migration: Accept 'cont' only after successful incoming migration

When a 'cont' is issued on a VM that's just waiting for an incoming migration, the VM reboots and boots into the guest, possibly corrupting its storage since it could be shared with another VM running elsewhere. Ensure that a VM started with '-incoming' is only run when an incoming migration successfully completes. A new qerror, QERR_MIGRATION_EXPECTED, is added to signal that 'cont' failed due to no incoming migration has been attempted yet. Reported-by: Laine Stump <laine@redhat.com> Signed-off-by: Amit Shah <amit.shah@redhat.com> Reviewed-by: Luiz Capitulino <lcapitulino@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2025-12-18 05:28:36 -07:00 · 2010-07-27 15:49:19 +05:30 · 2010-07-27 15:49:19 +05:30 · 8e84865e54
commit 8e84865e54
parent 7899f799b7
6 changed files with 16 additions and 0 deletions
--- a/migration.c
+++ b/migration.c
@ -67,6 +67,8 @@ void process_incoming_migration(QEMUFile *f)
    qemu_announce_self();
    DPRINTF("successfully loaded vm state\n");

+    incoming_expected = false;
+
    if (autostart)
        vm_start();
 }