libvirt: Introduce virDomainGraphicsReload API

The new virDomainGraphicsReload API is used to make the domain reload
its certificates without restart, and avoid service interruption.

Currently, only QEMU VNC TLS certificates are supported, but
flags are also reserved for subsequent scenarios.

To reload QEMU VNC TLS certificates as an example, we can call:

  virDomainGraphicsReload(domain, 0, 0);

Then the specified QMP message would be send to QEMU:
{"execute": "display-reload", "arguments":{"type": "vnc", "tls-certs": true}}

Signed-off-by: Zheng Yan <yanzheng759@huawei.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

include/libvirt/libvirt-domain.h

@@ -6507,4 +6507,22 @@ int virDomainFDAssociate(virDomainPtr domain,
                          int *fds,
                          unsigned int flags);
 
+/**
+ * virDomainGraphicsReloadType:
+ *
+ * Since: 10.2.0
+ */
+typedef enum {
+    VIR_DOMAIN_GRAPHICS_RELOAD_TYPE_ANY = 0, /* reload any graphics known to libvirt (Since: 10.2.0) */
+    VIR_DOMAIN_GRAPHICS_RELOAD_TYPE_VNC = 1, /* reload vnc graphics (Since: 10.2.0) */
+# ifdef VIR_ENUM_SENTINELS
+    VIR_DOMAIN_GRAPHICS_RELOAD_TYPE_LAST /* (Since: 10.2.0) */
+# endif
+} virDomainGraphicsReloadType;
+
+int
+virDomainGraphicsReload(virDomainPtr domain,
+                        unsigned int type,
+                        unsigned int flags);
+
 #endif /* LIBVIRT_DOMAIN_H */

src/driver-hypervisor.h

@@ -1448,6 +1448,11 @@ typedef int
                            int *fds,
                            unsigned int flags);
 
+typedef int
+(*virDrvDomainGraphicsReload)(virDomainPtr domain,
+                              unsigned int type,
+                              unsigned int flags);
+
 typedef struct _virHypervisorDriver virHypervisorDriver;
 
 /**
@@ -1720,4 +1725,5 @@ struct _virHypervisorDriver {
     virDrvDomainGetMessages domainGetMessages;
     virDrvDomainStartDirtyRateCalc domainStartDirtyRateCalc;
     virDrvDomainFDAssociate domainFDAssociate;
+    virDrvDomainGraphicsReload domainGraphicsReload;
 };

src/libvirt-domain.c

@@ -14118,3 +14118,47 @@ virDomainFDAssociate(virDomainPtr domain,
     virDispatchError(conn);
     return -1;
 }
+
+
+/**
+ * virDomainGraphicsReload:
+ * @domain: a domain object
+ * @type: graphics type; from the virDomainGraphicsReloadType enum
+ * @flags: extra flags; not used yet, so callers should always pass 0
+ *
+ * Reload domain's graphics. This can be used to reload TLS certificates
+ * without restarting the domain.
+ *
+ * Returns 0 in case of success, -1 otherwise.
+ *
+ * Since: 10.2.0
+ */
+int
+virDomainGraphicsReload(virDomainPtr domain,
+                        unsigned int type,
+                        unsigned int flags)
+{
+    virConnectPtr conn;
+
+    VIR_DOMAIN_DEBUG(domain, "type=%u, flags=0x%x", type, flags);
+
+    virResetLastError();
+
+    virCheckDomainReturn(domain, -1);
+    conn = domain->conn;
+    virCheckReadOnlyGoto(conn->flags, error);
+
+    if (conn->driver->domainGraphicsReload) {
+        int ret;
+        ret = conn->driver->domainGraphicsReload(domain, type, flags);
+        if (ret < 0)
+            goto error;
+        return ret;
+    }
+
+    virReportUnsupportedError();
+
+ error:
+    virDispatchError(domain->conn);
+    return -1;
+}

src/libvirt_public.syms

@@ -943,4 +943,9 @@ LIBVIRT_10.1.0 {
         virNodeDeviceUpdate;
 } LIBVIRT_9.7.0;
 
+LIBVIRT_10.2.0 {
+    global:
+        virDomainGraphicsReload;
+} LIBVIRT_10.1.0;
+
 # .... define new API here using predicted next version number ....