true);
176 }
177 
178 /*
179  * It's tricky to use qemu's migration event capability with qtest,
180  * events suddenly appearing confuse the qmp()/hmp() responses.
181  */
182 
183 static int64_t read_ram_property_int(QTestState *who, const char *property)
184 {
185     QDict *rsp_return, *rsp_ram;
186     int64_t result;
187 
188     rsp_return = migrate_query_not_failed(who);
189     if (!qdict_haskey(rsp_return, "ram")) {
190         /* Still in setup */
191         result = 0;
192     } else {
193         rsp_ram = qdict_get_qdict(rsp_return, "ram");
194         result = qdict_get_try_int(rsp_ram, property, 0);
195     }
196     qobject_unref(rsp_return);
197     return result;
198 }
199 
200 static int64_t read_migrate_property_int(QTestState *who, const char *property)
201 {
202     QDict *rsp_return;
203     int64_t result;
204 
205     rsp_return = migrate_query_not_failed(who);
206     result = qdict_get_try_int(rsp_return, property, 0);
207     qobject_unref(rsp_return);
208     return result;
209 }
210 
211 static uint64_t get_migration_pass(QTestState *who)
212 {
213     return read_ram_property_int(who, "dirty-sync-count");
214 }
215 
216 static void read_blocktime(QTestState *who)
217 {
218     QDict *rsp_return;
219 
220     rsp_return = migrate_query_not_failed(who);
221     g_assert(qdict_haskey(rsp_return, "postcopy-blocktime"));
222     qobject_unref(rsp_return);
223 }
224 
225 static void wait_for_migration_pass(QTestState *who)
226 {
227     uint64_t initial_pass = get_migration_pass(who);
228     uint64_t pass;
229 
230     /* Wait for the 1st sync */
231     while (!got_stop && !initial_pass) {
232         usleep(1000);
233         initial_pass = get_migration_pass(who);
234     }
235 
236     do {
237         usleep(1000);
238         pass = get_migration_pass(who);
239     } while (pass == initial_pass && !got_stop);
240 }
241 
242 static void check_guests_ram(QTestState *who)
243 {
244     /* Our ASM test will have been incrementing one byte from each page from
245      * start_address to < end_address in order. This gives us a constraint
246      * that any page's byte should be equal or less than the previous pages
247      * byte (mod 256); and they should all be equal except for one transition
248      * at the point where we meet the incrementer. (We're running this with
249      * the guest stopped).
250      */
251     unsigned address;
252     uint8_t first_byte;
253     uint8_t last_byte;
254     bool hit_edge = false;
255     int bad = 0;
256 
257     qtest_memread(who, start_address, &first_byte, 1);
258     last_byte = first_byte;
259 
260     for (address = start_address + TEST_MEM_PAGE_SIZE; address < end_address;
261          address += TEST_MEM_PAGE_SIZE)
262     {
263         uint8_t b;
264         qtest_memread(who, address, &b, 1);
265         if (b != last_byte) {
266             if (((b + 1) % 256) == last_byte && !hit_edge) {
267                 /* This is OK, the guest stopped at the point of
268                  * incrementing the previous page but didn't get
269                  * to us yet.
270                  */
271                 hit_edge = true;
272                 last_byte = b;
273             } else {
274                 bad++;
275                 if (bad <= 10) {
276                     fprintf(stderr, "Memory content inconsistency at %x"
277                             " first_byte = %x last_byte = %x current = %x"
278                             " hit_edge = %x\n",
279                             address, first_byte, last_byte, b, hit_edge);
280                 }
281             }
282         }
283     }
284     if (bad >= 10) {
285         fprintf(stderr, "and in another %d pages", bad - 10);
286     }
287     g_assert(bad == 0);
288 }
289 
290 static void cleanup(const char *filename)
291 {
292     g_autofree char *path = g_strdup_printf("%s/%s", tmpfs, filename);
293 
294     unlink(path);
295 }
296 
297 static char *SocketAddress_to_str(SocketAddress *addr)
298 {
299     switch (addr->type) {
300     case SOCKET_ADDRESS_TYPE_INET:
301         return g_strdup_printf("tcp:%s:%s",
302                                addr->u.inet.host,
303                                addr->u.inet.port);
304     case SOCKET_ADDRESS_TYPE_UNIX:
305         return g_strdup_printf("unix:%s",
306                                addr->u.q_unix.path);
307     case SOCKET_ADDRESS_TYPE_FD:
308         return g_strdup_printf("fd:%s", addr->u.fd.str);
309     case SOCKET_ADDRESS_TYPE_VSOCK:
310         return g_strdup_printf("tcp:%s:%s",
311                                addr->u.vsock.cid,
312                                addr->u.vsock.port);
313     default:
314         return g_strdup("unknown address type");
315     }
316 }
317 
318 static char *migrate_get_socket_address(QTestState *who, const char *parameter)
319 {
320     QDict *rsp;
321     char *result;
322     SocketAddressList *addrs;
323     Visitor *iv = NULL;
324     QObject *object;
325 
326     rsp = migrate_query(who);
327     object = qdict_get(rsp, parameter);
328 
329     iv = qobject_input_visitor_new(object);
330     visit_type_SocketAddressList(iv, NULL, &addrs, &error_abort);
331     visit_free(iv);
332 
333     /* we are only using a single address */
334     result = SocketAddress_to_str(addrs->value);
335 
336     qapi_free_SocketAddressList(addrs);
337     qobject_unref(rsp);
338     return result;
339 }
340 
341 static long long migrate_get_parameter_int(QTestState *who,
342                                            const char *parameter)
343 {
344     QDict *rsp;
345     long long result;
346 
347     rsp = wait_command(who, "{ 'execute': 'query-migrate-parameters' }");
348     result = qdict_get_int(rsp, parameter);
349     qobject_unref(rsp);
350     return result;
351 }
352 
353 static void migrate_check_parameter_int(QTestState *who, const char *parameter,
354                                         long long value)
355 {
356     long long result;
357 
358     result = migrate_get_parameter_int(who, parameter);
359     g_assert_cmpint(result, ==, value);
360 }
361 
362 static void migrate_set_parameter_int(QTestState *who, const char *parameter,
363                                       long long value)
364 {
365     QDict *rsp;
366 
367     rsp = qtest_qmp(who,
368                     "{ 'execute': 'migrate-set-parameters',"
369                     "'arguments': { %s: %lld } }",
370                     parameter, value);
371     g_assert(qdict_haskey(rsp, "return"));
372     qobject_unref(rsp);
373     migrate_check_parameter_int(who, parameter, value);
374 }
375 
376 static char *migrate_get_parameter_str(QTestState *who,
377                                        const char *parameter)
378 {
379     QDict *rsp;
380     char *result;
381 
382     rsp = wait_command(who, "{ 'execute': 'query-migrate-parameters' }");
383     result = g_strdup(qdict_get_str(rsp, parameter));
384     qobject_unref(rsp);
385     return result;
386 }
387 
388 static void migrate_check_parameter_str(QTestState *who, const char *parameter,
389                                         const char *value)
390 {
391     g_autofree char *result = migrate_get_parameter_str(who, parameter);
392     g_assert_cmpstr(result, ==, value);
393 }
394 
395 static void migrate_set_parameter_str(QTestState *who, const char *parameter,
396                                       const char *value)
397 {
398     QDict *rsp;
399 
400     rsp = qtest_qmp(who,
401                     "{ 'execute': 'migrate-set-parameters',"
402                     "'arguments': { %s: %s } }",
403                     parameter, value);
404     g_assert(qdict_haskey(rsp, "return"));
405     qobject_unref(rsp);
406     migrate_check_parameter_str(who, parameter, value);
407 }
408 
409 static void migrate_ensure_non_converge(QTestState *who)
410 {
411     /* Can't converge with 1ms downtime + 3 mbs bandwidth limit */
412     migrate_set_parameter_int(who, "max-bandwidth", 3 * 1000 * 1000);
413     migrate_set_parameter_int(who, "downtime-limit", 1);
414 }
415 
416 static void migrate_ensure_converge(QTestState *who)
417 {
418     /* Should converge with 30s downtime + 1 gbs bandwidth limit */
419     migrate_set_parameter_int(who, "max-bandwidth", 1 * 1000 * 1000 * 1000);
420     migrate_set_parameter_int(who, "downtime-limit", 30 * 1000);
421 }
422 
423 static void migrate_pause(QTestState *who)
424 {
425     QDict *rsp;
426 
427     rsp = wait_command(who, "{ 'execute': 'migrate-pause' }");
428     qobject_unref(rsp);
429 }
430 
431 static void migrate_continue(QTestState *who, const char *state)
432 {
433     QDict *rsp;
434 
435     rsp = wait_command(who,
436                        "{ 'execute': 'migrate-continue',"
437                        "  'arguments': { 'state': %s } }",
438                        state);
439     qobject_unref(rsp);
440 }
441 
442 static void migrate_recover(QTestState *who, const char *uri)
443 {
444     QDict *rsp;
445 
446     rsp = wait_command(who,
447                        "{ 'execute': 'migrate-recover', "
448                        "  'id': 'recover-cmd', "
449                        "  'arguments': { 'uri': %s } }",
450                        uri);
451     qobject_unref(rsp);
452 }
453 
454 static void migrate_cancel(QTestState *who)
455 {
456     QDict *rsp;
457 
458     rsp = wait_command(who, "{ 'execute': 'migrate_cancel' }");
459     qobject_unref(rsp);
460 }
461 
462 static void migrate_set_capability(QTestState *who, const char *capability,
463                                    bool value)
464 {
465     QDict *rsp;
466 
467     rsp = qtest_qmp(who,
468                     "{ 'execute': 'migrate-set-capabilities',"
469                     "'arguments': { "
470                     "'capabilities': [ { "
471                     "'capability': %s, 'state': %i } ] } }",
472                     capability, value);
473     g_assert(qdict_haskey(rsp, "return"));
474     qobject_unref(rsp);
475 }
476 
477 static void migrate_postcopy_start(QTestState *from, QTestState *to)
478 {
479     QDict *rsp;
480 
481     rsp = wait_command(from, "{ 'execute': 'migrate-start-postcopy' }");
482     qobject_unref(rsp);
483 
484     if (!got_stop) {
485         qtest_qmp_eventwait(from, "STOP");
486     }
487 
488     qtest_qmp_eventwait(to, "RESUME");
489 }
490 
491 typedef struct {
492     /*
493      * QTEST_LOG=1 may override this.  When QTEST_LOG=1, we always dump errors
494      * unconditionally, because it means the user would like to be verbose.
495      */
496     bool hide_stderr;
497     bool use_shmem;
498     /* only launch the target process */
499     bool only_target;
500     /* Use dirty ring if true; dirty logging otherwise */
501     bool use_dirty_ring;
502     const char *opts_source;
503     const char *opts_target;
504 } MigrateStart;
505 
506 /*
507  * A hook that runs after the src and dst QEMUs have been
508  * created, but before the migration is started. This can
509  * be used to set migration parameters and capabilities.
510  *
511  * Returns: NULL, or a pointer to opaque state to be
512  *          later passed to the TestMigrateFinishHook
513  */
514 typedef void * (*TestMigrateStartHook)(QTestState *from,
515                                        QTestState *to);
516 
517 /*
518  * A hook that runs after the migration has finished,
519  * regardless of whether it succeeded or failed, but
520  * before QEMU has terminated (unless it self-terminated
521  * due to migration error)
522  *
523  * @opaque is a pointer to state previously returned
524  * by the TestMigrateStartHook if any, or NULL.
525  */
526 typedef void (*TestMigrateFinishHook)(QTestState *from,
527                                       QTestState *to,
528                                       void *opaque);
529 
530 typedef struct {
531     /* Optional: fine tune start parameters */
532     MigrateStart start;
533 
534     /* Required: the URI for the dst QEMU to listen on */
535     const char *listen_uri;
536 
537     /*
538      * Optional: the URI for the src QEMU to connect to
539      * If NULL, then it will query the dst QEMU for its actual
540      * listening address and use that as the connect address.
541      * This allows for dynamically picking a free TCP port.
542      */
543     const char *connect_uri;
544 
545     /* Optional: callback to run at start to set migration parameters */
546     TestMigrateStartHook start_hook;
547     /* Optional: callback to run at finish to cleanup */
548     TestMigrateFinishHook finish_hook;
549 
550     /*
551      * Optional: normally we expect the migration process to complete.
552      *
553      * There can be a variety of reasons and stages in which failure
554      * can happen during tests.
555      *
556      * If a failure is expected to happen at time of establishing
557      * the connection, then MIG_TEST_FAIL will indicate that the dst
558      * QEMU is expected to stay running and accept future migration
559      * connections.
560      *
561      * If a failure is expected to happen while processing the
562      * migration stream, then MIG_TEST_FAIL_DEST_QUIT_ERR will indicate
563      * that the dst QEMU is expected to quit with non-zero exit status
564      */
565     enum {
566         /* This test should succeed, the default */
567         MIG_TEST_SUCCEED = 0,
568         /* This test should fail, dest qemu should keep alive */
569         MIG_TEST_FAIL,
570         /* This test should fail, dest qemu should fail with abnormal status */
571         MIG_TEST_FAIL_DEST_QUIT_ERR,
572     } result;
573 
574     /* Optional: set number of migration passes to wait for */
575     unsigned int iterations;
576 
577     /* Postcopy specific fields */
578     void *postcopy_data;
579     bool postcopy_preempt;
580 } MigrateCommon;
581 
582 static int test_migrate_start(QTestState **from, QTestState **to,
583                               const char *uri, MigrateStart *args)
584 {
585     g_autofree gchar *arch_source = NULL;
586     g_autofree gchar *arch_target = NULL;
587     g_autofree gchar *cmd_source = NULL;
588     g_autofree gchar *cmd_target = NULL;
589     const gchar *ignore_stderr;
590     g_autofree char *bootpath = NULL;
591     g_autofree char *shmem_opts = NULL;
592     g_autofree char *shmem_path = NULL;
593     const char *arch = qtest_get_arch();
594     const char *machine_opts = NULL;
595     const char *memory_size;
596 
597     if (args->use_shmem) {
598         if (!g_file_test("/dev/shm", G_FILE_TEST_IS_DIR)) {
599             g_test_skip("/dev/shm is not supported");
600             return -1;
601         }
602     }
603 
604     got_stop = false;
605     bootpath = g_strdup_printf("%s/bootsect", tmpfs);
606     if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) {
607         /* the assembled x86 boot sector should be exactly one sector large */
608         assert(sizeof(x86_bootsect) == 512);
609         init_bootfile(bootpath, x86_bootsect, sizeof(x86_bootsect));
610         memory_size = "150M";
611         arch_source = g_strdup_printf("-drive file=%s,format=raw", bootpath);
612         arch_target = g_strdup(arch_source);
613         start_address = X86_TEST_MEM_START;
614         end_address = X86_TEST_MEM_END;
615     } else if (g_str_equal(arch, "s390x")) {
616         init_bootfile(bootpath, s390x_elf, sizeof(s390x_elf));
617         memory_size = "128M";
618         arch_source = g_strdup_printf("-bios %s", bootpath);
619         arch_target = g_strdup(arch_source);
620         start_address = S390_TEST_MEM_START;
621         end_address = S390_TEST_MEM_END;
622     } else if (strcmp(arch, "ppc64") == 0) {
623         machine_opts = "vsmt=8";
624         memory_size = "256M";
625         start_address = PPC_TEST_MEM_START;
626         end_address = PPC_TEST_MEM_END;
627         arch_source = g_strdup_printf("-nodefaults "
628                                       "-prom-env 'use-nvramrc?=true' -prom-env "
629                                       "'nvramrc=hex .\" _\" begin %x %x "
630                                       "do i c@ 1 + i c! 1000 +loop .\" B\" 0 "
631                                       "until'", end_address, start_address);
632         arch_target = g_strdup("");
633     } else if (strcmp(arch, "aarch64") == 0) {
634         init_bootfile(bootpath, aarch64_kernel, sizeof(aarch64_kernel));
635         machine_opts = "virt,gic-version=max";
636         memory_size = "150M";
637         arch_source = g_strdup_printf("-cpu max "
638                                       "-kernel %s",
639                                       bootpath);
640         arch_target = g_strdup(arch_source);
641         start_address = ARM_TEST_MEM_START;
642         end_address = ARM_TEST_MEM_END;
643 
644         g_assert(sizeof(aarch64_kernel) <= ARM_TEST_MAX_KERNEL_SIZE);
645     } else {
646         g_assert_not_reached();
647     }
648 
649     if (!getenv("QTEST_LOG") && args->hide_stderr) {
650 #ifndef _WIN32
651         ignore_stderr = "2>/dev/null";
652 #else
653         /*
654          * On Windows the QEMU executable is created via CreateProcess() and
655          * IO redirection does not work, so don't bother adding IO redirection
656          * to the command line.
657          */
658         ignore_stderr = "";
659 #endif
660     } else {
661         ignore_stderr = "";
662     }
663 
664     if (args->use_shmem) {
665         shmem_path = g_strdup_printf("/dev/shm/qemu-%d", getpid());
666         shmem_opts = g_strdup_printf(
667             "-object memory-backend-file,id=mem0,size=%s"
668             ",mem-path=%s,share=on -numa node,memdev=mem0",
669             memory_size, shmem_path);
670     } else {
671         shmem_path = NULL;
672         shmem_opts = g_strdup("");
673     }
674 
675     cmd_source = g_strdup_printf("-accel kvm%s -accel tcg%s%s "
676                                  "-name source,debug-threads=on "
677                                  "-m %s "
678                                  "-serial file:%s/src_serial "
679                                  "%s %s %s %s",
680                                  args->use_dirty_ring ?
681                                  ",dirty-ring-size=4096" : "",
682                                  machine_opts ? " -machine " : "",
683                                  machine_opts ? machine_opts : "",
684                                  memory_size, tmpfs,
685                                  arch_source, shmem_opts,
686                                  args->opts_source ? args->opts_source : "",
687                                  ignore_stderr);
688     if (!args->only_target) {
689         *from = qtest_init(cmd_source);
690     }
691 
692     cmd_target = g_strdup_printf("-accel kvm%s -accel tcg%s%s "
693                                  "-name target,debug-threads=on "
694                                  "-m %s "
695                                  "-serial file:%s/dest_serial "
696                                  "-incoming %s "
697                                  "%s %s %s %s",
698                                  args->use_dirty_ring ?
699                                  ",dirty-ring-size=4096" : "",
700                                  machine_opts ? " -machine " : "",
701                                  machine_opts ? machine_opts : "",
702                                  memory_size, tmpfs, uri,
703                                  arch_target, shmem_opts,
704                                  args->opts_target ? args->opts_target : "",
705                                  ignore_stderr);
706     *to = qtest_init(cmd_target);
707 
708     /*
709      * Remove shmem file immediately to avoid memory leak in test failed case.
710      * It's valid becase QEMU has already opened this file
711      */
712     if (args->use_shmem) {
713         unlink(shmem_path);
714     }
715 
716     return 0;
717 }
718 
719 static void test_migrate_end(QTestState *from, QTestState *to, bool test_dest)
720 {
721     unsigned char dest_byte_a, dest_byte_b, dest_byte_c, dest_byte_d;
722 
723     qtest_quit(from);
724 
725     if (test_dest) {
726         qtest_memread(to, start_address, &dest_byte_a, 1);
727 
728         /* Destination still running, wait for a byte to change */
729         do {
730             qtest_memread(to, start_address, &dest_byte_b, 1);
731             usleep(1000 * 10);
732         } while (dest_byte_a == dest_byte_b);
733 
734         qtest_qmp_discard_response(to, "{ 'execute' : 'stop'}");
735 
736         /* With it stopped, check nothing changes */
737         qtest_memread(to, start_address, &dest_byte_c, 1);
738         usleep(1000 * 200);
739         qtest_memread(to, start_address, &dest_byte_d, 1);
740         g_assert_cmpint(dest_byte_c, ==, dest_byte_d);
741 
742         check_guests_ram(to);
743     }
744 
745     qtest_quit(to);
746 
747     cleanup("bootsect");
748     cleanup("migsocket");
749     cleanup("src_serial");
750     cleanup("dest_serial");
751 }
752 
753 #ifdef CONFIG_GNUTLS
754 struct TestMigrateTLSPSKData {
755     char *workdir;
756     char *workdiralt;
757     char *pskfile;
758     char *pskfilealt;
759 };
760 
761 static void *
762 test_migrate_tls_psk_start_common(QTestState *from,
763                                   QTestState *to,
764                                   bool mismatch)
765 {
766     struct TestMigrateTLSPSKData *data =
767         g_new0(struct TestMigrateTLSPSKData, 1);
768     QDict *rsp;
769 
770     data->workdir = g_strdup_printf("%s/tlscredspsk0", tmpfs);
771     data->pskfile = g_strdup_printf("%s/%s", data->workdir,
772                                     QCRYPTO_TLS_CREDS_PSKFILE);
773     g_mkdir_with_parents(data->workdir, 0700);
774     test_tls_psk_init(data->pskfile);
775 
776     if (mismatch) {
777         data->workdiralt = g_strdup_printf("%s/tlscredspskalt0", tmpfs);
778         data->pskfilealt = g_strdup_printf("%s/%s", data->workdiralt,
779                                            QCRYPTO_TLS_CREDS_PSKFILE);
780         g_mkdir_with_parents(data->workdiralt, 0700);
781         test_tls_psk_init_alt(data->pskfilealt);
782     }
783 
784     rsp = wait_command(from,
785                        "{ 'execute': 'object-add',"
786                        "  'arguments': { 'qom-type': 'tls-creds-psk',"
787                        "                 'id': 'tlscredspsk0',"
788                        "                 'endpoint': 'client',"
789                        "                 'dir': %s,"
790                        "                 'username': 'qemu'} }",
791                        data->workdir);
792     qobject_unref(rsp);
793 
794     rsp = wait_command(to,
795                        "{ 'execute': 'object-add',"
796                        "  'arguments': { 'qom-type': 'tls-creds-psk',"
797                        "                 'id': 'tlscredspsk0',"
798                        "                 'endpoint': 'server',"
799                        "                 'dir': %s } }",
800                        mismatch ? data->workdiralt : data->workdir);
801     qobject_unref(rsp);
802 
803     migrate_set_parameter_str(from, "tls-creds", "tlscredspsk0");
804     migrate_set_parameter_str(to, "tls-creds", "tlscredspsk0");
805 
806     return data;
807 }
808 
809 static void *
810 test_migrate_tls_psk_start_match(QTestState *from,
811                                  QTestState *to)
812 {
813     return test_migrate_tls_psk_start_common(from, to, false);
814 }
815 
816 static void *
817 test_migrate_tls_psk_start_mismatch(QTestState *from,
818                                     QTestState *to)
819 {
820     return test_migrate_tls_psk_start_common(from, to, true);
821 }
822 
823 static void
824 test_migrate_tls_psk_finish(QTestState *from,
825                             QTestState *to,
826                             void *opaque)
827 {
828     struct TestMigrateTLSPSKData *data = opaque;
829 
830     test_tls_psk_cleanup(data->pskfile);
831     if (data->pskfilealt) {
832         test_tls_psk_cleanup(data->pskfilealt);
833     }
834     rmdir(data->workdir);
835     if (data->workdiralt) {
836         rmdir(data->workdiralt);
837     }
838 
839     g_free(data->workdiralt);
840     g_free(data->pskfilealt);
841     g_free(data->workdir);
842     g_free(data->pskfile);
843     g_free(data);
844 }
845 
846 #ifdef CONFIG_TASN1
847 typedef struct {
848     char *workdir;
849     char *keyfile;
850     char *cacert;
851     char *servercert;
852     char *serverkey;
853     char *clientcert;
854     char *clientkey;
855 } TestMigrateTLSX509Data;
856 
857 typedef struct {
858     bool verifyclient;
859     bool clientcert;
860     bool hostileclient;
861     bool authzclient;
862     const char *certhostname;
863     const char *certipaddr;
864 } TestMigrateTLSX509;
865 
866 static void *
867 test_migrate_tls_x509_start_common(QTestState *from,
868                                    QTestState *to,
869                                    TestMigrateTLSX509 *args)
870 {
871     TestMigrateTLSX509Data *data = g_new0(TestMigrateTLSX509Data, 1);
872     QDict *rsp;
873 
874     data->workdir = g_strdup_printf("%s/tlscredsx5090", tmpfs);
875     data->keyfile = g_strdup_printf("%s/key.pem", data->workdir);
876 
877     data->cacert = g_strdup_printf("%s/ca-cert.pem", data->workdir);
878     data->serverkey = g_strdup_printf("%s/server-key.pem", data->workdir);
879     data->servercert = g_strdup_printf("%s/server-cert.pem", data->workdir);
880     if (args->clientcert) {
881         data->clientkey = g_strdup_printf("%s/client-key.pem", data->workdir);
882         data->clientcert = g_strdup_printf("%s/client-cert.pem", data->workdir);
883     }
884 
885     g_mkdir_with_parents(data->workdir, 0700);
886 
887     test_tls_init(data->keyfile);
888 #ifndef _WIN32
889     g_assert(link(data->keyfile, data->serverkey) == 0);
890 #else
891     g_assert(CreateHardLink(data->serverkey, data->keyfile, NULL) != 0);
892 #endif
893     if (args->clientcert) {
894 #ifndef _WIN32
895         g_assert(link(data->keyfile, data->clientkey) == 0);
896 #else
897         g_assert(CreateHardLink(data->clientkey, data->keyfile, NULL) != 0);
898 #endif
899     }
900 
901     TLS_ROOT_REQ_SIMPLE(cacertreq, data->cacert);
902     if (args->clientcert) {
903         TLS_CERT_REQ_SIMPLE_CLIENT(servercertreq, cacertreq,
904                                    args->hostileclient ?
905                                    QCRYPTO_TLS_TEST_CLIENT_HOSTILE_NAME :
906                                    QCRYPTO_TLS_TEST_CLIENT_NAME,
907                                    data->clientcert);
908     }
909 
910     TLS_CERT_REQ_SIMPLE_SERVER(clientcertreq, cacertreq,
911                                data->servercert,
912                                args->certhostname,
913                                args->certipaddr);
914 
915     rsp = wait_command(from,
916                        "{ 'execute': 'object-add',"
917                        "  'arguments': { 'qom-type': 'tls-creds-x509',"
918                        "                 'id': 'tlscredsx509client0',"
919                        "                 'endpoint': 'client',"
920                        "                 'dir': %s,"
921                        "                 'sanity-check': true,"
922                        "                 'verify-peer': true} }",
923                        data->workdir);
924     qobject_unref(rsp);
925     migrate_set_parameter_str(from, "tls-creds", "tlscredsx509client0");
926     if (args->certhostname) {
927         migrate_set_parameter_str(from, "tls-hostname", args->certhostname);
928     }
929 
930     rsp = wait_command(to,
931                        "{ 'execute': 'object-add',"
932                        "  'arguments': { 'qom-type': 'tls-creds-x509',"
933                        "                 'id': 'tlscredsx509server0',"
934                        "                 'endpoint': 'server',"
935                        "                 'dir': %s,"
936                        "                 'sanity-check': true,"
937                        "                 'verify-peer': %i} }",
938                        data->workdir, args->verifyclient);
939     qobject_unref(rsp);
940     migrate_set_parameter_str(to, "tls-creds", "tlscredsx509server0");
941 
942     if (args->authzclient) {
943         rsp = wait_command(to,
944                            "{ 'execute': 'object-add',"
945                            "  'arguments': { 'qom-type': 'authz-simple',"
946                            "                 'id': 'tlsauthz0',"
947                            "                 'identity': %s} }",
948                            "CN=" QCRYPTO_TLS_TEST_CLIENT_NAME);
949         migrate_set_parameter_str(to, "tls-authz", "tlsauthz0");
950     }
951 
952     return data;
953 }
954 
955 /*
956  * The normal case: match server's cert hostname against
957  * whatever host we were telling QEMU to connect to (if any)
958  */
959 static void *
960 test_migrate_tls_x509_start_default_host(QTestState *from,
961                                          QTestState *to)
962 {
963     TestMigrateTLSX509 args = {
964         .verifyclient = true,
965         .clientcert = true,
966         .certipaddr = "127.0.0.1"
967     };
968     return test_migrate_tls_x509_start_common(from, to, &args);
969 }
970 
971 /*
972  * The unusual case: the server's cert is different from
973  * the address we're telling QEMU to connect to (if any),
974  * so we must give QEMU an explicit hostname to validate
975  */
976 static void *
977 test_migrate_tls_x509_start_override_host(QTestState *from,
978                                           QTestState *to)
979 {
980     TestMigrateTLSX509 args = {
981         .verifyclient = true,
982         .clientcert = true,
983         .certhostname = "qemu.org",
984     };
985     return test_migrate_tls_x509_start_common(from, to, &args);
986 }
987 
988 /*
989  * The unusual case: the server's cert is different from
990  * the address we're telling QEMU to connect to, and so we
991  * expect the client to reject the server
992  */
993 static void *
994 test_migrate_tls_x509_start_mismatch_host(QTestState *from,
995                                           QTestState *to)
996 {
997     TestMigrateTLSX509 args = {
998         .verifyclient = true,
999         .clientcert = true,
1000         .certipaddr = "10.0.0.1",
1001     };
1002     return test_migrate_tls_x509_start_common(from, to, &args);
1003 }
1004 
1005 static void *
1006 test_migrate_tls_x509_start_friendly_client(QTestState *from,
1007                                             QTestState *to)
1008 {
1009     TestMigrateTLSX509 args = {
1010         .verifyclient = true,
1011         .clientcert = true,
1012         .authzclient = true,
1013         .certipaddr = "127.0.0.1",
1014     };
1015     return test_migrate_tls_x509_start_common(from, to, &args);
1016 }
1017 
1018 static void *
1019 test_migrate_tls_x509_start_hostile_client(QTestState *from,
1020                                            QTestState *to)
1021 {
1022     TestMigrateTLSX509 args = {
1023         .verifyclient = true,
1024         .clientcert = true,
1025         .hostileclient = true,
1026         .authzclient = true,
1027         .certipaddr = "127.0.0.1",
1028     };
1029     return test_migrate_tls_x509_start_common(from, to, &args);
1030 }
1031 
1032 /*
1033  * The case with no client certificate presented,
1034  * and no server verification
1035  */
1036 static void *
1037 test_migrate_tls_x509_start_allow_anon_client(QTestState *from,
1038                                               QTestState *to)
1039 {
1040     TestMigrateTLSX509 args = {
1041         .certipaddr = "127.0.0.1",
1042     };
1043     return test_migrate_tls_x509_start_common(from, to, &args);
1044 }
1045 
1046 /*
1047  * The case with no client certificate presented,
1048  * and server verification rejecting
1049  */
1050 static void *
1051 test_migrate_tls_x509_start_reject_anon_client(QTestState *from,
1052                                                QTestState *to)
1053 {
1054     TestMigrateTLSX509 args = {
1055         .verifyclient = true,
1056         .certipaddr = "127.0.0.1",
1057     };
1058     return test_migrate_tls_x509_start_common(from, to, &args);
1059 }
1060 
1061 static void
1062 test_migrate_tls_x509_finish(QTestState *from,
1063                              QTestState *to,
1064                              void *opaque)
1065 {
1066     TestMigrateTLSX509Data *data = opaque;
1067 
1068     test_tls_cleanup(data->keyfile);
1069     g_free(data->keyfile);
1070 
1071     unlink(data->cacert);
1072     g_free(data->cacert);
1073     unlink(data->servercert);
1074     g_free(data->servercert);
1075     unlink(data->serverkey);
1076     g_free(data->serverkey);
1077 
1078     if (data->clientcert) {
1079         unlink(data->clientcert);
1080         g_free(data->clientcert);
1081     }
1082     if (data->clientkey) {
1083         unlink(data->clientkey);
1084         g_free(data->clientkey);
1085     }
1086 
1087     rmdir(data->workdir);
1088     g_free(data->workdir);
1089 
1090     g_free(data);
1091 }
1092 #endif /* CONFIG_TASN1 */
1093 #endif /* CONFIG_GNUTLS */
1094 
1095 static int migrate_postcopy_prepare(QTestState **from_ptr,
1096                                     QTestState **to_ptr,
1097                                     MigrateCommon *args)
1098 {
1099     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1100     QTestState *from, *to;
1101 
1102     if (test_migrate_start(&from, &to, uri, &args->start)) {
1103         return -1;
1104     }
1105 
1106     if (args->start_hook) {
1107         args->postcopy_data = args->start_hook(from, to);
1108     }
1109 
1110     migrate_set_capability(from, "postcopy-ram", true);
1111     migrate_set_capability(to, "postcopy-ram", true);
1112     migrate_set_capability(to, "postcopy-blocktime", true);
1113 
1114     if (args->postcopy_preempt) {
1115         migrate_set_capability(from, "postcopy-preempt", true);
1116         migrate_set_capability(to, "postcopy-preempt", true);
1117     }
1118 
1119     migrate_ensure_non_converge(from);
1120 
1121     /* Wait for the first serial output from the source */
1122     wait_for_serial("src_serial");
1123 
1124     migrate_qmp(from, uri, "{}");
1125 
1126     wait_for_migration_pass(from);
1127 
1128     *from_ptr = from;
1129     *to_ptr = to;
1130 
1131     return 0;
1132 }
1133 
1134 static void migrate_postcopy_complete(QTestState *from, QTestState *to,
1135                                       MigrateCommon *args)
1136 {
1137     wait_for_migration_complete(from);
1138 
1139     /* Make sure we get at least one "B" on destination */
1140     wait_for_serial("dest_serial");
1141 
1142     if (uffd_feature_thread_id) {
1143         read_blocktime(to);
1144     }
1145 
1146     if (args->finish_hook) {
1147         args->finish_hook(from, to, args->postcopy_data);
1148         args->postcopy_data = NULL;
1149     }
1150 
1151     test_migrate_end(from, to, true);
1152 }
1153 
1154 static void test_postcopy_common(MigrateCommon *args)
1155 {
1156     QTestState *from, *to;
1157 
1158     if (migrate_postcopy_prepare(&from, &to, args)) {
1159         return;
1160     }
1161     migrate_postcopy_start(from, to);
1162     migrate_postcopy_complete(from, to, args);
1163 }
1164 
1165 static void test_postcopy(void)
1166 {
1167     MigrateCommon args = { };
1168 
1169     test_postcopy_common(&args);
1170 }
1171 
1172 static void test_postcopy_preempt(void)
1173 {
1174     MigrateCommon args = {
1175         .postcopy_preempt = true,
1176     };
1177 
1178     test_postcopy_common(&args);
1179 }
1180 
1181 #ifdef CONFIG_GNUTLS
1182 static void test_postcopy_tls_psk(void)
1183 {
1184     MigrateCommon args = {
1185         .start_hook = test_migrate_tls_psk_start_match,
1186         .finish_hook = test_migrate_tls_psk_finish,
1187     };
1188 
1189     test_postcopy_common(&args);
1190 }
1191 
1192 static void test_postcopy_preempt_tls_psk(void)
1193 {
1194     MigrateCommon args = {
1195         .postcopy_preempt = true,
1196         .start_hook = test_migrate_tls_psk_start_match,
1197         .finish_hook = test_migrate_tls_psk_finish,
1198     };
1199 
1200     test_postcopy_common(&args);
1201 }
1202 #endif
1203 
1204 static void test_postcopy_recovery_common(MigrateCommon *args)
1205 {
1206     QTestState *from, *to;
1207     g_autofree char *uri = NULL;
1208 
1209     /* Always hide errors for postcopy recover tests since they're expected */
1210     args->start.hide_stderr = true;
1211 
1212     if (migrate_postcopy_prepare(&from, &to, args)) {
1213         return;
1214     }
1215 
1216     /* Turn postcopy speed down, 4K/s is slow enough on any machines */
1217     migrate_set_parameter_int(from, "max-postcopy-bandwidth", 4096);
1218 
1219     /* Now we start the postcopy */
1220     migrate_postcopy_start(from, to);
1221 
1222     /*
1223      * Wait until postcopy is really started; we can only run the
1224      * migrate-pause command during a postcopy
1225      */
1226     wait_for_migration_status(from, "postcopy-active", NULL);
1227 
1228     /*
1229      * Manually stop the postcopy migration. This emulates a network
1230      * failure with the migration socket
1231      */
1232     migrate_pause(from);
1233 
1234     /*
1235      * Wait for destination side to reach postcopy-paused state.  The
1236      * migrate-recover command can only succeed if destination machine
1237      * is in the paused state
1238      */
1239     wait_for_migration_status(to, "postcopy-paused",
1240                               (const char * []) { "failed", "active",
1241                                                   "completed", NULL });
1242 
1243     /*
1244      * Create a new socket to emulate a new channel that is different
1245      * from the broken migration channel; tell the destination to
1246      * listen to the new port
1247      */
1248     uri = g_strdup_printf("unix:%s/migsocket-recover", tmpfs);
1249     migrate_recover(to, uri);
1250 
1251     /*
1252      * Try to rebuild the migration channel using the resume flag and
1253      * the newly created channel
1254      */
1255     wait_for_migration_status(from, "postcopy-paused",
1256                               (const char * []) { "failed", "active",
1257                                                   "completed", NULL });
1258     migrate_qmp(from, uri, "{'resume': true}");
1259 
1260     /* Restore the postcopy bandwidth to unlimited */
1261     migrate_set_parameter_int(from, "max-postcopy-bandwidth", 0);
1262 
1263     migrate_postcopy_complete(from, to, args);
1264 }
1265 
1266 static void test_postcopy_recovery(void)
1267 {
1268     MigrateCommon args = { };
1269 
1270     test_postcopy_recovery_common(&args);
1271 }
1272 
1273 #ifdef CONFIG_GNUTLS
1274 static void test_postcopy_recovery_tls_psk(void)
1275 {
1276     MigrateCommon args = {
1277         .start_hook = test_migrate_tls_psk_start_match,
1278         .finish_hook = test_migrate_tls_psk_finish,
1279     };
1280 
1281     test_postcopy_recovery_common(&args);
1282 }
1283 #endif
1284 
1285 static void test_postcopy_preempt_recovery(void)
1286 {
1287     MigrateCommon args = {
1288         .postcopy_preempt = true,
1289     };
1290 
1291     test_postcopy_recovery_common(&args);
1292 }
1293 
1294 #ifdef CONFIG_GNUTLS
1295 /* This contains preempt+recovery+tls test altogether */
1296 static void test_postcopy_preempt_all(void)
1297 {
1298     MigrateCommon args = {
1299         .postcopy_preempt = true,
1300         .start_hook = test_migrate_tls_psk_start_match,
1301         .finish_hook = test_migrate_tls_psk_finish,
1302     };
1303 
1304     test_postcopy_recovery_common(&args);
1305 }
1306 #endif
1307 
1308 static void test_baddest(void)
1309 {
1310     MigrateStart args = {
1311         .hide_stderr = true
1312     };
1313     QTestState *from, *to;
1314 
1315     if (test_migrate_start(&from, &to, "tcp:127.0.0.1:0", &args)) {
1316         return;
1317     }
1318     migrate_qmp(from, "tcp:127.0.0.1:0", "{}");
1319     wait_for_migration_fail(from, false);
1320     test_migrate_end(from, to, false);
1321 }
1322 
1323 static void test_precopy_common(MigrateCommon *args)
1324 {
1325     QTestState *from, *to;
1326     void *data_hook = NULL;
1327 
1328     if (test_migrate_start(&from, &to, args->listen_uri, &args->start)) {
1329         return;
1330     }
1331 
1332     migrate_ensure_non_converge(from);
1333 
1334     if (args->start_hook) {
1335         data_hook = args->start_hook(from, to);
1336     }
1337 
1338     /* Wait for the first serial output from the source */
1339     if (args->result == MIG_TEST_SUCCEED) {
1340         wait_for_serial("src_serial");
1341     }
1342 
1343     if (!args->connect_uri) {
1344         g_autofree char *local_connect_uri =
1345             migrate_get_socket_address(to, "socket-address");
1346         migrate_qmp(from, local_connect_uri, "{}");
1347     } else {
1348         migrate_qmp(from, args->connect_uri, "{}");
1349     }
1350 
1351 
1352     if (args->result != MIG_TEST_SUCCEED) {
1353         bool allow_active = args->result == MIG_TEST_FAIL;
1354         wait_for_migration_fail(from, allow_active);
1355 
1356         if (args->result == MIG_TEST_FAIL_DEST_QUIT_ERR) {
1357             qtest_set_expected_status(to, EXIT_FAILURE);
1358         }
1359     } else {
1360         if (args->iterations) {
1361             while (args->iterations--) {
1362                 wait_for_migration_pass(from);
1363             }
1364         } else {
1365             wait_for_migration_pass(from);
1366         }
1367 
1368         migrate_ensure_converge(from);
1369 
1370         /* We do this first, as it has a timeout to stop us
1371          * hanging forever if migration didn't converge */
1372         wait_for_migration_complete(from);
1373 
1374         if (!got_stop) {
1375             qtest_qmp_eventwait(from, "STOP");
1376         }
1377 
1378         qtest_qmp_eventwait(to, "RESUME");
1379 
1380         wait_for_serial("dest_serial");
1381     }
1382 
1383     if (args->finish_hook) {
1384         args->finish_hook(from, to, data_hook);
1385     }
1386 
1387     test_migrate_end(from, to, args->result == MIG_TEST_SUCCEED);
1388 }
1389 
1390 static void test_precopy_unix_plain(void)
1391 {
1392     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1393     MigrateCommon args = {
1394         .listen_uri = uri,
1395         .connect_uri = uri,
1396     };
1397 
1398     test_precopy_common(&args);
1399 }
1400 
1401 
1402 static void test_precopy_unix_dirty_ring(void)
1403 {
1404     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1405     MigrateCommon args = {
1406         .start = {
1407             .use_dirty_ring = true,
1408         },
1409         .listen_uri = uri,
1410         .connect_uri = uri,
1411     };
1412 
1413     test_precopy_common(&args);
1414 }
1415 
1416 #ifdef CONFIG_GNUTLS
1417 static void test_precopy_unix_tls_psk(void)
1418 {
1419     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1420     MigrateCommon args = {
1421         .connect_uri = uri,
1422         .listen_uri = uri,
1423         .start_hook = test_migrate_tls_psk_start_match,
1424         .finish_hook = test_migrate_tls_psk_finish,
1425     };
1426 
1427     test_precopy_common(&args);
1428 }
1429 
1430 #ifdef CONFIG_TASN1
1431 static void test_precopy_unix_tls_x509_default_host(void)
1432 {
1433     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1434     MigrateCommon args = {
1435         .start = {
1436             .hide_stderr = true,
1437         },
1438         .connect_uri = uri,
1439         .listen_uri = uri,
1440         .start_hook = test_migrate_tls_x509_start_default_host,
1441         .finish_hook = test_migrate_tls_x509_finish,
1442         .result = MIG_TEST_FAIL_DEST_QUIT_ERR,
1443     };
1444 
1445     test_precopy_common(&args);
1446 }
1447 
1448 static void test_precopy_unix_tls_x509_override_host(void)
1449 {
1450     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1451     MigrateCommon args = {
1452         .connect_uri = uri,
1453         .listen_uri = uri,
1454         .start_hook = test_migrate_tls_x509_start_override_host,
1455         .finish_hook = test_migrate_tls_x509_finish,
1456     };
1457 
1458     test_precopy_common(&args);
1459 }
1460 #endif /* CONFIG_TASN1 */
1461 #endif /* CONFIG_GNUTLS */
1462 
1463 #if 0
1464 /* Currently upset on aarch64 TCG */
1465 static void test_ignore_shared(void)
1466 {
1467     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1468     QTestState *from, *to;
1469 
1470     if (test_migrate_start(&from, &to, uri, false, true, NULL, NULL)) {
1471         return;
1472     }
1473 
1474     migrate_set_capability(from, "x-ignore-shared", true);
1475     migrate_set_capability(to, "x-ignore-shared", true);
1476 
1477     /* Wait for the first serial output from the source */
1478     wait_for_serial("src_serial");
1479 
1480     migrate_qmp(from, uri, "{}");
1481 
1482     wait_for_migration_pass(from);
1483 
1484     if (!got_stop) {
1485         qtest_qmp_eventwait(from, "STOP");
1486     }
1487 
1488     qtest_qmp_eventwait(to, "RESUME");
1489 
1490     wait_for_serial("dest_serial");
1491     wait_for_migration_complete(from);
1492 
1493     /* Check whether shared RAM has been really skipped */
1494     g_assert_cmpint(read_ram_property_int(from, "transferred"), <, 1024 * 1024);
1495 
1496     test_migrate_end(from, to, true);
1497 }
1498 #endif
1499 
1500 static void *
1501 test_migrate_xbzrle_start(QTestState *from,
1502                           QTestState *to)
1503 {
1504     migrate_set_parameter_int(from, "xbzrle-cache-size", 33554432);
1505 
1506     migrate_set_capability(from, "xbzrle", true);
1507     migrate_set_capability(to, "xbzrle", true);
1508 
1509     return NULL;
1510 }
1511 
1512 static void test_precopy_unix_xbzrle(void)
1513 {
1514     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1515     MigrateCommon args = {
1516         .connect_uri = uri,
1517         .listen_uri = uri,
1518 
1519         .start_hook = test_migrate_xbzrle_start,
1520 
1521         .iterations = 2,
1522     };
1523 
1524     test_precopy_common(&args);
1525 }
1526 
1527 static void test_precopy_tcp_plain(void)
1528 {
1529     MigrateCommon args = {
1530         .listen_uri = "tcp:127.0.0.1:0",
1531     };
1532 
1533     test_precopy_common(&args);
1534 }
1535 
1536 #ifdef CONFIG_GNUTLS
1537 static void test_precopy_tcp_tls_psk_match(void)
1538 {
1539     MigrateCommon args = {
1540         .listen_uri = "tcp:127.0.0.1:0",
1541         .start_hook = test_migrate_tls_psk_start_match,
1542         .finish_hook = test_migrate_tls_psk_finish,
1543     };
1544 
1545     test_precopy_common(&args);
1546 }
1547 
1548 static void test_precopy_tcp_tls_psk_mismatch(void)
1549 {
1550     MigrateCommon args = {
1551         .start = {
1552             .hide_stderr = true,
1553         },
1554         .listen_uri = "tcp:127.0.0.1:0",
1555         .start_hook = test_migrate_tls_psk_start_mismatch,
1556         .finish_hook = test_migrate_tls_psk_finish,
1557         .result = MIG_TEST_FAIL,
1558     };
1559 
1560     test_precopy_common(&args);
1561 }
1562 
1563 #ifdef CONFIG_TASN1
1564 static void test_precopy_tcp_tls_x509_default_host(void)
1565 {
1566     MigrateCommon args = {
1567         .listen_uri = "tcp:127.0.0.1:0",
1568         .start_hook = test_migrate_tls_x509_start_default_host,
1569         .finish_hook = test_migrate_tls_x509_finish,
1570     };
1571 
1572     test_precopy_common(&args);
1573 }
1574 
1575 static void test_precopy_tcp_tls_x509_override_host(void)
1576 {
1577     MigrateCommon args = {
1578         .listen_uri = "tcp:127.0.0.1:0",
1579         .start_hook = test_migrate_tls_x509_start_override_host,
1580         .finish_hook = test_migrate_tls_x509_finish,
1581     };
1582 
1583     test_precopy_common(&args);
1584 }
1585 
1586 static void test_precopy_tcp_tls_x509_mismatch_host(void)
1587 {
1588     MigrateCommon args = {
1589         .start = {
1590             .hide_stderr = true,
1591         },
1592         .listen_uri = "tcp:127.0.0.1:0",
1593         .start_hook = test_migrate_tls_x509_start_mismatch_host,
1594         .finish_hook = test_migrate_tls_x509_finish,
1595         .result = MIG_TEST_FAIL_DEST_QUIT_ERR,
1596     };
1597 
1598     test_precopy_common(&args);
1599 }
1600 
1601 static void test_precopy_tcp_tls_x509_friendly_client(void)
1602 {
1603     MigrateCommon args = {
1604         .listen_uri = "tcp:127.0.0.1:0",
1605         .start_hook = test_migrate_tls_x509_start_friendly_client,
1606         .finish_hook = test_migrate_tls_x509_finish,
1607     };
1608 
1609     test_precopy_common(&args);
1610 }
1611 
1612 static void test_precopy_tcp_tls_x509_hostile_client(void)
1613 {
1614     MigrateCommon args = {
1615         .start = {
1616             .hide_stderr = true,
1617         },
1618         .listen_uri = "tcp:127.0.0.1:0",
1619         .start_hook = test_migrate_tls_x509_start_hostile_client,
1620         .finish_hook = test_migrate_tls_x509_finish,
1621         .result = MIG_TEST_FAIL,
1622     };
1623 
1624     test_precopy_common(&args);
1625 }
1626 
1627 static void test_precopy_tcp_tls_x509_allow_anon_client(void)
1628 {
1629     MigrateCommon args = {
1630         .listen_uri = "tcp:127.0.0.1:0",
1631         .start_hook = test_migrate_tls_x509_start_allow_anon_client,
1632         .finish_hook = test_migrate_tls_x509_finish,
1633     };
1634 
1635     test_precopy_common(&args);
1636 }
1637 
1638 static void test_precopy_tcp_tls_x509_reject_anon_client(void)
1639 {
1640     MigrateCommon args = {
1641         .start = {
1642             .hide_stderr = true,
1643         },
1644         .listen_uri = "tcp:127.0.0.1:0",
1645         .start_hook = test_migrate_tls_x509_start_reject_anon_client,
1646         .finish_hook = test_migrate_tls_x509_finish,
1647         .result = MIG_TEST_FAIL,
1648     };
1649 
1650     test_precopy_common(&args);
1651 }
1652 #endif /* CONFIG_TASN1 */
1653 #endif /* CONFIG_GNUTLS */
1654 
1655 #ifndef _WIN32
1656 static void *test_migrate_fd_start_hook(QTestState *from,
1657                                         QTestState *to)
1658 {
1659     QDict *rsp;
1660     int ret;
1661     int pair[2];
1662 
1663     /* Create two connected sockets for migration */
1664     ret = qemu_socketpair(PF_LOCAL, SOCK_STREAM, 0, pair);
1665     g_assert_cmpint(ret, ==, 0);
1666 
1667     /* Send the 1st socket to the target */
1668     rsp = wait_command_fd(to, pair[0],
1669                           "{ 'execute': 'getfd',"
1670                           "  'arguments': { 'fdname': 'fd-mig' }}");
1671     qobject_unref(rsp);
1672     close(pair[0]);
1673 
1674     /* Start incoming migration from the 1st socket */
1675     rsp = wait_command(to, "{ 'execute': 'migrate-incoming',"
1676                            "  'arguments': { 'uri': 'fd:fd-mig' }}");
1677     qobject_unref(rsp);
1678 
1679     /* Send the 2nd socket to the target */
1680     rsp = wait_command_fd(from, pair[1],
1681                           "{ 'execute': 'getfd',"
1682                           "  'arguments': { 'fdname': 'fd-mig' }}");
1683     qobject_unref(rsp);
1684     close(pair[1]);
1685 
1686     return NULL;
1687 }
1688 
1689 static void test_migrate_fd_finish_hook(QTestState *from,
1690                                         QTestState *to,
1691                                         void *opaque)
1692 {
1693     QDict *rsp;
1694     const char *error_desc;
1695 
1696     /* Test closing fds */
1697     /* We assume, that QEMU removes named fd from its list,
1698      * so this should fail */
1699     rsp = qtest_qmp(from, "{ 'execute': 'closefd',"
1700                           "  'arguments': { 'fdname': 'fd-mig' }}");
1701     g_assert_true(qdict_haskey(rsp, "error"));
1702     error_desc = qdict_get_str(qdict_get_qdict(rsp, "error"), "desc");
1703     g_assert_cmpstr(error_desc, ==, "File descriptor named 'fd-mig' not found");
1704     qobject_unref(rsp);
1705 
1706     rsp = qtest_qmp(to, "{ 'execute': 'closefd',"
1707                         "  'arguments': { 'fdname': 'fd-mig' }}");
1708     g_assert_true(qdict_haskey(rsp, "error"));
1709     error_desc = qdict_get_str(qdict_get_qdict(rsp, "error"), "desc");
1710     g_assert_cmpstr(error_desc, ==, "File descriptor named 'fd-mig' not found");
1711     qobject_unref(rsp);
1712 }
1713 
1714 static void test_migrate_fd_proto(void)
1715 {
1716     MigrateCommon args = {
1717         .listen_uri = "defer",
1718         .connect_uri = "fd:fd-mig",
1719         .start_hook = test_migrate_fd_start_hook,
1720         .finish_hook = test_migrate_fd_finish_hook
1721     };
1722     test_precopy_common(&args);
1723 }
1724 #endif /* _WIN32 */
1725 
1726 static void do_test_validate_uuid(MigrateStart *args, bool should_fail)
1727 {
1728     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1729     QTestState *from, *to;
1730 
1731     if (test_migrate_start(&from, &to, uri, args)) {
1732         return;
1733     }
1734 
1735     /*
1736      * UUID validation is at the begin of migration. So, the main process of
1737      * migration is not interesting for us here. Thus, set huge downtime for
1738      * very fast migration.
1739      */
1740     migrate_set_parameter_int(from, "downtime-limit", 1000000);
1741     migrate_set_capability(from, "validate-uuid", true);
1742 
1743     /* Wait for the first serial output from the source */
1744     wait_for_serial("src_serial");
1745 
1746     migrate_qmp(from, uri, "{}");
1747 
1748     if (should_fail) {
1749         qtest_set_expected_status(to, EXIT_FAILURE);
1750         wait_for_migration_fail(from, true);
1751     } else {
1752         wait_for_migration_complete(from);
1753     }
1754 
1755     test_migrate_end(from, to, false);
1756 }
1757 
1758 static void test_validate_uuid(void)
1759 {
1760     MigrateStart args = {
1761         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
1762         .opts_target = "-uuid 11111111-1111-1111-1111-111111111111",
1763     };
1764 
1765     do_test_validate_uuid(&args, false);
1766 }
1767 
1768 static void test_validate_uuid_error(void)
1769 {
1770     MigrateStart args = {
1771         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
1772         .opts_target = "-uuid 22222222-2222-2222-2222-222222222222",
1773         .hide_stderr = true,
1774     };
1775 
1776     do_test_validate_uuid(&args, true);
1777 }
1778 
1779 static void test_validate_uuid_src_not_set(void)
1780 {
1781     MigrateStart args = {
1782         .opts_target = "-uuid 22222222-2222-2222-2222-222222222222",
1783         .hide_stderr = true,
1784     };
1785 
1786     do_test_validate_uuid(&args, false);
1787 }
1788 
1789 static void test_validate_uuid_dst_not_set(void)
1790 {
1791     MigrateStart args = {
1792         .opts_source = "-uuid 11111111-1111-1111-1111-111111111111",
1793         .hide_stderr = true,
1794     };
1795 
1796     do_test_validate_uuid(&args, false);
1797 }
1798 
1799 static void test_migrate_auto_converge(void)
1800 {
1801     g_autofree char *uri = g_strdup_printf("unix:%s/migsocket", tmpfs);
1802     MigrateStart args = {};
1803     QTestState *from, *to;
1804     int64_t percentage;
1805 
1806     /*
1807      * We want the test to be stable and as fast as possible.
1808      * E.g., with 1Gb/s bandwith migration may pass without throttling,
1809      * so we need to decrease a bandwidth.
1810      */
1811     const int64_t init_pct = 5, inc_pct = 25, max_pct = 95;
1812 
1813     if (test_migrate_start(&from, &to, uri, &args)) {
1814         return;
1815     }
1816 
1817     migrate_set_capability(from, "auto-converge", true);
1818     migrate_set_parameter_int(from, "cpu-throttle-initial", init_pct);
1819     migrate_set_parameter_int(from, "cpu-throttle-increment", inc_pct);
1820     migrate_set_parameter_int(from, "max-cpu-throttle", max_pct);
1821 
1822     /*
1823      * Set the initial parameters so that the migration could not converge
1824      * without throttling.
1825      */
1826     migrate_ensure_non_converge(from);
1827 
1828     /* To check remaining size after precopy */
1829     migrate_set_capability(from, "pause-before-switchover", true);
1830 
1831     /* Wait for the first serial output from the source */
1832     wait_for_serial("src_serial");
1833 
1834     migrate_qmp(from, uri, "{}");
1835 
1836     /* Wait for throttling begins */
1837     percentage = 0;
1838     do {
1839         percentage = read_migrate_property_int(from, "cpu-throttle-percentage");
1840         if (percentage != 0) {
1841             break;
1842         }
1843         usleep(20);
1844         g_assert_false(got_stop);
1845     } while (true);
1846     /* The first percentage of throttling should be at least init_pct */
1847     g_assert_cmpint(percentage, >=, init_pct);
1848     /* Now, when we tested that throttling works, let it converge */
1849     migrate_ensure_converge(from);
1850 
1851     /*
1852      * Wait for pre-switchover status to check last throttle percentage
1853      * and remaining. These values will be zeroed later
1854      */
1855     wait_for_migration_status(from, "pre-switchover", NULL);
1856 
1857     /* The final percentage of throttling shouldn't be greater than max_pct */
1858     percentage = read_migrate_property_int(from, "cpu-throttle-percentage");
1859     g_assert_cmpint(percentage, <=, max_pct);
1860     migrate_continue(from, "pre-switchover");
1861 
1862     qtest_qmp_eventwait(to, "RESUME");
1863 
1864     wait_for_serial("dest_serial");
1865     wait_for_migration_complete(from);
1866 
1867     test_migrate_end(from, to, true);
1868 }
1869 
1870 static void *
1871 test_migrate_precopy_tcp_multifd_start_common(QTestState *from,
1872                                               QTestState *to,
1873                                               const char *method)
1874 {
1875     QDict *rsp;
1876 
1877     migrate_set_parameter_int(from, "multifd-channels", 16);
1878     migrate_set_parameter_int(to, "multifd-channels", 16);
1879 
1880     migrate_set_parameter_str(from, "multifd-compression", method);
1881     migrate_set_parameter_str(to, "multifd-compression", method);
1882 
1883     migrate_set_capability(from, "multifd", true);
1884     migrate_set_capability(to, "multifd", true);
1885 
1886     /* Start incoming migration from the 1st socket */
1887     rsp = wait_command(to, "{ 'execute': 'migrate-incoming',"
1888                            "  'arguments': { 'uri': 'tcp:127.0.0.1:0' }}");
1889     qobject_unref(rsp);
1890 
1891     return NULL;
1892 }
1893 
1894 static void *
1895 test_migrate_precopy_tcp_multifd_start(QTestState *from,
1896                                        QTestState *to)
1897 {
1898     return test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
1899 }
1900 
1901 static void *
1902 test_migrate_precopy_tcp_multifd_zlib_start(QTestState *from,
1903                                             QTestState *to)
1904 {
1905     return test_migrate_precopy_tcp_multifd_start_common(from, to, "zlib");
1906 }
1907 
1908 #ifdef CONFIG_ZSTD
1909 static void *
1910 test_migrate_precopy_tcp_multifd_zstd_start(QTestState *from,
1911                                             QTestState *to)
1912 {
1913     return test_migrate_precopy_tcp_multifd_start_common(from, to, "zstd");
1914 }
1915 #endif /* CONFIG_ZSTD */
1916 
1917 static void test_multifd_tcp_none(void)
1918 {
1919     MigrateCommon args = {
1920         .listen_uri = "defer",
1921         .start_hook = test_migrate_precopy_tcp_multifd_start,
1922     };
1923     test_precopy_common(&args);
1924 }
1925 
1926 static void test_multifd_tcp_zlib(void)
1927 {
1928     MigrateCommon args = {
1929         .listen_uri = "defer",
1930         .start_hook = test_migrate_precopy_tcp_multifd_zlib_start,
1931     };
1932     test_precopy_common(&args);
1933 }
1934 
1935 #ifdef CONFIG_ZSTD
1936 static void test_multifd_tcp_zstd(void)
1937 {
1938     MigrateCommon args = {
1939         .listen_uri = "defer",
1940         .start_hook = test_migrate_precopy_tcp_multifd_zstd_start,
1941     };
1942     test_precopy_common(&args);
1943 }
1944 #endif
1945 
1946 #ifdef CONFIG_GNUTLS
1947 static void *
1948 test_migrate_multifd_tcp_tls_psk_start_match(QTestState *from,
1949                                              QTestState *to)
1950 {
1951     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
1952     return test_migrate_tls_psk_start_match(from, to);
1953 }
1954 
1955 static void *
1956 test_migrate_multifd_tcp_tls_psk_start_mismatch(QTestState *from,
1957                                                 QTestState *to)
1958 {
1959     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
1960     return test_migrate_tls_psk_start_mismatch(from, to);
1961 }
1962 
1963 #ifdef CONFIG_TASN1
1964 static void *
1965 test_migrate_multifd_tls_x509_start_default_host(QTestState *from,
1966                                                  QTestState *to)
1967 {
1968     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
1969     return test_migrate_tls_x509_start_default_host(from, to);
1970 }
1971 
1972 static void *
1973 test_migrate_multifd_tls_x509_start_override_host(QTestState *from,
1974                                                   QTestState *to)
1975 {
1976     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
1977     return test_migrate_tls_x509_start_override_host(from, to);
1978 }
1979 
1980 static void *
1981 test_migrate_multifd_tls_x509_start_mismatch_host(QTestState *from,
1982                                                   QTestState *to)
1983 {
1984     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
1985     return test_migrate_tls_x509_start_mismatch_host(from, to);
1986 }
1987 
1988 static void *
1989 test_migrate_multifd_tls_x509_start_allow_anon_client(QTestState *from,
1990                                                       QTestState *to)
1991 {
1992     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
1993     return test_migrate_tls_x509_start_allow_anon_client(from, to);
1994 }
1995 
1996 static void *
1997 test_migrate_multifd_tls_x509_start_reject_anon_client(QTestState *from,
1998                                                        QTestState *to)
1999 {
2000     test_migrate_precopy_tcp_multifd_start_common(from, to, "none");
2001     return test_migrate_tls_x509_start_reject_anon_client(from, to);
2002 }
2003 #endif /* CONFIG_TASN1 */
2004 
2005 static void test_multifd_tcp_tls_psk_match(void)
2006 {
2007     MigrateCommon args = {
2008         .listen_uri = "defer",
2009         .start_hook = test_migrate_multifd_tcp_tls_psk_start_match,
2010         .finish_hook = test_migrate_tls_psk_finish,
2011     };
2012     test_precopy_common(&args);
2013 }
2014 
2015 static void test_multifd_tcp_tls_psk_mismatch(void)
2016 {
2017     MigrateCommon args = {
2018         .start = {
2019             .hide_stderr = true,
2020         },
2021         .listen_uri = "defer",
2022         .start_hook = test_migrate_multifd_tcp_tls_psk_start_mismatch,
2023         .finish_hook = test_migrate_tls_psk_finish,
2024         .result = MIG_TEST_FAIL,
2025     };
2026     test_precopy_common(&args);
2027 }
2028 
2029 #ifdef CONFIG_TASN1
2030 static void test_multifd_tcp_tls_x509_default_host(void)
2031 {
2032     MigrateCommon args = {
2033         .listen_uri = "defer",
2034         .start_hook = test_migrate_multifd_tls_x509_start_default_host,
2035         .finish_hook = test_migrate_tls_x509_finish,
2036     };
2037     test_precopy_common(&args);
2038 }
2039 
2040 static void test_multifd_tcp_tls_x509_override_host(void)
2041 {
2042     MigrateCommon args = {
2043         .listen_uri = "defer",
2044         .start_hook = test_migrate_multifd_tls_x509_start_override_host,
2045         .finish_hook = test_migrate_tls_x509_finish,
2046     };
2047     test_precopy_common(&args);
2048 }
2049 
2050 static void test_multifd_tcp_tls_x509_mismatch_host(void)
2051 {
2052     /*
2053      * This has different behaviour to the non-multifd case.
2054      *
2055      * In non-multifd case when client aborts due to mismatched
2056      * cert host, the server has already started trying to load
2057      * migration state, and so it exits with I/O failure.
2058      *
2059      * In multifd case when client aborts due to mismatched
2060      * cert host, the server is still waiting for the other
2061      * multifd connections to arrive so hasn't started trying
2062      * to load migration state, and thus just aborts the migration
2063      * without exiting.
2064      */
2065     MigrateCommon args = {
2066         .start = {
2067             .hide_stderr = true,
2068         },
2069         .listen_uri = "defer",
2070         .start_hook = test_migrate_multifd_tls_x509_start_mismatch_host,
2071         .finish_hook = test_migrate_tls_x509_finish,
2072         .result = MIG_TEST_FAIL,
2073     };
2074     test_precopy_common(&args);
2075 }
2076 
2077 static void test_multifd_tcp_tls_x509_allow_anon_client(void)
2078 {
2079     MigrateCommon args = {
2080         .listen_uri = "defer",
2081         .start_hook = test_migrate_multifd_tls_x509_start_allow_anon_client,
2082         .finish_hook = test_migrate_tls_x509_finish,
2083     };
2084     test_precopy_common(&args);
2085 }
2086 
2087 static void test_multifd_tcp_tls_x509_reject_anon_client(void)
2088 {
2089     MigrateCommon args = {
2090         .start = {
2091             .hide_stderr = true,
2092         },
2093         .listen_uri = "defer",
2094         .start_hook = test_migrate_multifd_tls_x509_start_reject_anon_client,
2095         .finish_hook = test_migrate_tls_x509_finish,
2096         .result = MIG_TEST_FAIL,
2097     };
2098     test_precopy_common(&args);
2099 }
2100 #endif /* CONFIG_TASN1 */
2101 #endif /* CONFIG_GNUTLS */
2102 
2103 /*
2104  * This test does:
2105  *  source               target
2106  *                       migrate_incoming
2107  *     migrate
2108  *     migrate_cancel
2109  *                       launch another target
2110  *     migrate
2111  *
2112  *  And see that it works
2113  */
2114 static void test_multifd_tcp_cancel(void)
2115 {
2116     MigrateStart args = {
2117         .hide_stderr = true,
2118     };
2119     QTestState *from, *to, *to2;
2120     QDict *rsp;
2121     g_autofree char *uri = NULL;
2122 
2123     if (test_migrate_start(&from, &to, "defer", &args)) {
2124         return;
2125     }
2126 
2127     migrate_ensure_non_converge(from);
2128 
2129     migrate_set_parameter_int(from, "multifd-channels", 16);
2130     migrate_set_parameter_int(to, "multifd-channels", 16);
2131 
2132     migrate_set_capability(from, "multifd", true);
2133     migrate_set_capability(to, "multifd", true);
2134 
2135     /* Start incoming migration from the 1st socket */
2136     rsp = wait_command(to, "{ 'execute': 'migrate-incoming',"
2137                            "  'arguments': { 'uri': 'tcp:127.0.0.1:0' }}");
2138     qobject_unref(rsp);
2139 
2140     /* Wait for the first serial output from the source */
2141     wait_for_serial("src_serial");
2142 
2143     uri = migrate_get_socket_address(to, "socket-address");
2144 
2145     migrate_qmp(from, uri, "{}");
2146 
2147     wait_for_migration_pass(from);
2148 
2149     migrate_cancel(from);
2150 
2151     /* Make sure QEMU process "to" exited */
2152     qtest_set_expected_status(to, EXIT_FAILURE);
2153     qtest_wait_qemu(to);
2154 
2155     args = (MigrateStart){
2156         .only_target = true,
2157     };
2158 
2159     if (test_migrate_start(&from, &to2, "defer", &args)) {
2160         return;
2161     }
2162 
2163     migrate_set_parameter_int(to2, "multifd-channels", 16);
2164 
2165     migrate_set_capability(to2, "multifd", true);
2166 
2167     /* Start incoming migration from the 1st socket */
2168     rsp = wait_command(to2, "{ 'execute': 'migrate-incoming',"
2169                             "  'arguments': { 'uri': 'tcp:127.0.0.1:0' }}");
2170     qobject_unref(rsp);
2171 
2172     g_free(uri);
2173     uri = migrate_get_socket_address(to2, "socket-address");
2174 
2175     wait_for_migration_status(from, "cancelled", NULL);
2176 
2177     migrate_ensure_converge(from);
2178 
2179     migrate_qmp(from, uri, "{}");
2180 
2181     wait_for_migration_pass(from);
2182 
2183     if (!got_stop) {
2184         qtest_qmp_eventwait(from, "STOP");
2185     }
2186     qtest_qmp_eventwait(to2, "RESUME");
2187 
2188     wait_for_serial("dest_serial");
2189     wait_for_migration_complete(from);
2190     test_migrate_end(from, to2, true);
2191 }
2192 
2193 static void calc_dirty_rate(QTestState *who, uint64_t calc_time)
2194 {
2195     qobject_unref(qmp_command(who,
2196                   "{ 'execute': 'calc-dirty-rate',"
2197                   "'arguments': { "
2198                   "'calc-time': %" PRIu64 ","
2199                   "'mode': 'dirty-ring' }}",
2200                   calc_time));
2201 }
2202 
2203 static QDict *query_dirty_rate(QTestState *who)
2204 {
2205     return qmp_command(who, "{ 'execute': 'query-dirty-rate' }");
2206 }
2207 
2208 static void dirtylimit_set_all(QTestState *who, uint64_t dirtyrate)
2209 {
2210     qobject_unref(qmp_command(who,
2211                   "{ 'execute': 'set-vcpu-dirty-limit',"
2212                   "'arguments': { "
2213                   "'dirty-rate': %" PRIu64 " } }",
2214                   dirtyrate));
2215 }
2216 
2217 static void cancel_vcpu_dirty_limit(QTestState *who)
2218 {
2219     qobject_unref(qmp_command(who,
2220                   "{ 'execute': 'cancel-vcpu-dirty-limit' }"));
2221 }
2222 
2223 static QDict *query_vcpu_dirty_limit(QTestState *who)
2224 {
2225     QDict *rsp;
2226 
2227     rsp = qtest_qmp(who, "{ 'execute': 'query-vcpu-dirty-limit' }");
2228     g_assert(!qdict_haskey(rsp, "error"));
2229     g_assert(qdict_haskey(rsp, "return"));
2230 
2231     return rsp;
2232 }
2233 
2234 static bool calc_dirtyrate_ready(QTestState *who)
2235 {
2236     QDict *rsp_return;
2237     gchar *status;
2238 
2239     rsp_return = query_dirty_rate(who);
2240     g_assert(rsp_return);
2241 
2242     status = g_strdup(qdict_get_str(rsp_return, "status"));
2243     g_assert(status);
2244 
2245     return g_strcmp0(status, "measuring");
2246 }
2247 
2248 static void wait_for_calc_dirtyrate_complete(QTestState *who,
2249                                              int64_t time_s)
2250 {
2251     int max_try_count = 10000;
2252     usleep(time_s * 1000000);
2253 
2254     while (!calc_dirtyrate_ready(who) && max_try_count--) {
2255         usleep(1000);
2256     }
2257 
2258     /*
2259      * Set the timeout with 10 s(max_try_count * 1000us),
2260      * if dirtyrate measurement not complete, fail test.
2261      */
2262     g_assert_cmpint(max_try_count, !=, 0);
2263 }
2264 
2265 static int64_t get_dirty_rate(QTestState *who)
2266 {
2267     QDict *rsp_return;
2268     gchar *status;
2269     QList *rates;
2270     const QListEntry *entry;
2271     QDict *rate;
2272     int64_t dirtyrate;
2273 
2274     rsp_return = query_dirty_rate(who);
2275     g_assert(rsp_return);
2276 
2277     status = g_strdup(qdict_get_str(rsp_return, "status"));
2278     g_assert(status);
2279     g_assert_cmpstr(status, ==, "measured");
2280 
2281     rates = qdict_get_qlist(rsp_return, "vcpu-dirty-rate");
2282     g_assert(rates && !qlist_empty(rates));
2283 
2284     entry = qlist_first(rates);
2285     g_assert(entry);
2286 
2287     rate = qobject_to(QDict, qlist_entry_obj(entry));
2288     g_assert(rate);
2289 
2290     dirtyrate = qdict_get_try_int(rate, "dirty-rate", -1);
2291 
2292     qobject_unref(rsp_return);
2293     return dirtyrate;
2294 }
2295 
2296 static int64_t get_limit_rate(QTestState *who)
2297 {
2298     QDict *rsp_return;
2299     QList *rates;
2300     const QListEntry *entry;
2301     QDict *rate;
2302     int64_t dirtyrate;
2303 
2304     rsp_return = query_vcpu_dirty_limit(who);
2305     g_assert(rsp_return);
2306 
2307     rates = qdict_get_qlist(rsp_return, "return");
2308     g_assert(rates && !qlist_empty(rates));
2309 
2310     entry = qlist_first(rates);
2311     g_assert(entry);
2312 
2313     rate = qobject_to(QDict, qlist_entry_obj(entry));
2314     g_assert(rate);
2315 
2316     dirtyrate = qdict_get_try_int(rate, "limit-rate", -1);
2317 
2318     qobject_unref(rsp_return);
2319     return dirtyrate;
2320 }
2321 
2322 static QTestState *dirtylimit_start_vm(void)
2323 {
2324     QTestState *vm = NULL;
2325     g_autofree gchar *cmd = NULL;
2326     const char *arch = qtest_get_arch();
2327     g_autofree char *bootpath = NULL;
2328 
2329     assert((strcmp(arch, "x86_64") == 0));
2330     bootpath = g_strdup_printf("%s/bootsect", tmpfs);
2331     assert(sizeof(x86_bootsect) == 512);
2332     init_bootfile(bootpath, x86_bootsect, sizeof(x86_bootsect));
2333 
2334     cmd = g_strdup_printf("-accel kvm,dirty-ring-size=4096 "
2335                           "-name dirtylimit-test,debug-threads=on "
2336                           "-m 150M -smp 1 "
2337                           "-serial file:%s/vm_serial "
2338                           "-drive file=%s,format=raw ",
2339                           tmpfs, bootpath);
2340 
2341     vm = qtest_init(cmd);
2342     return vm;
2343 }
2344 
2345 static void dirtylimit_stop_vm(QTestState *vm)
2346 {
2347     qtest_quit(vm);
2348     cleanup("bootsect");
2349     cleanup("vm_serial");
2350 }
2351 
2352 static void test_vcpu_dirty_limit(void)
2353 {
2354     QTestState *vm;
2355     int64_t origin_rate;
2356     int64_t quota_rate;
2357     int64_t rate ;
2358     int max_try_count = 20;
2359     int hit = 0;
2360 
2361     /* Start vm for vcpu dirtylimit test */
2362     vm = dirtylimit_start_vm();
2363 
2364     /* Wait for the first serial output from the vm*/
2365     wait_for_serial("vm_serial");
2366 
2367     /* Do dirtyrate measurement with calc time equals 1s */
2368     calc_dirty_rate(vm, 1);
2369 
2370     /* Sleep calc time and wait for calc dirtyrate complete */
2371     wait_for_calc_dirtyrate_complete(vm, 1);
2372 
2373     /* Query original dirty page rate */
2374     origin_rate = get_dirty_rate(vm);
2375 
2376     /* VM booted from bootsect should dirty memory steadily */
2377     assert(origin_rate != 0);
2378 
2379     /* Setup quota dirty page rate at half of origin */
2380     quota_rate = origin_rate / 2;
2381 
2382     /* Set dirtylimit */
2383     dirtylimit_set_all(vm, quota_rate);
2384 
2385     /*
2386      * Check if set-vcpu-dirty-limit and query-vcpu-dirty-limit
2387      * works literally
2388      */
2389     g_assert_cmpint(quota_rate, ==, get_limit_rate(vm));
2390 
2391     /* Sleep a bit to check if it take effect */
2392     usleep(2000000);
2393 
2394     /*
2395      * Check if dirtylimit take effect realistically, set the
2396      * timeout with 20 s(max_try_count * 1s), if dirtylimit
2397      * doesn't take effect, fail test.
2398      */
2399     while (--max_try_count) {
2400         calc_dirty_rate(vm, 1);
2401         wait_for_calc_dirtyrate_complete(vm, 1);
2402         rate = get_dirty_rate(vm);
2403 
2404         /*
2405          * Assume hitting if current rate is less
2406          * than quota rate (within accepting error)
2407          */
2408         if (rate < (quota_rate + DIRTYLIMIT_TOLERANCE_RANGE)) {
2409             hit = 1;
2410             break;
2411         }
2412     }
2413 
2414     g_assert_cmpint(hit, ==, 1);
2415 
2416     hit = 0;
2417     max_try_count = 20;
2418 
2419     /* Check if dirtylimit cancellation take effect */
2420     cancel_vcpu_dirty_limit(vm);
2421     while (--max_try_count) {
2422         calc_dirty_rate(vm, 1);
2423         wait_for_calc_dirtyrate_complete(vm, 1);
2424         rate = get_dirty_rate(vm);
2425 
2426         /*
2427          * Assume dirtylimit be canceled if current rate is
2428          * greater than quota rate (within accepting error)
2429          */
2430         if (rate > (quota_rate + DIRTYLIMIT_TOLERANCE_RANGE)) {
2431             hit = 1;
2432             break;
2433         }
2434     }
2435 
2436     g_assert_cmpint(hit, ==, 1);
2437     dirtylimit_stop_vm(vm);
2438 }
2439 
2440 static bool kvm_dirty_ring_supported(void)
2441 {
2442 #if defined(__linux__) && defined(HOST_X86_64)
2443     int ret, kvm_fd = open("/dev/kvm", O_RDONLY);
2444 
2445     if (kvm_fd < 0) {
2446         return false;
2447     }
2448 
2449     ret = ioctl(kvm_fd, KVM_CHECK_EXTENSION, KVM_CAP_DIRTY_LOG_RING);
2450     close(kvm_fd);
2451 
2452     /* We test with 4096 slots */
2453     if (ret < 4096) {
2454         return false;
2455     }
2456 
2457     return true;
2458 #else
2459     return false;
2460 #endif
2461 }
2462 
2463 int main(int argc, char **argv)
2464 {
2465     const bool has_kvm = qtest_has_accel("kvm");
2466     const bool has_uffd = ufd_version_check();
2467     const char *arch = qtest_get_arch();
2468     g_autoptr(GError) err = NULL;
2469     int ret;
2470 
2471     g_test_init(&argc, &argv, NULL);
2472 
2473     /*
2474      * On ppc64, the test only works with kvm-hv, but not with kvm-pr and TCG
2475      * is touchy due to race conditions on dirty bits (especially on PPC for
2476      * some reason)
2477      */
2478     if (g_str_equal(arch, "ppc64") &&
2479         (!has_kvm || access("/sys/module/kvm_hv", F_OK))) {
2480         g_test_message("Skipping test: kvm_hv not available");
2481         return g_test_run();
2482     }
2483 
2484     /*
2485      * Similar to ppc64, s390x seems to be touchy with TCG, so disable it
2486      * there until the problems are resolved
2487      */
2488     if (g_str_equal(arch, "s390x") && !has_kvm) {
2489         g_test_message("Skipping test: s390x host with KVM is required");
2490         return g_test_run();
2491     }
2492 
2493     tmpfs = g_dir_make_tmp("migration-test-XXXXXX", &err);
2494     if (!tmpfs) {
2495         g_test_message("Can't create temporary directory in %s: %s",
2496                        g_get_tmp_dir(), err->message);
2497     }
2498     g_assert(tmpfs);
2499 
2500     module_call_init(MODULE_INIT_QOM);
2501 
2502     if (has_uffd) {
2503         qtest_add_func("/migration/postcopy/plain", test_postcopy);
2504         qtest_add_func("/migration/postcopy/recovery/plain",
2505                        test_postcopy_recovery);
2506         qtest_add_func("/migration/postcopy/preempt/plain", test_postcopy_preempt);
2507         qtest_add_func("/migration/postcopy/preempt/recovery/plain",
2508                        test_postcopy_preempt_recovery);
2509     }
2510 
2511     qtest_add_func("/migration/bad_dest", test_baddest);
2512     qtest_add_func("/migration/precopy/unix/plain", test_precopy_unix_plain);
2513     qtest_add_func("/migration/precopy/unix/xbzrle", test_precopy_unix_xbzrle);
2514 #ifdef CONFIG_GNUTLS
2515     qtest_add_func("/migration/precopy/unix/tls/psk",
2516                    test_precopy_unix_tls_psk);
2517 
2518     if (has_uffd) {
2519         /*
2520          * NOTE: psk test is enough for postcopy, as other types of TLS
2521          * channels are tested under precopy.  Here what we want to test is the
2522          * general postcopy path that has TLS channel enabled.
2523          */
2524         qtest_add_func("/migration/postcopy/tls/psk", test_postcopy_tls_psk);
2525         qtest_add_func("/migration/postcopy/recovery/tls/psk",
2526                        test_postcopy_recovery_tls_psk);
2527         qtest_add_func("/migration/postcopy/preempt/tls/psk",
2528                        test_postcopy_preempt_tls_psk);
2529         qtest_add_func("/migration/postcopy/preempt/recovery/tls/psk",
2530                        test_postcopy_preempt_all);
2531     }
2532 #ifdef CONFIG_TASN1
2533     qtest_add_func("/migration/precopy/unix/tls/x509/default-host",
2534                    test_precopy_unix_tls_x509_default_host);
2535     qtest_add_func("/migration/precopy/unix/tls/x509/override-host",
2536                    test_precopy_unix_tls_x509_override_host);
2537 #endif /* CONFIG_TASN1 */
2538 #endif /* CONFIG_GNUTLS */
2539 
2540     qtest_add_func("/migration/precopy/tcp/plain", test_precopy_tcp_plain);
2541 #ifdef CONFIG_GNUTLS
2542     qtest_add_func("/migration/precopy/tcp/tls/psk/match",
2543                    test_precopy_tcp_tls_psk_match);
2544     qtest_add_func("/migration/precopy/tcp/tls/psk/mismatch",
2545                    test_precopy_tcp_tls_psk_mismatch);
2546 #ifdef CONFIG_TASN1
2547     qtest_add_func("/migration/precopy/tcp/tls/x509/default-host",
2548                    test_precopy_tcp_tls_x509_default_host);
2549     qtest_add_func("/migration/precopy/tcp/tls/x509/override-host",
2550                    test_precopy_tcp_tls_x509_override_host);
2551     qtest_add_func("/migration/precopy/tcp/tls/x509/mismatch-host",
2552                    test_precopy_tcp_tls_x509_mismatch_host);
2553     qtest_add_func("/migration/precopy/tcp/tls/x509/friendly-client",
2554                    test_precopy_tcp_tls_x509_friendly_client);
2555     qtest_add_func("/migration/precopy/tcp/tls/x509/hostile-client",
2556                    test_precopy_tcp_tls_x509_hostile_client);
2557     qtest_add_func("/migration/precopy/tcp/tls/x509/allow-anon-client",
2558                    test_precopy_tcp_tls_x509_allow_anon_client);
2559     qtest_add_func("/migration/precopy/tcp/tls/x509/reject-anon-client",
2560                    test_precopy_tcp_tls_x509_reject_anon_client);
2561 #endif /* CONFIG_TASN1 */
2562 #endif /* CONFIG_GNUTLS */
2563 
2564     /* qtest_add_func("/migration/ignore_shared", test_ignore_shared); */
2565 #ifndef _WIN32
2566     qtest_add_func("/migration/fd_proto", test_migrate_fd_proto);
2567 #endif
2568     qtest_add_func("/migration/validate_uuid", test_validate_uuid);
2569     qtest_add_func("/migration/validate_uuid_error", test_validate_uuid_error);
2570     qtest_add_func("/migration/validate_uuid_src_not_set",
2571                    test_validate_uuid_src_not_set);
2572     qtest_add_func("/migration/validate_uuid_dst_not_set",
2573                    test_validate_uuid_dst_not_set);
2574 
2575     qtest_add_func("/migration/auto_converge", test_migrate_auto_converge);
2576     qtest_add_func("/migration/multifd/tcp/plain/none",
2577                    test_multifd_tcp_none);
2578     /*
2579      * This test is flaky and sometimes fails in CI and otherwise:
2580      * don't run unless user opts in via environment variable.
2581      */
2582     if (getenv("QEMU_TEST_FLAKY_TESTS")) {
2583         qtest_add_func("/migration/multifd/tcp/plain/cancel",
2584                        test_multifd_tcp_cancel);
2585     }
2586     qtest_add_func("/migration/multifd/tcp/plain/zlib",
2587                    test_multifd_tcp_zlib);
2588 #ifdef CONFIG_ZSTD
2589     qtest_add_func("/migration/multifd/tcp/plain/zstd",
2590                    test_multifd_tcp_zstd);
2591 #endif
2592 #ifdef CONFIG_GNUTLS
2593     qtest_add_func("/migration/multifd/tcp/tls/psk/match",
2594                    test_multifd_tcp_tls_psk_match);
2595     qtest_add_func("/migration/multifd/tcp/tls/psk/mismatch",
2596                    test_multifd_tcp_tls_psk_mismatch);
2597 #ifdef CONFIG_TASN1
2598     qtest_add_func("/migration/multifd/tcp/tls/x509/default-host",
2599                    test_multifd_tcp_tls_x509_default_host);
2600     qtest_add_func("/migration/multifd/tcp/tls/x509/override-host",
2601                    test_multifd_tcp_tls_x509_override_host);
2602     qtest_add_func("/migration/multifd/tcp/tls/x509/mismatch-host",
2603                    test_multifd_tcp_tls_x509_mismatch_host);
2604     qtest_add_func("/migration/multifd/tcp/tls/x509/allow-anon-client",
2605                    test_multifd_tcp_tls_x509_allow_anon_client);
2606     qtest_add_func("/migration/multifd/tcp/tls/x509/reject-anon-client",
2607                    test_multifd_tcp_tls_x509_reject_anon_client);
2608 #endif /* CONFIG_TASN1 */
2609 #endif /* CONFIG_GNUTLS */
2610 
2611     if (g_str_equal(arch, "x86_64") && has_kvm && kvm_dirty_ring_supported()) {
2612         qtest_add_func("/migration/dirty_ring",
2613                        test_precopy_unix_dirty_ring);
2614         qtest_add_func("/migration/vcpu_dirty_limit",
2615                        test_vcpu_dirty_limit);
2616     }
2617 
2618     ret = g_test_run();
2619 
2620     g_assert_cmpint(ret, ==, 0);
2621 
2622     ret = rmdir(tmpfs);
2623     if (ret != 0) {
2624         g_test_message("unable to rmdir: path (%s): %s",
2625                        tmpfs, strerror(errno));
2626     }
2627     g_free(tmpfs);
2628 
2629     return ret;
2630 }
2631