From e4cbeca6c46350e7a861d496730a2ff65e5ccdb7 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Aug 06 2019 11:00:07 +0000 Subject: import virt-manager-1.5.0-7.el7 --- diff --git a/SOURCES/virt-manager-DomainCpu-check-CPU-model-name-only-if-model-exists.patch b/SOURCES/virt-manager-DomainCpu-check-CPU-model-name-only-if-model-exists.patch new file mode 100644 index 0000000..345e345 --- /dev/null +++ b/SOURCES/virt-manager-DomainCpu-check-CPU-model-name-only-if-model-exists.patch @@ -0,0 +1,62 @@ +From a16ceb9e3e2e7b34d6759df275839f75e74a539d Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Wed, 10 Apr 2019 20:36:31 +0200 +Subject: [PATCH] DomainCpu: check CPU model name only if model exists + +For CPU modes other then "custom" there is no model so we should not +check the suffix of model name. + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +(cherry picked from commit c1ebd6730cb25b57124fad6c4030345356703320) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + tests/xmlparse.py | 4 ++++ + virtinst/cpu.py | 9 +++++---- + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/tests/xmlparse.py b/tests/xmlparse.py +index a387c026..93379b80 100644 +--- a/tests/xmlparse.py ++++ b/tests/xmlparse.py +@@ -326,8 +326,12 @@ class XMLParseTest(unittest.TestCase): + check = self._make_checker(guest.cpu) + check("mode", "host-passthrough", "custom") + check("mode", "custom", "host-model") ++ guest.cpu.check_security_features(guest) ++ check("secure", False) + guest.cpu.set_model(guest, "qemu64") + check("model", "qemu64") ++ guest.cpu.check_security_features(guest) ++ check("secure", False) + + self._alter_compare(guest.get_xml_config(), outfile) + +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index ebe34449..5529196b 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -158,10 +158,11 @@ class CPU(XMLBuilder): + return + + guestFeatures = [f.name for f in self.features if f.policy == "require"] +- if self.model.endswith("IBRS"): +- guestFeatures.append("spec-ctrl") +- if self.model.endswith("IBPB"): +- guestFeatures.append("ibpb") ++ if self.model: ++ if self.model.endswith("IBRS"): ++ guestFeatures.append("spec-ctrl") ++ if self.model.endswith("IBPB"): ++ guestFeatures.append("ibpb") + + self.secure = set(features) <= set(guestFeatures) + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-DomainCpu-fix-detection-of-CPU-security-features.patch b/SOURCES/virt-manager-DomainCpu-fix-detection-of-CPU-security-features.patch new file mode 100644 index 0000000..aa8d73a --- /dev/null +++ b/SOURCES/virt-manager-DomainCpu-fix-detection-of-CPU-security-features.patch @@ -0,0 +1,57 @@ +From a6380fb8faccbd58188d3f5c93553a2e625bf29d Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Tue, 9 Apr 2019 13:13:46 +0200 +Subject: [PATCH] DomainCpu: fix detection of CPU security features + +VM configured with mode="host-model" will have the CPU definition +expanded once the VM is started. Libvirt will try to use the closest +CPU model with some features enabled/disabled. + +The issue is that there are some models that include spec-ctrl or ibpb +features and they will not appear in the explicit list of features and +virt-manager will not correctly detect if all security features are +enabled or not. As a workaround we can check the suffix of CPU model to +figure out which security features are enabled by the model itself. + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 291f2ef21486cb54aadd40f07052aedfebef3792) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtinst/cpu.py | 16 +++++++--------- + 1 file changed, 7 insertions(+), 9 deletions(-) + +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index c76f06e8..ebe34449 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -157,15 +157,13 @@ class CPU(XMLBuilder): + self.secure = False + return + +- for feature in features: +- exists = False +- for f in self.features: +- if f.name == feature and f.policy == "require": +- exists = True +- break +- if not exists: +- self.secure = False +- return ++ guestFeatures = [f.name for f in self.features if f.policy == "require"] ++ if self.model.endswith("IBRS"): ++ guestFeatures.append("spec-ctrl") ++ if self.model.endswith("IBPB"): ++ guestFeatures.append("ibpb") ++ ++ self.secure = set(features) <= set(guestFeatures) + + def _remove_security_features(self, guest): + domcaps = guest.lookup_domcaps() +-- +2.20.1 + diff --git a/SOURCES/virt-manager-cli-Drop-clear_attr-property.patch b/SOURCES/virt-manager-cli-Drop-clear_attr-property.patch new file mode 100644 index 0000000..2665129 --- /dev/null +++ b/SOURCES/virt-manager-cli-Drop-clear_attr-property.patch @@ -0,0 +1,251 @@ +From 47900382a546f810d1b18d3db9806d63cc03f1d1 Mon Sep 17 00:00:00 2001 +Message-Id: <47900382a546f810d1b18d3db9806d63cc03f1d1@dist-git> +From: Pavel Hrdina +Date: Wed, 21 Mar 2018 05:32:36 -0400 +Subject: [PATCH] cli: Drop clear_attr property + +From: Cole Robinson + +It slightly complicates the generic machinery, and the one usage we +can handle directly + +(cherry picked from commit 3b88bfb1ee81f5e8c39a1a95e99c28acbd778402) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1550513 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + .../virt-install-singleton-config-2.xml | 4 +- + tests/clitest.py | 2 +- + virt-xml | 17 +--- + virtinst/cli.py | 80 +++++++++---------- + 4 files changed, 44 insertions(+), 59 deletions(-) + +diff --git a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml +index b25d8c60..16f15894 100644 +--- a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml ++++ b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml +@@ -119,7 +119,7 @@ + + + +- /usr/bin/qemu-kvm ++ /new/emu + + + +@@ -287,7 +287,7 @@ + + + +- /usr/bin/qemu-kvm ++ /new/emu + + + +diff --git a/tests/clitest.py b/tests/clitest.py +index a6d995fe..b869ef55 100644 +--- a/tests/clitest.py ++++ b/tests/clitest.py +@@ -432,7 +432,7 @@ cell1.distances.sibling1.id=1,cell1.distances.sibling1.value=10,\ + cache.mode=emulate,cache.level=3 \ + --cputune vcpupin0.vcpu=0,vcpupin0.cpuset=0-3 \ + --metadata title=my-title,description=my-description,uuid=00000000-1111-2222-3333-444444444444 \ +---boot cdrom,fd,hd,network,menu=off,loader=/foo/bar \ ++--boot cdrom,fd,hd,network,menu=off,loader=/foo/bar,emulator=/new/emu \ + --idmap uid_start=0,uid_target=1000,uid_count=10,gid_start=0,gid_target=1000,gid_count=10 \ + --security type=static,label='system_u:object_r:svirt_image_t:s0:c100,c200',relabel=yes \ + --numatune 1-3,4,mode=strict \ +diff --git a/virt-xml b/virt-xml +index b7d78fe2..314e068d 100755 +--- a/virt-xml ++++ b/virt-xml +@@ -221,22 +221,13 @@ def action_remove_device(guest, options, parserclass): + + + def action_build_xml(conn, options, parserclass): +- guest = virtinst.Guest(conn) +- ret_inst = None +- inst = None +- +- if parserclass.objclass: +- inst = parserclass.objclass(conn) +- elif parserclass.clear_attr: +- ret_inst = getattr(guest, parserclass.clear_attr) +- else: ++ if not parserclass.objclass: + fail(_("--build-xml not supported for --%s") % + parserclass.cli_arg_name) + +- ret = cli.parse_option_strings(options, guest, inst) +- if ret_inst: +- return ret_inst +- return ret ++ guest = virtinst.Guest(conn) ++ inst = parserclass.objclass(conn) ++ return cli.parse_option_strings(options, guest, inst) + + + def setup_device(dev): +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 0d9d0044..71cba4cf 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -1074,10 +1074,6 @@ class VirtCLIParser(object): + @support_cb: An extra support check function for further validation. + Called before the virtinst object is altered. Take arguments + (inst, attrname, cliname) +- @clear_attr: If the user requests to clear the XML (--disk clearxml), +- this is the property name we grab from inst to actually clear +- (so 'security' to get guest.security). If it's True, then +- clear inst (in the case of devices) + @cli_arg_name: The command line argument this maps to, so + "hostdev" for --hostdev + """ +@@ -1085,7 +1081,6 @@ class VirtCLIParser(object): + remove_first = None + stub_none = True + support_cb = None +- clear_attr = None + cli_arg_name = None + _virtargs = [] + +@@ -1120,16 +1115,12 @@ class VirtCLIParser(object): + """ + Callback that handles virt-xml clearxml=yes|no magic + """ +- if not self.objclass and not self.clear_attr: ++ if not self.objclass: + raise RuntimeError("Don't know how to clearxml --%s" % + self.cli_arg_name) + if val is not True: + return + +- clear_inst = inst +- if self.clear_attr: +- clear_inst = getattr(inst, self.clear_attr) +- + # If there's any opts remaining, leave the root stub element + # in place with leave_stub=True, so virt-xml updates are done + # in place. +@@ -1139,7 +1130,7 @@ class VirtCLIParser(object): + # a stub in place, so that it gets model=foo in place, + # otherwise the newly created cpu block gets appended to the + # end of the domain XML, which gives an ugly diff +- clear_inst.clear(leave_stub="," in self.optstr) ++ inst.clear(leave_stub=("," in self.optstr)) + + def _make_find_inst_cb(self, cliarg, objpropname, objaddfn): + """ +@@ -1651,26 +1642,29 @@ ParserVCPU.add_arg("vcpu_placement", "placement") + + class ParserBoot(VirtCLIParser): + cli_arg_name = "boot" +- clear_attr = "os" ++ objclass = OSXML + +- def set_uefi(self, inst, val, virtarg): +- ignore = virtarg +- ignore = val +- inst.set_uefi_default() ++ def set_uefi_cb(self, inst, val, virtarg): ++ self.guest.set_uefi_default() + + def set_initargs_cb(self, inst, val, virtarg): +- inst.os.set_initargs_string(val) ++ inst.set_initargs_string(val) + + def set_smbios_mode_cb(self, inst, val, virtarg): +- inst.os.smbios_mode = val ++ inst.smbios_mode = val + self.optdict["smbios_mode"] = val + + def set_loader_secure_cb(self, inst, val, virtarg): + if not inst.conn.check_support(inst.conn.SUPPORT_DOMAIN_LOADER_SECURE): + raise RuntimeError("secure attribute for loader is not supported " + "by libvirt.") +- inst.os.loader_secure = val +- return val ++ inst.loader_secure = val ++ ++ def set_domain_type_cb(self, inst, val, virtarg): ++ self.guest.type = val ++ ++ def set_emulator_cb(self, inst, val, virtarg): ++ self.guest.emulator = val + + def noset_cb(self, inst, val, virtarg): + pass +@@ -1679,7 +1673,7 @@ class ParserBoot(VirtCLIParser): + # Build boot order + boot_order = [] + for cliname in self.optdict.keys(): +- if cliname not in inst.os.BOOT_DEVICES: ++ if cliname not in inst.BOOT_DEVICES: + continue + + del(self.optdict[cliname]) +@@ -1687,37 +1681,37 @@ class ParserBoot(VirtCLIParser): + boot_order.append(cliname) + + if boot_order: +- inst.os.bootorder = boot_order ++ inst.bootorder = boot_order + + VirtCLIParser._parse(self, inst) + + + _register_virt_parser(ParserBoot) + # UEFI depends on these bits, so set them first +-ParserBoot.add_arg("os.arch", "arch") +-ParserBoot.add_arg("type", "domain_type") +-ParserBoot.add_arg("os.os_type", "os_type") +-ParserBoot.add_arg("emulator", "emulator") +-ParserBoot.add_arg(None, "uefi", cb=ParserBoot.set_uefi, is_novalue=True) ++ParserBoot.add_arg("arch", "arch") ++ParserBoot.add_arg(None, "domain_type", cb=ParserBoot.set_domain_type_cb) ++ParserBoot.add_arg("os_type", "os_type") ++ParserBoot.add_arg(None, "emulator", cb=ParserBoot.set_emulator_cb) ++ParserBoot.add_arg(None, "uefi", cb=ParserBoot.set_uefi_cb, is_novalue=True) + +-ParserBoot.add_arg("os.useserial", "useserial", is_onoff=True) +-ParserBoot.add_arg("os.enable_bootmenu", "menu", is_onoff=True) +-ParserBoot.add_arg("os.kernel", "kernel") +-ParserBoot.add_arg("os.initrd", "initrd") +-ParserBoot.add_arg("os.dtb", "dtb") +-ParserBoot.add_arg("os.loader", "loader") +-ParserBoot.add_arg("os.loader_ro", "loader_ro", is_onoff=True) +-ParserBoot.add_arg("os.loader_type", "loader_type") +-ParserBoot.add_arg("os.loader_secure", "loader_secure", is_onoff=True, ++ParserBoot.add_arg("useserial", "useserial", is_onoff=True) ++ParserBoot.add_arg("enable_bootmenu", "menu", is_onoff=True) ++ParserBoot.add_arg("kernel", "kernel") ++ParserBoot.add_arg("initrd", "initrd") ++ParserBoot.add_arg("dtb", "dtb") ++ParserBoot.add_arg("loader", "loader") ++ParserBoot.add_arg("loader_ro", "loader_ro", is_onoff=True) ++ParserBoot.add_arg("loader_type", "loader_type") ++ParserBoot.add_arg("loader_secure", "loader_secure", is_onoff=True, + cb=ParserBoot.set_loader_secure_cb) +-ParserBoot.add_arg("os.nvram", "nvram") +-ParserBoot.add_arg("os.nvram_template", "nvram_template") +-ParserBoot.add_arg("os.kernel_args", "kernel_args", ++ParserBoot.add_arg("nvram", "nvram") ++ParserBoot.add_arg("nvram_template", "nvram_template") ++ParserBoot.add_arg("kernel_args", "kernel_args", + aliases=["extra_args"], can_comma=True) +-ParserBoot.add_arg("os.init", "init") +-ParserBoot.add_arg("os.machine", "machine") +-ParserBoot.add_arg("os.initargs", "initargs", cb=ParserBoot.set_initargs_cb) +-ParserBoot.add_arg("os.smbios_mode", "smbios_mode") ++ParserBoot.add_arg("init", "init") ++ParserBoot.add_arg("machine", "machine") ++ParserBoot.add_arg("initargs", "initargs", cb=ParserBoot.set_initargs_cb) ++ParserBoot.add_arg("smbios_mode", "smbios_mode") + + # This is simply so the boot options are advertised with --boot help, + # actual processing is handled by _parse +-- +2.20.1 + diff --git a/SOURCES/virt-manager-cli-Fix-boot-smbios_mode-sysinfo-bz-1570549.patch b/SOURCES/virt-manager-cli-Fix-boot-smbios_mode-sysinfo-bz-1570549.patch new file mode 100644 index 0000000..55dcb09 --- /dev/null +++ b/SOURCES/virt-manager-cli-Fix-boot-smbios_mode-sysinfo-bz-1570549.patch @@ -0,0 +1,75 @@ +From 09c6a76a22823bac28a3ec1dabc58756272d7a84 Mon Sep 17 00:00:00 2001 +Message-Id: <09c6a76a22823bac28a3ec1dabc58756272d7a84@dist-git> +From: Pavel Hrdina +Date: Tue, 24 Apr 2018 12:26:08 -0400 +Subject: [PATCH] cli: Fix --boot smbios_mode=sysinfo (bz 1570549) + +From: Cole Robinson + +Not sure how this was expected to work, just make it do the simple +thing and set the value in the XML. Add a test case for it + +(cherry picked from commit a33ac920405c5d315e18c8dda65076bde1da92ae) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1570549 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + .../compare/virt-install-singleton-config-1.xml | 1 + + tests/clitest.py | 2 +- + virtinst/cli.py | 6 +----- + 3 files changed, 3 insertions(+), 6 deletions(-) + +diff --git a/tests/cli-test-xml/compare/virt-install-singleton-config-1.xml b/tests/cli-test-xml/compare/virt-install-singleton-config-1.xml +index 40041451..f5229edd 100644 +--- a/tests/cli-test-xml/compare/virt-install-singleton-config-1.xml ++++ b/tests/cli-test-xml/compare/virt-install-singleton-config-1.xml +@@ -18,6 +18,7 @@ + hvm + /usr/share/OVMF/OVMF_CODE.fd + ++ + + + +diff --git a/tests/clitest.py b/tests/clitest.py +index 5e000194..2288f0aa 100644 +--- a/tests/clitest.py ++++ b/tests/clitest.py +@@ -391,7 +391,7 @@ c.add_compare(""" \ + --vcpus 4 --cpuset=1,3-5 \ + --cpu host-copy \ + --description \"foobar & baz\" \ +---boot uefi \ ++--boot uefi,smbios_mode=emulate \ + --security type=dynamic \ + --security type=none,model=dac \ + --numatune 1,2,3,5-7,^6 \ +diff --git a/virtinst/cli.py b/virtinst/cli.py +index c282b993..0d9d0044 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -1662,9 +1662,6 @@ class ParserBoot(VirtCLIParser): + inst.os.set_initargs_string(val) + + def set_smbios_mode_cb(self, inst, val, virtarg): +- if not val.startswith("emulate") and not val.startswith("host"): +- inst.sysinfo.parse(val) +- val = "sysinfo" + inst.os.smbios_mode = val + self.optdict["smbios_mode"] = val + +@@ -1720,8 +1717,7 @@ ParserBoot.add_arg("os.kernel_args", "kernel_args", + ParserBoot.add_arg("os.init", "init") + ParserBoot.add_arg("os.machine", "machine") + ParserBoot.add_arg("os.initargs", "initargs", cb=ParserBoot.set_initargs_cb) +-ParserBoot.add_arg("os.smbios_mode", "smbios_mode", +- can_comma=True, cb=ParserBoot.set_smbios_mode_cb) ++ParserBoot.add_arg("os.smbios_mode", "smbios_mode") + + # This is simply so the boot options are advertised with --boot help, + # actual processing is handled by _parse +-- +2.20.1 + diff --git a/SOURCES/virt-manager-cli-Fix-pool-default-when-path-belongs-to-another-pool-bz-1692489.patch b/SOURCES/virt-manager-cli-Fix-pool-default-when-path-belongs-to-another-pool-bz-1692489.patch new file mode 100644 index 0000000..0620d13 --- /dev/null +++ b/SOURCES/virt-manager-cli-Fix-pool-default-when-path-belongs-to-another-pool-bz-1692489.patch @@ -0,0 +1,47 @@ +From ed11328d558f746585d21c8da827cba6298f3ace Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Tue, 26 Mar 2019 10:44:58 -0400 +Subject: [PATCH] cli: Fix pool=default when path belongs to another pool (bz + 1692489) + +From: Cole Robinson + +Using 'virt-install --disk size=X' implicitly uses pool=default. If +a pool named 'default' exists we use that; if not, and a pool using +the default path exists under a different name, we attempt to use +that as well, and if that doesn't exist, we create pool=default + +The second case is broken, so if there's no pool=default and eg. +pool=FOO points to /var/lib/libvirt/images, we still attempt to +look up pool=default which understandably fails + +https://bugzilla.redhat.com/show_bug.cgi?id=1692489 +(cherry picked from commit a0ca387aad0fde19683aa8b5b5636add6455b8b4) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1711806 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtinst/cli.py | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 2cd86ca6..55314d56 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -2075,7 +2075,9 @@ class ParserDisk(VirtCLIParser): + poolobj = None + if poolname: + if poolname == "default": +- StoragePool.build_default_pool(self.guest.conn) ++ poolxml = StoragePool.build_default_pool(self.guest.conn) ++ if poolxml: ++ poolname = poolxml.name + poolobj = self.guest.conn.storagePoolLookupByName(poolname) + + if volname: +-- +2.21.0 + diff --git a/SOURCES/virt-manager-cli-fix-cpu-secure-option-to-actually-work.patch b/SOURCES/virt-manager-cli-fix-cpu-secure-option-to-actually-work.patch new file mode 100644 index 0000000..094418b --- /dev/null +++ b/SOURCES/virt-manager-cli-fix-cpu-secure-option-to-actually-work.patch @@ -0,0 +1,41 @@ +From c32c8f3cfd9d02abd2034ed0035165faf8386c9d Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Wed, 22 May 2019 14:10:36 +0200 +Subject: [PATCH] cli: fix cpu secure option to actually work + +The 'secure' option is processed after the model is already set. +CPU security options are resolved while setting CPU model so we need +to know the 'secure' option value before we set the CPU model. + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 06c2f873972fd4c60a57c8b8f07fe3cec4ddfcf4) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtinst/cli.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 4adfd3af..2cd86ca6 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -1528,11 +1528,11 @@ class ParserCPU(VirtCLIParser): + + + _register_virt_parser(ParserCPU) ++ParserCPU.add_arg("secure", "secure", is_onoff=True) + ParserCPU.add_arg(None, "model", cb=ParserCPU.set_model_cb) + ParserCPU.add_arg("mode", "mode") + ParserCPU.add_arg("match", "match") + ParserCPU.add_arg("vendor", "vendor") +-ParserCPU.add_arg("secure", "secure", is_onoff=True) + + ParserCPU.add_arg(None, "force", is_list=True, cb=ParserCPU.set_feature_cb) + ParserCPU.add_arg(None, "require", is_list=True, cb=ParserCPU.set_feature_cb) +-- +2.21.0 + diff --git a/SOURCES/virt-manager-cli-fix-sysinfo-type-parsing.patch b/SOURCES/virt-manager-cli-fix-sysinfo-type-parsing.patch new file mode 100644 index 0000000..abf4cbf --- /dev/null +++ b/SOURCES/virt-manager-cli-fix-sysinfo-type-parsing.patch @@ -0,0 +1,54 @@ +From 495c36309fb0d056449ca843fea9a0ff46f29233 Mon Sep 17 00:00:00 2001 +Message-Id: <495c36309fb0d056449ca843fea9a0ff46f29233@dist-git> +From: Pavel Hrdina +Date: Tue, 14 May 2019 14:00:18 +0200 +Subject: [PATCH] cli: fix sysinfo type parsing + +If the optstr is "host" or "emulate" the optdict['type'] was already set +to the proper value so that condition is useless and we should set the +default optdict['type'] only if there was no type specified by user, +otherwise it is overwrite by our 'smbios' default. + +In addition if invalid type is specified let libvirt to do the error +checking. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1707379 + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 897578aee2c22cb2aae66cb23cfd8cc8b79c11c5) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1707380 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtinst/cli.py | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 31678591..4adfd3af 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -1857,7 +1857,7 @@ class ParserSYSInfo(VirtCLIParser): + self.guest.os.smbios_mode = "sysinfo" + inst.type = val + else: +- fail(_("Unknown sysinfo flag '%s'") % val) ++ inst.type = val + + def set_uuid_cb(self, inst, val, virtarg): + # If a uuid is supplied it must match the guest UUID. This would be +@@ -1868,9 +1868,7 @@ class ParserSYSInfo(VirtCLIParser): + self.guest.uuid = val + + def _parse(self, inst): +- if self.optstr == "host" or self.optstr == "emulate": +- self.optdict['type'] = self.optstr +- elif self.optstr: ++ if self.optstr and 'type' not in self.optdict: + # If any string specified, default to type=smbios otherwise + # libvirt errors. User args can still override this though + self.optdict['type'] = 'smbios' +-- +2.21.0 + diff --git a/SOURCES/virt-manager-cli-fix-typos-in-virt-install-help-output.patch b/SOURCES/virt-manager-cli-fix-typos-in-virt-install-help-output.patch new file mode 100644 index 0000000..661c97e --- /dev/null +++ b/SOURCES/virt-manager-cli-fix-typos-in-virt-install-help-output.patch @@ -0,0 +1,34 @@ +From e0b86324f8fc701bdc9b3d0b9ec2608d89c48a05 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Tue, 15 Jan 2019 14:47:01 +0100 +Subject: [PATCH] cli: fix typos in virt-install --help output + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1533015 + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 14033113a495a7ed1b95e6a22f79c75cdd6a0463) +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtinst/cli.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 2a736aa9..c282b993 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -611,8 +611,8 @@ def vcpu_cli_options(grp, backcompat=True, editexample=False): + grp.add_argument("--vcpus", + help=_("Number of vcpus to configure for your guest. Ex:\n" + "--vcpus 5\n" +- "--vcpus 5,maxcpus=10,cpuset=1-4,6,8\n" +- "--vcpus sockets=2,cores=4,threads=2,")) ++ "--vcpus 5,maxvcpus=10,cpuset=1-4,6,8\n" ++ "--vcpus sockets=2,cores=4,threads=2")) + + extramsg = "--cpu host" + if editexample: +-- +2.20.1 + diff --git a/SOURCES/virt-manager-cli-introduce-CPU-secure-parameter.patch b/SOURCES/virt-manager-cli-introduce-CPU-secure-parameter.patch new file mode 100644 index 0000000..ce8808a --- /dev/null +++ b/SOURCES/virt-manager-cli-introduce-CPU-secure-parameter.patch @@ -0,0 +1,203 @@ +From 6ad26e9c4702cd1732e7d8ee8c9b9e9d6ba37678 Mon Sep 17 00:00:00 2001 +Message-Id: <6ad26e9c4702cd1732e7d8ee8c9b9e9d6ba37678@dist-git> +From: Pavel Hrdina +Date: Fri, 29 Mar 2019 10:59:25 +0100 +Subject: [PATCH] cli: introduce CPU secure parameter +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This will allow users to override the default behavior of virt-install +which copies CPU security features available on the host to the guest +XML if specific CPU model is configured. + +Signed-off-by: Pavel Hrdina +Reviewed-by: Daniel P. Berrangé +(cherry picked from commit 22342ef7ee526f8a5b5a65266363c33c70c8be43) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + man/virt-install.pod | 11 ++- + .../compare/virt-install-cpu-disable-sec.xml | 93 +++++++++++++++++++ + tests/clitest.py | 1 + + virtinst/cli.py | 1 + + virtinst/cpu.py | 7 +- + 5 files changed, 111 insertions(+), 2 deletions(-) + create mode 100644 tests/cli-test-xml/compare/virt-install-cpu-disable-sec.xml + +diff --git a/man/virt-install.pod b/man/virt-install.pod +index b57316c2..d90c2b8e 100644 +--- a/man/virt-install.pod ++++ b/man/virt-install.pod +@@ -215,7 +215,16 @@ required value is MODEL, which is a valid CPU model as known to libvirt. + + Libvirt's feature policy values force, require, optional, disable, or forbid, + or with the shorthand '+feature' and '-feature', which equal 'force=feature' +-and 'disable=feature' respectively ++and 'disable=feature' respectively. ++ ++If exact CPU model is specified virt-install will automatically copy CPU ++features available on the host to mitigate recent CPU speculative execution ++side channel security vulnerabilities. This however will have some impact ++on performance and will break migration to hosts without security patches. ++In order to control this behavior there is a B parameter. Possible ++values are I and I, with I as the default. It is highly ++recommended to leave this enabled and ensure all virtualization hosts have ++fully up to date microcode, kernel & virtualization software installed. + + Some examples: + +diff --git a/tests/cli-test-xml/compare/virt-install-cpu-disable-sec.xml b/tests/cli-test-xml/compare/virt-install-cpu-disable-sec.xml +new file mode 100644 +index 00000000..a86d6926 +--- /dev/null ++++ b/tests/cli-test-xml/compare/virt-install-cpu-disable-sec.xml +@@ -0,0 +1,93 @@ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ ++ qemu64 ++ ++ ++ ++ ++ ++ ++ destroy ++ ++ ++ ++ ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ ++ qemu64 ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +diff --git a/tests/clitest.py b/tests/clitest.py +index b869ef55..c6ae68f3 100644 +--- a/tests/clitest.py ++++ b/tests/clitest.py +@@ -610,6 +610,7 @@ c.add_valid("--security label=foobar.label,a1,z2,b3") # --security static with + c.add_compare("--cpuset auto --vcpus 2", "cpuset-auto") # --cpuset=auto actually works + c.add_invalid("--clock foo_tickpolicy=merge") # Unknown timer + c.add_invalid("--security foobar") # Busted --security ++c.add_compare("--connect " + utils.uri_kvm_q35 + " --cpu qemu64,secure=off", "cpu-disable-sec") # disable security features that are added by default + + + +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 9baad9d4..31678591 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -1532,6 +1532,7 @@ ParserCPU.add_arg(None, "model", cb=ParserCPU.set_model_cb) + ParserCPU.add_arg("mode", "mode") + ParserCPU.add_arg("match", "match") + ParserCPU.add_arg("vendor", "vendor") ++ParserCPU.add_arg("secure", "secure", is_onoff=True) + + ParserCPU.add_arg(None, "force", is_list=True, cb=ParserCPU.set_feature_cb) + ParserCPU.add_arg(None, "require", is_list=True, cb=ParserCPU.set_feature_cb) +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index 7d6d57a3..4776f90e 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -87,6 +87,8 @@ class CPU(XMLBuilder): + _XML_PROP_ORDER = ["mode", "match", "model", "vendor", + "sockets", "cores", "threads", "features"] + ++ secure = True ++ + special_mode_was_set = False + # These values are exposed on the command line, so are stable API + SPECIAL_MODE_HOST_MODEL_ONLY = "host-model-only" +@@ -149,7 +151,10 @@ class CPU(XMLBuilder): + self.mode = "custom" + if not self.match: + self.match = "exact" +- self._add_security_features(guest) ++ if self.secure: ++ self._add_security_features(guest) ++ else: ++ self._remove_security_features(guest) + self.model = val + + def add_feature(self, name, policy="require"): +-- +2.20.1 + diff --git a/SOURCES/virt-manager-clone-Fix-inverted-nonsparse-check.patch b/SOURCES/virt-manager-clone-Fix-inverted-nonsparse-check.patch new file mode 100644 index 0000000..0a43a0e --- /dev/null +++ b/SOURCES/virt-manager-clone-Fix-inverted-nonsparse-check.patch @@ -0,0 +1,58 @@ +From a271e4c0e4415a179c26aa62ef8492fd6a2424f5 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Mon, 13 May 2019 10:29:23 -0400 +Subject: [PATCH] clone: Fix inverted --nonsparse check + +From: Cole Robinson + +I botched 4f66c423f7 and inverted the sparse check, meaning --nonsparse +on the command line would actually request a sparse image. Fix it + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1675743 +(cherry picked from commit 622a363e5bd19491bbf84ec35c6bfdaf8b54ae9a) +Signed-off-by: Cole Robinson +Reviewed-by: Pavel Hrdina +--- + tests/clone-xml/cross-pool-disks-out.xml | 4 ++-- + virtinst/cloner.py | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tests/clone-xml/cross-pool-disks-out.xml b/tests/clone-xml/cross-pool-disks-out.xml +index 6093e240..260f321c 100644 +--- a/tests/clone-xml/cross-pool-disks-out.xml ++++ b/tests/clone-xml/cross-pool-disks-out.xml +@@ -1,7 +1,7 @@ + + new1.img + 1000000 +- 1000000 ++ 50000 + + + +@@ -12,7 +12,7 @@ + + new2.img + 1000000 +- 1000000 ++ 50000 + + + +diff --git a/virtinst/cloner.py b/virtinst/cloner.py +index 3ce44b15..6d1196d9 100644 +--- a/virtinst/cloner.py ++++ b/virtinst/cloner.py +@@ -348,7 +348,7 @@ class Cloner(object): + vol_install.input_vol = orig_disk.get_vol_object() + vol_install.sync_input_vol(only_format=True) + +- if self.clone_sparse: ++ if not self.clone_sparse: + vol_install.allocation = vol_install.capacity + vol_install.reflink = self.reflink + clone_disk.set_vol_install(vol_install) +-- +2.21.0 + diff --git a/SOURCES/virt-manager-cloner-Handle-nonsparse-for-qcow2-images.patch b/SOURCES/virt-manager-cloner-Handle-nonsparse-for-qcow2-images.patch new file mode 100644 index 0000000..b403746 --- /dev/null +++ b/SOURCES/virt-manager-cloner-Handle-nonsparse-for-qcow2-images.patch @@ -0,0 +1,72 @@ +From 38fb59d22011f606116691bf3ca5ac15bca3a8bd Mon Sep 17 00:00:00 2001 +Message-Id: <38fb59d22011f606116691bf3ca5ac15bca3a8bd@dist-git> +From: Pavel Hrdina +Date: Thu, 2 May 2019 08:40:52 -0400 +Subject: [PATCH] cloner: Handle --nonsparse for qcow2 images + +From: Cole Robinson + +(cherry picked from commit 4f66c423f7833e270b61536d53a0772ce1242abc) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1675743 + +Signed-off-by: Cole Robinson +--- + tests/clone-xml/cross-pool-disks-out.xml | 4 ++-- + virtinst/cloner.py | 2 ++ + virtinst/storage.py | 4 ++++ + 3 files changed, 8 insertions(+), 2 deletions(-) + +diff --git a/tests/clone-xml/cross-pool-disks-out.xml b/tests/clone-xml/cross-pool-disks-out.xml +index 260f321c..6093e240 100644 +--- a/tests/clone-xml/cross-pool-disks-out.xml ++++ b/tests/clone-xml/cross-pool-disks-out.xml +@@ -1,7 +1,7 @@ + + new1.img + 1000000 +- 50000 ++ 1000000 + + + +@@ -12,7 +12,7 @@ + + new2.img + 1000000 +- 50000 ++ 1000000 + + + +diff --git a/virtinst/cloner.py b/virtinst/cloner.py +index d54c3f85..3ce44b15 100644 +--- a/virtinst/cloner.py ++++ b/virtinst/cloner.py +@@ -348,6 +348,8 @@ class Cloner(object): + vol_install.input_vol = orig_disk.get_vol_object() + vol_install.sync_input_vol(only_format=True) + ++ if self.clone_sparse: ++ vol_install.allocation = vol_install.capacity + vol_install.reflink = self.reflink + clone_disk.set_vol_install(vol_install) + elif orig_disk.path: +diff --git a/virtinst/storage.py b/virtinst/storage.py +index 9966401a..89ae84f6 100644 +--- a/virtinst/storage.py ++++ b/virtinst/storage.py +@@ -835,6 +835,10 @@ class StorageVolume(_StorageObject): + self.conn.check_support( + self.conn.SUPPORT_POOL_METADATA_PREALLOC, self.pool)): + createflags |= libvirt.VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA ++ if self.capacity == self.allocation: ++ # For cloning, this flag will make libvirt+qemu-img preallocate ++ # the new disk image ++ cloneflags |= libvirt.VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA + + if self.reflink: + cloneflags |= getattr(libvirt, +-- +2.21.0 + diff --git a/SOURCES/virt-manager-cloner-don-t-fail-to-clone-VM-if-nvram-file-doesn-t-exist.patch b/SOURCES/virt-manager-cloner-don-t-fail-to-clone-VM-if-nvram-file-doesn-t-exist.patch new file mode 100644 index 0000000..ad5b9f7 --- /dev/null +++ b/SOURCES/virt-manager-cloner-don-t-fail-to-clone-VM-if-nvram-file-doesn-t-exist.patch @@ -0,0 +1,141 @@ +From 6d6b0823f64d94726d03880400247ded280c7116 Mon Sep 17 00:00:00 2001 +Message-Id: <6d6b0823f64d94726d03880400247ded280c7116@dist-git> +From: Pavel Hrdina +Date: Thu, 28 Mar 2019 14:27:04 +0100 +Subject: [PATCH] cloner: don't fail to clone VM if nvram file doesn't exist + +If a VM is defined and never started the nvram file might not exist and +in that case it's created by libvirt automatically on the first start. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1679018 + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 986097d5f8e7a62d2aa6edd4596302d4e0af4175) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1679021 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + tests/clone-xml/nvram-missing-in.xml | 23 +++++++++++++++++++++++ + tests/clone-xml/nvram-missing-out.xml | 23 +++++++++++++++++++++++ + tests/clonetest.py | 3 +++ + virtinst/cloner.py | 18 +++++++++--------- + 4 files changed, 58 insertions(+), 9 deletions(-) + create mode 100644 tests/clone-xml/nvram-missing-in.xml + create mode 100644 tests/clone-xml/nvram-missing-out.xml + +diff --git a/tests/clone-xml/nvram-missing-in.xml b/tests/clone-xml/nvram-missing-in.xml +new file mode 100644 +index 00000000..fcbce533 +--- /dev/null ++++ b/tests/clone-xml/nvram-missing-in.xml +@@ -0,0 +1,23 @@ ++ ++ clone-orig ++ aaa3ae22-fed2-bfbd-ac02-3bea3bcfad82 ++ 262144 ++ 262144 ++ 1 ++ ++ hvm ++ ++ /usr/share/ovmf/ovmf-efi.fd ++ /nvram/clone-orig-missing_VARS.fd ++ ++ ++ ++ ++ ++ destroy ++ restart ++ destroy ++ ++ /usr/bin/qemu-kvm ++ ++ +diff --git a/tests/clone-xml/nvram-missing-out.xml b/tests/clone-xml/nvram-missing-out.xml +new file mode 100644 +index 00000000..c59eaea8 +--- /dev/null ++++ b/tests/clone-xml/nvram-missing-out.xml +@@ -0,0 +1,23 @@ ++ ++ clone-new ++ 12345678-1234-1234-1234-123456789012 ++ 262144 ++ 262144 ++ 1 ++ ++ hvm ++ ++ /usr/share/ovmf/ovmf-efi.fd ++ /nvram/clone-new_VARS.fd ++ ++ ++ ++ ++ ++ destroy ++ restart ++ destroy ++ ++ /usr/bin/qemu-kvm ++ ++ +diff --git a/tests/clonetest.py b/tests/clonetest.py +index 5fd51e73..c09133ca 100644 +--- a/tests/clonetest.py ++++ b/tests/clonetest.py +@@ -188,6 +188,9 @@ class TestClone(unittest.TestCase): + base = "nvram-newpool" + self._clone_helper(base) + ++ def testCloneNvramMissing(self): ++ self._clone_helper("nvram-missing") ++ + def testCloneGraphicsPassword(self): + base = "graphics-password" + self._clone_helper(base) +diff --git a/virtinst/cloner.py b/virtinst/cloner.py +index 632c3cbf..d54c3f85 100644 +--- a/virtinst/cloner.py ++++ b/virtinst/cloner.py +@@ -362,16 +362,15 @@ class Cloner(object): + self.clone_nvram = os.path.join(nvram_dir, + "%s_VARS.fd" % self._clone_name) + ++ old_nvram = VirtualDisk(self.conn) ++ old_nvram.path = self._guest.os.nvram ++ + nvram = VirtualDisk(self.conn) + nvram.path = self.clone_nvram ++ + if (not self.preserve_dest_disks and +- nvram.wants_storage_creation()): +- +- old_nvram = VirtualDisk(self.conn) +- old_nvram.path = self._guest.os.nvram +- if not old_nvram.get_vol_object(): +- raise RuntimeError(_("Path does not exist: %s") % +- old_nvram.path) ++ nvram.wants_storage_creation() and ++ old_nvram.get_vol_object()): + + nvram_install = VirtualDisk.build_vol_install( + self.conn, os.path.basename(nvram.path), +@@ -381,8 +380,9 @@ class Cloner(object): + nvram_install.reflink = self.reflink + nvram.set_vol_install(nvram_install) + +- nvram.validate() +- self._nvram_disk = nvram ++ nvram.validate() ++ self._nvram_disk = nvram ++ + self._guest.os.nvram = nvram.path + + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-cpu-Have-host-copy-use-domcaps-if-qemu-is-new-enough-bz-1637767.patch b/SOURCES/virt-manager-cpu-Have-host-copy-use-domcaps-if-qemu-is-new-enough-bz-1637767.patch new file mode 100644 index 0000000..48b023c --- /dev/null +++ b/SOURCES/virt-manager-cpu-Have-host-copy-use-domcaps-if-qemu-is-new-enough-bz-1637767.patch @@ -0,0 +1,352 @@ +From 83eb392c410394be09c234d74bba44eb9ade9331 Mon Sep 17 00:00:00 2001 +Message-Id: <83eb392c410394be09c234d74bba44eb9ade9331@dist-git> +From: Pavel Hrdina +Date: Sat, 13 Oct 2018 17:47:31 -0400 +Subject: [PATCH] cpu: Have host-copy use domcaps if qemu is new enough (bz + 1637767) + +From: Cole Robinson + +capabilities is known problematic. Use domcaps if libvirt+qemu +reports working host-model + +https://bugzilla.redhat.com/show_bug.cgi?id=1637767 +(cherry picked from commit b051b6c95d8adca7f7ec6a8d582e62d6427d28e3) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Conflicts: + - _XML_ROOT_NAME is renamed to XML_NAME in upstream + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + .../virt-install-kvm-hostcopy-fallback.xml | 157 ++++++++++++++++++ + .../virt-install-singleton-config-1.xml | 16 +- + tests/clitest.py | 3 +- + tests/xmlparse.py | 2 +- + virtinst/cpu.py | 30 +++- + virtinst/domcapabilities.py | 12 +- + 6 files changed, 207 insertions(+), 13 deletions(-) + create mode 100644 tests/cli-test-xml/compare/virt-install-kvm-hostcopy-fallback.xml + +diff --git a/tests/cli-test-xml/compare/virt-install-kvm-hostcopy-fallback.xml b/tests/cli-test-xml/compare/virt-install-kvm-hostcopy-fallback.xml +new file mode 100644 +index 00000000..7ca064e2 +--- /dev/null ++++ b/tests/cli-test-xml/compare/virt-install-kvm-hostcopy-fallback.xml +@@ -0,0 +1,157 @@ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ ++ ++ Opteron_G4 ++ AMD ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ destroy ++ ++ ++ ++ ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ ++ ++ Opteron_G4 ++ AMD ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +diff --git a/tests/cli-test-xml/compare/virt-install-singleton-config-1.xml b/tests/cli-test-xml/compare/virt-install-singleton-config-1.xml +index fc22e0ac..40041451 100644 +--- a/tests/cli-test-xml/compare/virt-install-singleton-config-1.xml ++++ b/tests/cli-test-xml/compare/virt-install-singleton-config-1.xml +@@ -23,7 +23,21 @@ + + + +- ++ ++ Broadwell ++ Intel ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +diff --git a/tests/clitest.py b/tests/clitest.py +index 23d4f109..eb608769 100644 +--- a/tests/clitest.py ++++ b/tests/clitest.py +@@ -389,7 +389,7 @@ c = vinst.add_category("xml-comparsion", "--connect %(URI-KVM)s --noautoconsole + c.add_compare(""" \ + --memory 1024 \ + --vcpus 4 --cpuset=1,3-5 \ +---cpu host \ ++--cpu host-copy \ + --description \"foobar & baz\" \ + --boot uefi \ + --security type=dynamic \ +@@ -806,6 +806,7 @@ c.add_compare("--disk none --location nfs:example.com/fake --nonetworks", "locat + c.add_compare("--disk %(EXISTIMG1)s --pxe --os-variant rhel6.4", "kvm-rhel6") # RHEL6 defaults + c.add_compare("--disk %(EXISTIMG1)s --pxe --os-variant rhel7.0", "kvm-rhel7") # RHEL7 defaults + c.add_compare("--connect " + utils.uri_kvm_nodomcaps + " --disk %(EXISTIMG1)s --pxe --os-variant rhel7.0", "kvm-cpu-default-fallback") # No domcaps, so mode=host-model isn't safe, so we fallback to host-model-only ++c.add_compare("--connect " + utils.uri_kvm_nodomcaps + " --cpu host-copy --disk none --pxe", "kvm-hostcopy-fallback") # No domcaps so need to use capabilities for CPU host-copy + c.add_compare("--disk %(EXISTIMG1)s --pxe --os-variant centos7.0", "kvm-centos7") # Centos 7 defaults + c.add_compare("--os-variant win7 --cdrom %(EXISTIMG2)s --boot loader_type=pflash,loader=CODE.fd,nvram_template=VARS.fd --disk %(EXISTIMG1)s", "win7-uefi") # no HYPER-V with UEFI + c.add_compare("--machine q35 --cdrom %(EXISTIMG2)s --disk %(EXISTIMG1)s", "q35-defaults") # proper q35 disk defaults +diff --git a/tests/xmlparse.py b/tests/xmlparse.py +index 35b237ea..e7d291f3 100644 +--- a/tests/xmlparse.py ++++ b/tests/xmlparse.py +@@ -1362,7 +1362,7 @@ class XMLParseTest(unittest.TestCase): + outfile = "tests/xmlparse-xml/%s-out.xml" % basename + guest = virtinst.Guest(kvmconn, parsexml=open(infile).read()) + +- guest.cpu.copy_host_cpu() ++ guest.cpu.copy_host_cpu(guest) + guest.cpu.clear() + utils.diff_compare(guest.get_xml_config(), outfile) + +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index 356df206..f109445c 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -118,7 +118,7 @@ class CPU(XMLBuilder): + self.remove_feature(f) + self.mode = val + elif val == self.SPECIAL_MODE_HOST_COPY: +- self.copy_host_cpu() ++ self.copy_host_cpu(guest) + elif (val == self.SPECIAL_MODE_HV_DEFAULT or + val == self.SPECIAL_MODE_CLEAR): + self.clear() +@@ -154,24 +154,36 @@ class CPU(XMLBuilder): + self.add_child(obj) + return obj + +- def copy_host_cpu(self): ++ def copy_host_cpu(self, guest): + """ +- Enact the equivalent of qemu -cpu host, pulling all info +- from capabilities about the host CPU ++ Try to manually mimic host-model, copying all the info ++ preferably out of domcapabilities, but capabilities as fallback. + """ +- cpu = self.conn.caps.host.cpu +- if not cpu.model: +- raise ValueError(_("No host CPU reported in capabilities")) ++ domcaps = guest.lookup_domcaps() ++ if domcaps.supports_safe_host_model(): ++ logging.debug("Using domcaps for host-copy") ++ cpu = domcaps.cpu.get_mode("host-model") ++ model = cpu.models[0].model ++ fallback = cpu.models[0].fallback ++ else: ++ cpu = self.conn.caps.host.cpu ++ model = cpu.model ++ fallback = None ++ if not model: ++ raise ValueError(_("No host CPU reported in capabilities")) + + self.mode = "custom" + self.match = "exact" +- self.model = cpu.model ++ self.model = model ++ if fallback: ++ self.model_fallback = fallback + self.vendor = cpu.vendor + + for feature in self.features: + self.remove_feature(feature) + for feature in cpu.features: +- self.add_feature(feature.name) ++ policy = getattr(feature, "policy", "require") ++ self.add_feature(feature.name, policy) + + def vcpus_from_topology(self): + """ +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index 7d7e2af7..ddc8b17c 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -80,19 +80,29 @@ class _CPUModel(XMLBuilder): + _XML_ROOT_NAME = "model" + model = XMLProperty(".") + usable = XMLProperty("./@usable", is_yesno=True) ++ fallback = XMLProperty("./@fallback") ++ ++ ++class _CPUFeature(XMLBuilder): ++ _XML_ROOT_NAME = "feature" ++ name = XMLProperty("./@name") ++ policy = XMLProperty("./@policy") + + + class _CPUMode(XMLBuilder): + _XML_ROOT_NAME = "mode" + name = XMLProperty("./@name") + supported = XMLProperty("./@supported", is_yesno=True) ++ vendor = XMLProperty("./vendor") ++ + models = XMLChildProperty(_CPUModel) +- + def get_model(self, name): + for model in self.models: + if model.model == name: + return model + ++ features = XMLChildProperty(_CPUFeature) ++ + + class _CPU(XMLBuilder): + _XML_ROOT_NAME = "cpu" +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domain-cpu-Add-set_defaults.patch b/SOURCES/virt-manager-domain-cpu-Add-set_defaults.patch new file mode 100644 index 0000000..3491131 --- /dev/null +++ b/SOURCES/virt-manager-domain-cpu-Add-set_defaults.patch @@ -0,0 +1,170 @@ +From d7fed0afad5f17449d1a9efb7e7fd35a4941cfaf Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Sun, 2 Sep 2018 11:38:12 -0400 +Subject: [PATCH] domain: cpu: Add set_defaults + +From: Cole Robinson + +(cherry picked from commit 4e7652b5484e8318cf360f0ae197c3e63975e602) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Conflicts: + - get_xml_config is renamed to get_xml in upstream + + - guest._os_object is renamed to guest.osinfo in upstream + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtinst/cpu.py | 58 +++++++++++++++++++++++++++++++++++++++++++++++ + virtinst/guest.py | 52 +----------------------------------------- + 2 files changed, 59 insertions(+), 51 deletions(-) + +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index 70ea5647..1b8f4a96 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -17,6 +17,9 @@ + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + # MA 02110-1301 USA. + ++import logging ++ ++from .domcapabilities import DomainCapabilities + from .xmlbuilder import XMLBuilder, XMLProperty, XMLChildProperty + + +@@ -228,3 +231,58 @@ class CPU(XMLBuilder): + sockets = XMLProperty("./topology/@sockets", is_int=True) + cores = XMLProperty("./topology/@cores", is_int=True) + threads = XMLProperty("./topology/@threads", is_int=True) ++ ++ ++ ################## ++ # Default config # ++ ################## ++ ++ def _set_cpu_x86_kvm_default(self, guest): ++ if guest.os.arch != self.conn.caps.host.cpu.arch: ++ return ++ ++ self.set_special_mode(guest.x86_cpu_default) ++ if guest.x86_cpu_default != self.SPECIAL_MODE_HOST_MODEL_ONLY: ++ return ++ if not self.model: ++ return ++ ++ # It's possible that the value HOST_MODEL_ONLY gets from ++ # is not actually supported by qemu/kvm ++ # combo which will be reported in ++ domcaps = DomainCapabilities.build_from_guest(guest) ++ domcaps_mode = domcaps.cpu.get_mode("custom") ++ if not domcaps_mode: ++ return ++ ++ cpu_model = domcaps_mode.get_model(self.model) ++ if cpu_model and cpu_model.usable: ++ return ++ ++ logging.debug("Host capabilities CPU '%s' is not supported " ++ "according to domain capabilities. Unsetting CPU model", ++ self.model) ++ self.model = None ++ ++ def set_defaults(self, guest): ++ self.set_topology_defaults(guest.vcpus) ++ ++ if not self.conn.is_test() and not self.conn.is_qemu(): ++ return ++ if (self.get_xml_config().strip() or ++ self.special_mode_was_set): ++ # User already configured CPU ++ return ++ ++ if guest.os.is_arm_machvirt() and guest.type == "kvm": ++ self.mode = self.SPECIAL_MODE_HOST_PASSTHROUGH ++ ++ elif guest.os.is_arm64() and guest.os.is_arm_machvirt(): ++ # -M virt defaults to a 32bit CPU, even if using aarch64 ++ self.model = "cortex-a57" ++ ++ elif guest.os.is_x86() and guest.type == "kvm": ++ self._set_cpu_x86_kvm_default(guest) ++ ++ if guest._os_object.broken_x2apic(): ++ self.add_feature("x2apic", policy="disable") +diff --git a/virtinst/guest.py b/virtinst/guest.py +index bede9e86..6bf1b59a 100644 +--- a/virtinst/guest.py ++++ b/virtinst/guest.py +@@ -785,7 +785,7 @@ class Guest(XMLBuilder): + + self._set_clock_defaults() + self._set_emulator_defaults() +- self._set_cpu_defaults() ++ self.cpu.set_defaults(self) + self._set_feature_defaults() + self._set_pm_defaults() + +@@ -880,56 +880,6 @@ class Guest(XMLBuilder): + else: + self.emulator = "/usr/lib/xen/bin/qemu-dm" + +- def _set_cpu_x86_kvm_default(self): +- if self.os.arch != self.conn.caps.host.cpu.arch: +- return +- +- self.cpu.set_special_mode(self.x86_cpu_default) +- if self.x86_cpu_default != self.cpu.SPECIAL_MODE_HOST_MODEL_ONLY: +- return +- if not self.cpu.model: +- return +- +- # It's possible that the value HOST_MODEL_ONLY gets from +- # is not actually supported by qemu/kvm +- # combo which will be reported in +- domcaps = DomainCapabilities.build_from_guest(self) +- domcaps_mode = domcaps.cpu.get_mode("custom") +- if not domcaps_mode: +- return +- +- cpu_model = domcaps_mode.get_model(self.cpu.model) +- if cpu_model and cpu_model.usable: +- return +- +- logging.debug("Host capabilities CPU '%s' is not supported " +- "according to domain capabilities. Unsetting CPU model", +- self.cpu.model) +- self.cpu.model = None +- +- def _set_cpu_defaults(self): +- self.cpu.set_topology_defaults(self.vcpus) +- +- if not self.conn.is_test() and not self.conn.is_qemu(): +- return +- if (self.cpu.get_xml_config().strip() or +- self.cpu.special_mode_was_set): +- # User already configured CPU +- return +- +- if self.os.is_arm_machvirt() and self.type == "kvm": +- self.cpu.mode = self.cpu.SPECIAL_MODE_HOST_PASSTHROUGH +- +- elif self.os.is_arm64() and self.os.is_arm_machvirt(): +- # -M virt defaults to a 32bit CPU, even if using aarch64 +- self.cpu.model = "cortex-a57" +- +- elif self.os.is_x86() and self.type == "kvm": +- self._set_cpu_x86_kvm_default() +- +- if self._os_object.broken_x2apic(): +- self.cpu.add_feature("x2apic", policy="disable") +- + def _hyperv_supported(self): + if (self.os.loader_type == "pflash" and + self.os_variant in ("win2k8r2", "win7")): +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domain-cpu-automatically-add-CPU-security-features-for-custom-mode.patch b/SOURCES/virt-manager-domain-cpu-automatically-add-CPU-security-features-for-custom-mode.patch new file mode 100644 index 0000000..f63436b --- /dev/null +++ b/SOURCES/virt-manager-domain-cpu-automatically-add-CPU-security-features-for-custom-mode.patch @@ -0,0 +1,178 @@ +From 7ffbc6879bfcec4880214c3b473d8ab7625ff214 Mon Sep 17 00:00:00 2001 +Message-Id: <7ffbc6879bfcec4880214c3b473d8ab7625ff214@dist-git> +From: Pavel Hrdina +Date: Thu, 14 Mar 2019 10:48:21 +0100 +Subject: [PATCH] domain: cpu: automatically add CPU security features for + "custom" mode + +If user selects specific CPU model to be configured for guest we will +automatically add CPU security features to make sure that the guest is +not vulnerable to these CPU HW bugs. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +(cherry picked from commit fb5136a6a9457894ff1e24a1f9d5f0af0a8e8bd1) +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + .../compare/virt-install-qemu-plain.xml | 2 ++ + .../virt-install-singleton-config-2.xml | 4 ++++ + tests/xmlparse.py | 6 +++--- + virtManager/domain.py | 2 +- + virtinst/cli.py | 2 +- + virtinst/cpu.py | 20 +++++++++++++++---- + 6 files changed, 27 insertions(+), 9 deletions(-) + +diff --git a/tests/cli-test-xml/compare/virt-install-qemu-plain.xml b/tests/cli-test-xml/compare/virt-install-qemu-plain.xml +index 3273e0e4..80674eb4 100644 +--- a/tests/cli-test-xml/compare/virt-install-qemu-plain.xml ++++ b/tests/cli-test-xml/compare/virt-install-qemu-plain.xml +@@ -15,6 +15,8 @@ + + + Penryn ++ ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml +index 16f15894..d03ba5c8 100644 +--- a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml ++++ b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml +@@ -83,6 +83,8 @@ + foobar + meee + ++ ++ + + + +@@ -251,6 +253,8 @@ + foobar + meee + ++ ++ + + + +diff --git a/tests/xmlparse.py b/tests/xmlparse.py +index 279b1dc1..a387c026 100644 +--- a/tests/xmlparse.py ++++ b/tests/xmlparse.py +@@ -169,7 +169,7 @@ class XMLParseTest(unittest.TestCase): + + check = self._make_checker(guest.cpu) + check("match", "exact", "strict") +- guest.cpu.set_model("qemu64") ++ guest.cpu.set_model(guest, "qemu64") + check("model", "qemu64") + check("vendor", "Intel", "qemuvendor") + check("threads", 2, 1) +@@ -264,7 +264,7 @@ class XMLParseTest(unittest.TestCase): + + check = self._make_checker(guest.cpu) + check("model", None) +- guest.cpu.set_model("foobar") ++ guest.cpu.set_model(guest, "foobar") + check("model", "foobar") + check("model_fallback", None, "allow") + check("cores", None, 4) +@@ -326,7 +326,7 @@ class XMLParseTest(unittest.TestCase): + check = self._make_checker(guest.cpu) + check("mode", "host-passthrough", "custom") + check("mode", "custom", "host-model") +- guest.cpu.set_model("qemu64") ++ guest.cpu.set_model(guest, "qemu64") + check("model", "qemu64") + + self._alter_compare(guest.get_xml_config(), outfile) +diff --git a/virtManager/domain.py b/virtManager/domain.py +index 2426383a..7c1f511d 100644 +--- a/virtManager/domain.py ++++ b/virtManager/domain.py +@@ -665,7 +665,7 @@ class vmmDomain(vmmLibvirtObject): + if model in guest.cpu.SPECIAL_MODES: + guest.cpu.set_special_mode(guest, model) + else: +- guest.cpu.set_model(model) ++ guest.cpu.set_model(guest, model) + self._redefine_xmlobj(guest) + + def define_memory(self, memory=_SENTINEL, maxmem=_SENTINEL): +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 1a3df401..9baad9d4 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -1477,7 +1477,7 @@ class ParserCPU(VirtCLIParser): + if val in inst.SPECIAL_MODES: + inst.set_special_mode(self.guest, val) + else: +- inst.set_model(val) ++ inst.set_model(self.guest, val) + + def set_feature_cb(self, inst, val, virtarg): + policy = virtarg.cliname +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index 85cedb31..7d6d57a3 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -125,19 +125,31 @@ class CPU(XMLBuilder): + elif val == self.SPECIAL_MODE_HOST_MODEL_ONLY: + if self.conn.caps.host.cpu.model: + self.clear() +- self.set_model(self.conn.caps.host.cpu.model) ++ self.set_model(guest, self.conn.caps.host.cpu.model) + else: + raise RuntimeError("programming error: unknown " + "special cpu mode '%s'" % val) + + self.special_mode_was_set = True + +- def set_model(self, val): ++ def _add_security_features(self, guest): ++ domcaps = guest.lookup_domcaps() ++ for feature in domcaps.get_cpu_security_features(): ++ exists = False ++ for f in self.features: ++ if f.name == feature: ++ exists = True ++ break ++ if not exists: ++ self.add_feature(feature) ++ ++ def set_model(self, guest, val): + logging.debug("setting cpu model %s", val) + if val: + self.mode = "custom" + if not self.match: + self.match = "exact" ++ self._add_security_features(guest) + self.model = val + + def add_feature(self, name, policy="require"): +@@ -182,7 +194,7 @@ class CPU(XMLBuilder): + + self.mode = "custom" + self.match = "exact" +- self.set_model(model) ++ self.set_model(guest, model) + if fallback: + self.model_fallback = fallback + self.vendor = cpu.vendor +@@ -306,7 +318,7 @@ class CPU(XMLBuilder): + + elif guest.os.is_arm64() and guest.os.is_arm_machvirt(): + # -M virt defaults to a 32bit CPU, even if using aarch64 +- self.set_model("cortex-a57") ++ self.set_model(guest, "cortex-a57") + + elif guest.os.is_x86() and guest.type == "kvm": + self._set_cpu_x86_kvm_default(guest) +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domain-cpu-introduce-set_model-function.patch b/SOURCES/virt-manager-domain-cpu-introduce-set_model-function.patch new file mode 100644 index 0000000..ded5092 --- /dev/null +++ b/SOURCES/virt-manager-domain-cpu-introduce-set_model-function.patch @@ -0,0 +1,149 @@ +From 661b3ed3bef6c35094399264f0c1a736ac7ddf04 Mon Sep 17 00:00:00 2001 +Message-Id: <661b3ed3bef6c35094399264f0c1a736ac7ddf04@dist-git> +From: Pavel Hrdina +Date: Thu, 14 Mar 2019 10:46:02 +0100 +Subject: [PATCH] domain: cpu: introduce set_model function + +We will need to pass another variable into the setter so we cannot use +the property setter. + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +(cherry picked from commit 6423f653fd2d895d5addf37a6d504dbc9a4a0d6f) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + tests/xmlparse.py | 11 +++++++---- + virtManager/domain.py | 2 +- + virtinst/cli.py | 2 +- + virtinst/cpu.py | 22 ++++++++++++---------- + 4 files changed, 21 insertions(+), 16 deletions(-) + +diff --git a/tests/xmlparse.py b/tests/xmlparse.py +index e7d291f3..279b1dc1 100644 +--- a/tests/xmlparse.py ++++ b/tests/xmlparse.py +@@ -169,7 +169,8 @@ class XMLParseTest(unittest.TestCase): + + check = self._make_checker(guest.cpu) + check("match", "exact", "strict") +- check("model", "footest", "qemu64") ++ guest.cpu.set_model("qemu64") ++ check("model", "qemu64") + check("vendor", "Intel", "qemuvendor") + check("threads", 2, 1) + check("cores", 5, 3) +@@ -262,7 +263,9 @@ class XMLParseTest(unittest.TestCase): + guest.seclabels[0].get_xml_config().startswith(" +From: Pavel Hrdina +Date: Mon, 4 Jun 2018 14:30:26 -0400 +Subject: [PATCH] domain.numatune: Drop cpuset validation + +From: Cole Robinson + +This type of validation should really be done at the libvirt level, +particularly for a non-mandatory feature like cpuset. Otherwise +it's just more code for us to test which will rarely be hit by users + +(cherry picked from commit 39a7cbbad750656a7d89694c3b0341a5ae98d346) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1566818 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + tests/clitest.py | 3 --- + virtinst/domainnumatune.py | 48 -------------------------------------- + virtinst/guest.py | 6 +---- + 3 files changed, 1 insertion(+), 56 deletions(-) + +diff --git a/tests/clitest.py b/tests/clitest.py +index eb608769..5e000194 100644 +--- a/tests/clitest.py ++++ b/tests/clitest.py +@@ -600,7 +600,6 @@ c.add_compare("--memory 1024,hotplugmemorymax=2048,hotplugmemoryslots=2 --cpu ce + #################################################### + + c = vinst.add_category("cpuram", "--hvm --nographics --noautoconsole --nodisks --pxe") +-c.add_valid("--vcpus 4 --cpuset=1,3-5,") # Cpuset with trailing comma + c.add_valid("--connect %(URI-XEN)s --vcpus 4 --cpuset=auto") # cpuset=auto but xen doesn't support it + c.add_valid("--ram 4000000") # Ram overcommit + c.add_valid("--vcpus sockets=2,threads=2") # Topology only +@@ -609,8 +608,6 @@ c.add_valid("--security label=foobar.label,relabel=yes") # --security implicit + c.add_valid("--security label=foobar.label,a1,z2,b3,type=static,relabel=no") # static with commas 1 + c.add_valid("--security label=foobar.label,a1,z2,b3") # --security static with commas 2 + c.add_compare("--cpuset auto --vcpus 2", "cpuset-auto") # --cpuset=auto actually works +-c.add_invalid("--vcpus 32 --cpuset=969-1000") # Bogus cpuset +-c.add_invalid("--vcpus 32 --cpuset=autofoo") # Bogus cpuset + c.add_invalid("--clock foo_tickpolicy=merge") # Unknown timer + c.add_invalid("--security foobar") # Busted --security + +diff --git a/virtinst/domainnumatune.py b/virtinst/domainnumatune.py +index 9795011b..f8797e9c 100644 +--- a/virtinst/domainnumatune.py ++++ b/virtinst/domainnumatune.py +@@ -17,61 +17,13 @@ + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + # MA 02110-1301 USA. + +-import re +- + from .xmlbuilder import XMLBuilder, XMLProperty + + +-def get_phy_cpus(conn): +- """ +- Get number of physical CPUs. +- """ +- hostinfo = conn.getInfo() +- pcpus = hostinfo[4] * hostinfo[5] * hostinfo[6] * hostinfo[7] +- return pcpus +- +- + class DomainNumatune(XMLBuilder): + """ + Class for generating XML + """ +- +- @staticmethod +- def validate_cpuset(conn, val): +- if val is None or val == "": +- return +- +- if not isinstance(val, str) or len(val) == 0: +- raise ValueError(_("cpuset must be string")) +- if re.match("^[0-9,-^]*$", val) is None: +- raise ValueError(_("cpuset can only contain numeric, ',', '^', or " +- "'-' characters")) +- +- pcpus = get_phy_cpus(conn) +- for c in val.split(','): +- # Redundant commas +- if not c: +- continue +- +- if "-" in c: +- (x, y) = c.split('-', 1) +- x = int(x) +- y = int(y) +- if x > y: +- raise ValueError(_("cpuset contains invalid format.")) +- if x >= pcpus or y >= pcpus: +- raise ValueError(_("cpuset's pCPU numbers must be less " +- "than pCPUs.")) +- else: +- if c.startswith("^"): +- c = c[1:] +- c = int(c) +- +- if c >= pcpus: +- raise ValueError(_("cpuset's pCPU numbers must be less " +- "than pCPUs.")) +- +- + _XML_ROOT_NAME = "numatune" + _XML_PROP_ORDER = ["memory_mode", "memory_nodeset"] + +diff --git a/virtinst/guest.py b/virtinst/guest.py +index a19b8999..04a64aa2 100644 +--- a/virtinst/guest.py ++++ b/virtinst/guest.py +@@ -182,11 +182,7 @@ class Guest(XMLBuilder): + default_cb=lambda s: 1) + curvcpus = XMLProperty("./vcpu/@current", is_int=True) + vcpu_placement = XMLProperty("./vcpu/@placement") +- +- def _validate_cpuset(self, val): +- DomainNumatune.validate_cpuset(self.conn, val) +- cpuset = XMLProperty("./vcpu/@cpuset", +- validate_cb=_validate_cpuset) ++ cpuset = XMLProperty("./vcpu/@cpuset") + + def _get_default_uuid(self): + if self._random_uuid is None: +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domain.numatune-Remove-MEMORY_MODES.patch b/SOURCES/virt-manager-domain.numatune-Remove-MEMORY_MODES.patch new file mode 100644 index 0000000..4457dfd --- /dev/null +++ b/SOURCES/virt-manager-domain.numatune-Remove-MEMORY_MODES.patch @@ -0,0 +1,36 @@ +From a3153decec10b58433cb0679bdf977b57d3dfa92 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Mon, 4 Jun 2018 14:21:49 -0400 +Subject: [PATCH] domain.numatune: Remove MEMORY_MODES + +From: Cole Robinson + +It doesn't have any user + +(cherry picked from commit 4370fd7c6c70b7a6db486a2976ff830175c8a5df) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1566818 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtinst/domainnumatune.py | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/virtinst/domainnumatune.py b/virtinst/domainnumatune.py +index 9788c9d4..9795011b 100644 +--- a/virtinst/domainnumatune.py ++++ b/virtinst/domainnumatune.py +@@ -72,8 +72,6 @@ class DomainNumatune(XMLBuilder): + "than pCPUs.")) + + +- MEMORY_MODES = ["interleave", "strict", "preferred"] +- + _XML_ROOT_NAME = "numatune" + _XML_PROP_ORDER = ["memory_mode", "memory_nodeset"] + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domain.numatune-Remove-cpuset_str_to_tuple.patch b/SOURCES/virt-manager-domain.numatune-Remove-cpuset_str_to_tuple.patch new file mode 100644 index 0000000..6f23d87 --- /dev/null +++ b/SOURCES/virt-manager-domain.numatune-Remove-cpuset_str_to_tuple.patch @@ -0,0 +1,86 @@ +From 65fb5f48b9d52f3ea3d6789e524f50baf943c4d0 Mon Sep 17 00:00:00 2001 +Message-Id: <65fb5f48b9d52f3ea3d6789e524f50baf943c4d0@dist-git> +From: Pavel Hrdina +Date: Mon, 4 Jun 2018 14:20:58 -0400 +Subject: [PATCH] domain.numatune: Remove cpuset_str_to_tuple + +From: Cole Robinson + +Left over from when we had vcpu pinning in the UI, not used anymore + +(cherry picked from commit 192da16f6bceae6734969d37b21d8bfef6d413fd) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1566818 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + tests/xmlconfig.py | 19 ------------------- + virtinst/domainnumatune.py | 21 --------------------- + 2 files changed, 40 deletions(-) + +diff --git a/tests/xmlconfig.py b/tests/xmlconfig.py +index e55b1e51..ef835b87 100644 +--- a/tests/xmlconfig.py ++++ b/tests/xmlconfig.py +@@ -166,25 +166,6 @@ class TestXMLMisc(unittest.TestCase): + finally: + setattr(deviceinterface, "_default_bridge", origfunc) + +- def testCpustrToTuple(self): +- # Various testing our cpustr handling +- conn = _default_conn +- base = [False] * 16 +- +- expect = base[:] +- expect[1] = expect[2] = expect[3] = True +- self.assertEqual(tuple(expect), +- virtinst.DomainNumatune.cpuset_str_to_tuple(conn, "1-3")) +- +- expect = base[:] +- expect[1] = expect[3] = expect[5] = expect[10] = expect[11] = True +- self.assertEqual(tuple(expect), +- virtinst.DomainNumatune.cpuset_str_to_tuple(conn, "1,3,5,10-11")) +- +- self.assertRaises(ValueError, +- virtinst.DomainNumatune.cpuset_str_to_tuple, +- conn, "16") +- + def testDiskNumbers(self): + # Various testing our target generation + self.assertEqual("a", VirtualDisk.num_to_target(1)) +diff --git a/virtinst/domainnumatune.py b/virtinst/domainnumatune.py +index dbacc6cc..9788c9d4 100644 +--- a/virtinst/domainnumatune.py ++++ b/virtinst/domainnumatune.py +@@ -71,27 +71,6 @@ class DomainNumatune(XMLBuilder): + raise ValueError(_("cpuset's pCPU numbers must be less " + "than pCPUs.")) + +- @staticmethod +- def cpuset_str_to_tuple(conn, cpuset): +- DomainNumatune.validate_cpuset(conn, cpuset) +- pinlist = [False] * get_phy_cpus(conn) +- +- entries = cpuset.split(",") +- for e in entries: +- series = e.split("-", 1) +- +- if len(series) == 1: +- pinlist[int(series[0])] = True +- continue +- +- start = int(series[0]) +- end = int(series[1]) +- +- for i in range(start, end + 1): +- pinlist[i] = True +- +- return tuple(pinlist) +- + + MEMORY_MODES = ["interleave", "strict", "preferred"] + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domcapabilities-actually-fix-detection-if-host-model-is-safe-to-use.patch b/SOURCES/virt-manager-domcapabilities-actually-fix-detection-if-host-model-is-safe-to-use.patch new file mode 100644 index 0000000..26df5d3 --- /dev/null +++ b/SOURCES/virt-manager-domcapabilities-actually-fix-detection-if-host-model-is-safe-to-use.patch @@ -0,0 +1,44 @@ +From a1856561962e642553d5ccec89e7ca3f45d18797 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Thu, 11 Apr 2019 14:57:15 +0200 +Subject: [PATCH] domcapabilities: actually fix detection if host-model is safe + to use + +The original code created a new list which had True/False items. The +only case where the returned value would be False is for empty list +which never happens in real environment. + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 413858f3dcc6d4c1240dce5593cc876e0c5e216d) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtinst/domcapabilities.py | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index 822deda8..20b6b38d 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -204,9 +204,11 @@ class DomainCapabilities(XMLBuilder): + host-model infact predates this support, however it wasn't + general purpose safe prior to domcaps advertisement. + """ +- return [(m.name == "host-model" and m.supported and +- m.models[0].fallback == "forbid") +- for m in self.cpu.modes] ++ for m in self.cpu.modes: ++ if (m.name == "host-model" and m.supported and ++ m.models[0].fallback == "forbid"): ++ return True ++ return False + + + _XML_ROOT_NAME = "domainCapabilities" +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domcapabilities-add-caching-of-CPU-security-features.patch b/SOURCES/virt-manager-domcapabilities-add-caching-of-CPU-security-features.patch new file mode 100644 index 0000000..86b9564 --- /dev/null +++ b/SOURCES/virt-manager-domcapabilities-add-caching-of-CPU-security-features.patch @@ -0,0 +1,65 @@ +From 260fe211977de7bcd6c5b9163b9562eb2f39f266 Mon Sep 17 00:00:00 2001 +Message-Id: <260fe211977de7bcd6c5b9163b9562eb2f39f266@dist-git> +From: Pavel Hrdina +Date: Wed, 3 Apr 2019 15:17:08 +0200 +Subject: [PATCH] domcapabilities: add caching of CPU security features +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +We will call this function multiple times so it makes sense to cache the +result so we don't have to call libvirt APIs every time we will check +what security features are available on the host. + +Signed-off-by: Pavel Hrdina +Reviewed-by: Daniel P. Berrangé +(cherry picked from commit 00f8dea370ae0874dc655d3718978a6a8e397a34) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtinst/domcapabilities.py | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index beab7374..ba774532 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -238,6 +238,8 @@ class DomainCapabilities(XMLBuilder): + + return CPU(self.conn, expandedXML) + ++ _features = None ++ + def get_cpu_security_features(self): + sec_features = [ + 'spec-ctrl', +@@ -245,7 +247,10 @@ class DomainCapabilities(XMLBuilder): + 'ibpb', + 'virt-ssbd'] + +- features = [] ++ if self._features: ++ return self._features ++ ++ self._features = [] + + for m in self.cpu.modes: + if m.name != "host-model" or not m.supported: +@@ -259,9 +264,9 @@ class DomainCapabilities(XMLBuilder): + + for feature in cpu.features: + if feature.name in sec_features: +- features.append(feature.name) ++ self._features.append(feature.name) + +- return features ++ return self._features + + + _XML_ROOT_NAME = "domainCapabilities" +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domcapabilities-detect-MDS-new-vulnerability.patch b/SOURCES/virt-manager-domcapabilities-detect-MDS-new-vulnerability.patch new file mode 100644 index 0000000..948fc42 --- /dev/null +++ b/SOURCES/virt-manager-domcapabilities-detect-MDS-new-vulnerability.patch @@ -0,0 +1,65 @@ +From d8ce37f73ec77e5365cfa132ac78b470c1410222 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Tue, 14 May 2019 19:59:49 +0200 +Subject: [PATCH] domcapabilities: detect MDS new vulnerability +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +There is a new security feature 'md-clear' that mitigates recent CPU +Microarchitectural Store Buffer Data vulnerability. + +Signed-off-by: Pavel Hrdina +(cherry picked from commit c11d6ba4d7024eaac83b6e2d6ae88172f4c01e98) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Acked-by: Daniel P. Berrangé +--- + man/virt-install.pod | 13 +++++++------ + virtinst/domcapabilities.py | 3 ++- + 2 files changed, 9 insertions(+), 7 deletions(-) + +diff --git a/man/virt-install.pod b/man/virt-install.pod +index d90c2b8e..3bcb32f2 100644 +--- a/man/virt-install.pod ++++ b/man/virt-install.pod +@@ -219,12 +219,13 @@ and 'disable=feature' respectively. + + If exact CPU model is specified virt-install will automatically copy CPU + features available on the host to mitigate recent CPU speculative execution +-side channel security vulnerabilities. This however will have some impact +-on performance and will break migration to hosts without security patches. +-In order to control this behavior there is a B parameter. Possible +-values are I and I, with I as the default. It is highly +-recommended to leave this enabled and ensure all virtualization hosts have +-fully up to date microcode, kernel & virtualization software installed. ++side channel and Microarchitectural Store Buffer Data security vulnerabilities. ++This however will have some impact on performance and will break migration ++to hosts without security patches. In order to control this behavior there ++is a B parameter. Possible values are I and I, with I ++as the default. It is highly recommended to leave this enabled and ensure all ++virtualization hosts have fully up to date microcode, kernel & virtualization ++software installed. + + Some examples: + +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index ba774532..5695453f 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -245,7 +245,8 @@ class DomainCapabilities(XMLBuilder): + 'spec-ctrl', + 'ssbd', + 'ibpb', +- 'virt-ssbd'] ++ 'virt-ssbd', ++ 'md-clear'] + + if self._features: + return self._features +-- +2.21.0 + diff --git a/SOURCES/virt-manager-domcapabilities-fix-detection-if-host-model-is-safe-to-use.patch b/SOURCES/virt-manager-domcapabilities-fix-detection-if-host-model-is-safe-to-use.patch new file mode 100644 index 0000000..02af7f5 --- /dev/null +++ b/SOURCES/virt-manager-domcapabilities-fix-detection-if-host-model-is-safe-to-use.patch @@ -0,0 +1,45 @@ +From a08b594291c9c62a84ad5b820b77b7aff9079cb1 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Wed, 13 Mar 2019 14:18:14 +0100 +Subject: [PATCH] domcapabilities: fix detection if host-model is safe to use + +According to libvirt documentation for host-model [1] it is safe to use +it only if 'fallback' attribute is set to 'forbid', this indicates that +the libvirt and QEMU are new enough and can safely filter list of cpu +features that will be guaranteed to be visible inside of the guest. + +[1] + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +(cherry picked from commit 9fdbbca27fa820d58b1bff58d215e6847b848f0a) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Andrea Bolognani +--- + virtinst/domcapabilities.py | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index ddc8b17c..822deda8 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -202,9 +202,10 @@ class DomainCapabilities(XMLBuilder): + """ + Return True if domcaps reports support for cpu mode=host-model. + host-model infact predates this support, however it wasn't +- general purpose safe prior to domcaps advertisement ++ general purpose safe prior to domcaps advertisement. + """ +- return [(m.name == "host-model" and m.supported) ++ return [(m.name == "host-model" and m.supported and ++ m.models[0].fallback == "forbid") + for m in self.cpu.modes] + + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domcapabilities-fix-typo-in-function-name.patch b/SOURCES/virt-manager-domcapabilities-fix-typo-in-function-name.patch new file mode 100644 index 0000000..9f0b290 --- /dev/null +++ b/SOURCES/virt-manager-domcapabilities-fix-typo-in-function-name.patch @@ -0,0 +1,46 @@ +From 9b0462ca1b4e215e168b834b159d2f32a52a8114 Mon Sep 17 00:00:00 2001 +Message-Id: <9b0462ca1b4e215e168b834b159d2f32a52a8114@dist-git> +From: Pavel Hrdina +Date: Fri, 29 Mar 2019 10:25:23 +0100 +Subject: [PATCH] domcapabilities: fix typo in function name +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Pavel Hrdina +Reviewed-by: Daniel P. Berrangé +(cherry picked from commit b711b28b1af6998f57d5610139439518545663f0) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtinst/domcapabilities.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index da12bd58..beab7374 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -222,7 +222,7 @@ class DomainCapabilities(XMLBuilder): + arch.text = self.arch + return ET.tostring(root, encoding="UTF-8") + +- def _get_expandned_cpu(self, mode): ++ def _get_expanded_cpu(self, mode): + cpuXML = self._convert_mode_to_cpu(mode.get_xml_config()) + logging.debug("CPU XML for security flag baseline: %s", cpuXML) + +@@ -252,7 +252,7 @@ class DomainCapabilities(XMLBuilder): + continue + + try: +- cpu = self._get_expandned_cpu(m) ++ cpu = self._get_expanded_cpu(m) + except libvirt.libvirtError as e: + logging.warning(_("Failed to get expanded CPU XML: %s"), e) + break +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domcapabilities-introduce-get_cpu_security_features.patch b/SOURCES/virt-manager-domcapabilities-introduce-get_cpu_security_features.patch new file mode 100644 index 0000000..31a2bd0 --- /dev/null +++ b/SOURCES/virt-manager-domcapabilities-introduce-get_cpu_security_features.patch @@ -0,0 +1,114 @@ +From ac9aae920fd7705a65f6bf0b236c4baa05e9bf30 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Fri, 15 Mar 2019 09:49:56 +0100 +Subject: [PATCH] domcapabilities: introduce get_cpu_security_features + +Get all CPU security features that we should enable for guests. + +In order to do that we need to get CPU definition from domain +capabilities and modify the XML so it is in required format for +libvirt CPU baseline APIs. We will prefer the baselineHypervisorCPU +API because that considers what QEMU actually supports and we will +fallback to baselineCPU API if the better one is not supported by +libvirt. + +This way we can figure out which of the security features are actually +available on that specific host for that specific QEMU binary. + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +(cherry picked from commit 4a8b6363c0891e37d9532213a046c5c57aedfd8b) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Conflicts: + - upstream renamed CPU class to DomainCpu + - upstream renamed get_xml_config() to get_xml() + - python 2.7 cannot handle Element.attrib set to None + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtinst/domcapabilities.py | 57 +++++++++++++++++++++++++++++++++++++ + 1 file changed, 57 insertions(+) + +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index 20b6b38d..12755940 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -20,7 +20,11 @@ + + import logging + import re ++import xml.etree.ElementTree as ET + ++import libvirt ++ ++from . import CPU + from .xmlbuilder import XMLBuilder, XMLChildProperty, XMLProperty + + +@@ -210,6 +214,59 @@ class DomainCapabilities(XMLBuilder): + return True + return False + ++ def _convert_mode_to_cpu(self, xml): ++ root = ET.fromstring(xml) ++ root.tag = "cpu" ++ root.attrib = {} ++ arch = ET.SubElement(root, "arch") ++ arch.text = self.arch ++ return ET.tostring(root, encoding="UTF-8") ++ ++ def _get_expandned_cpu(self, mode): ++ cpuXML = self._convert_mode_to_cpu(mode.get_xml_config()) ++ logging.debug("CPU XML for security flag baseline: %s", cpuXML) ++ ++ try: ++ expandedXML = self.conn.baselineHypervisorCPU( ++ self.path, self.arch, self.machine, self.domain, [cpuXML], ++ libvirt.VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES) ++ except libvirt.libvirtError: ++ expandedXML = self.conn.baselineCPU([cpuXML], ++ libvirt.VIR_CONNECT_BASELINE_CPU_EXPAND_FEATURES) ++ ++ logging.debug("Expanded CPU XML: %s", expandedXML) ++ ++ return CPU(self.conn, expandedXML) ++ ++ def get_cpu_security_features(self): ++ sec_features = [ ++ 'pcid', ++ 'spec-ctrl', ++ 'ssbd', ++ 'pdpe1gb', ++ 'ibpb', ++ 'virt-ssbd', ++ 'amd-ssbd', ++ 'amd-no-ssb'] ++ ++ features = [] ++ ++ for m in self.cpu.modes: ++ if m.name != "host-model" or not m.supported: ++ continue ++ ++ try: ++ cpu = self._get_expandned_cpu(m) ++ except libvirt.libvirtError as e: ++ logging.warning(_("Failed to get expanded CPU XML: %s"), e) ++ break ++ ++ for feature in cpu.features: ++ if feature.name in sec_features: ++ features.append(feature.name) ++ ++ return features ++ + + _XML_ROOT_NAME = "domainCapabilities" + os = XMLChildProperty(_OS, is_single=True) +-- +2.20.1 + diff --git a/SOURCES/virt-manager-domcapabilities-remove-recommended-CPU-features-from-security-features.patch b/SOURCES/virt-manager-domcapabilities-remove-recommended-CPU-features-from-security-features.patch new file mode 100644 index 0000000..b2ceb59 --- /dev/null +++ b/SOURCES/virt-manager-domcapabilities-remove-recommended-CPU-features-from-security-features.patch @@ -0,0 +1,100 @@ +From a750b3d4e930a6c02f7fa8433b8fb730c5e075ef Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Fri, 29 Mar 2019 10:22:08 +0100 +Subject: [PATCH] domcapabilities: remove recommended CPU features from + security features +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +These features are only recommended to be enabled since they improve +performance of the VMs if security features are enabled. + +pcid is a very useful perf feature, but missing in some silicon +so not portable. + +pdpe1gb lets the guest use 1 GB pages which is good for perf +but again not all silicon can do it. + +amd-ssbd is a security feature which fixes the same SSBD flaws as the +virt-ssbd feature does. virt-ssbd is usable across all CPU models +affected by SSBD, while amd-ssbd is only available in very new silicon. +So virt-ssbd is the bette rchoice. + +amd-no-ssb just indicates that the CPU is not affected by SSBD, so not +critical to expose. I expect a future named CPU model will include that +where appropriate. + +Signed-off-by: Pavel Hrdina +Reviewed-by: Daniel P. Berrangé +(cherry picked from commit 29f815fbd23082dff79d2d716e32a644b5a15d4a) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + tests/cli-test-xml/compare/virt-install-qemu-plain.xml | 2 -- + .../compare/virt-install-singleton-config-2.xml | 4 ---- + virtinst/domcapabilities.py | 6 +----- + 3 files changed, 1 insertion(+), 11 deletions(-) + +diff --git a/tests/cli-test-xml/compare/virt-install-qemu-plain.xml b/tests/cli-test-xml/compare/virt-install-qemu-plain.xml +index 80674eb4..3273e0e4 100644 +--- a/tests/cli-test-xml/compare/virt-install-qemu-plain.xml ++++ b/tests/cli-test-xml/compare/virt-install-qemu-plain.xml +@@ -15,8 +15,6 @@ + + + Penryn +- +- + + + +diff --git a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml +index d03ba5c8..16f15894 100644 +--- a/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml ++++ b/tests/cli-test-xml/compare/virt-install-singleton-config-2.xml +@@ -83,8 +83,6 @@ + foobar + meee + +- +- + + + +@@ -253,8 +251,6 @@ + foobar + meee + +- +- + + + +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index 12755940..da12bd58 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -240,14 +240,10 @@ class DomainCapabilities(XMLBuilder): + + def get_cpu_security_features(self): + sec_features = [ +- 'pcid', + 'spec-ctrl', + 'ssbd', +- 'pdpe1gb', + 'ibpb', +- 'virt-ssbd', +- 'amd-ssbd', +- 'amd-no-ssb'] ++ 'virt-ssbd'] + + features = [] + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-graphics-move-all-listen-code-into-one-place.patch b/SOURCES/virt-manager-graphics-move-all-listen-code-into-one-place.patch new file mode 100644 index 0000000..8724bd6 --- /dev/null +++ b/SOURCES/virt-manager-graphics-move-all-listen-code-into-one-place.patch @@ -0,0 +1,168 @@ +From a9b4c4ca3c11da0ee5a8f5da70ec59f375b7bec6 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Fri, 22 Feb 2019 16:32:39 +0100 +Subject: [PATCH] graphics: move all listen code into one place + +Instead of duplicating the code into CLI and GUI move it into graphics +device file which is used from both places. This also fixes a bug in +virt-xml where changing listen to address was not working. + +This also changes behavior to always configure one listen type when +using CLI listen option or GUI. If user wants to modify only specific +listen type they can use listens[] options from CLI. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1565968 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +(cherry picked from commit a0b42327c6bb587c20628f8bc946c6041f61818a) +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + tests/xmlparse-xml/change-graphics-out.xml | 1 - + virtManager/addhardware.py | 2 +- + virtManager/domain.py | 13 +++++------ + virtinst/cli.py | 12 +---------- + virtinst/devicegraphics.py | 25 +++++++++++----------- + 5 files changed, 20 insertions(+), 33 deletions(-) + +diff --git a/tests/xmlparse-xml/change-graphics-out.xml b/tests/xmlparse-xml/change-graphics-out.xml +index e56cd98c..6cdeb698 100644 +--- a/tests/xmlparse-xml/change-graphics-out.xml ++++ b/tests/xmlparse-xml/change-graphics-out.xml +@@ -32,7 +32,6 @@ + + + +- + + + +diff --git a/virtManager/addhardware.py b/virtManager/addhardware.py +index 863cb3cd..b8543b75 100644 +--- a/virtManager/addhardware.py ++++ b/virtManager/addhardware.py +@@ -1568,7 +1568,7 @@ class vmmAddHardware(vmmGObjectUI): + self._dev.rendernode = rendernode + + if not listen or listen == "none": +- self._dev.set_listen_none() ++ self._dev.listen = "none" + elif listen == "address": + self._dev.listen = addr + self._dev.port = port +diff --git a/virtManager/domain.py b/virtManager/domain.py +index 50ccbdb1..3ec99a49 100644 +--- a/virtManager/domain.py ++++ b/virtManager/domain.py +@@ -895,8 +895,11 @@ class vmmDomain(vmmLibvirtObject): + if not editdev: + return + +- if addr != _SENTINEL: +- editdev.listen = addr ++ if addr != _SENTINEL or listen != _SENTINEL: ++ if listen == "none": ++ editdev.listen = listen ++ else: ++ editdev.listen = addr + if port != _SENTINEL: + editdev.port = port + if tlsport != _SENTINEL: +@@ -911,12 +914,6 @@ class vmmDomain(vmmLibvirtObject): + editdev.gl = gl + if rendernode != _SENTINEL: + editdev.rendernode = rendernode +- if listen != _SENTINEL: +- listentype = editdev.get_first_listen_type() +- if listen == 'none': +- editdev.set_listen_none() +- elif listentype and listentype == 'none': +- editdev.remove_all_listens() + + if do_hotplug: + self.hotplug(device=editdev) +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 7e8ab536..2a736aa9 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -2296,16 +2296,6 @@ class ParserGraphics(VirtCLIParser): + return + inst.type = val + +- def set_listen_cb(self, inst, val, virtarg): +- if val == "none": +- inst.set_listen_none() +- elif val == "socket": +- inst.remove_all_listens() +- obj = inst.add_listen() +- obj.type = "socket" +- else: +- inst.listen = val +- + def listens_find_inst_cb(self, *args, **kwargs): + cliarg = "listens" # listens[0-9]* + objpropname = "listens" # graphics.listens +@@ -2340,7 +2330,7 @@ _add_device_address_args(ParserGraphics) + ParserGraphics.add_arg(None, "type", cb=ParserGraphics.set_type_cb) + ParserGraphics.add_arg("port", "port") + ParserGraphics.add_arg("tlsPort", "tlsport") +-ParserGraphics.add_arg("listen", "listen", cb=ParserGraphics.set_listen_cb) ++ParserGraphics.add_arg("listen", "listen") + ParserGraphics.add_arg("type", "listens[0-9]*.type", + find_inst_cb=ParserGraphics.listens_find_inst_cb) + ParserGraphics.add_arg("address", "listens[0-9]*.address", +diff --git a/virtinst/devicegraphics.py b/virtinst/devicegraphics.py +index ffba36d9..d0ef6826 100644 +--- a/virtinst/devicegraphics.py ++++ b/virtinst/devicegraphics.py +@@ -198,15 +198,16 @@ class VirtualGraphics(VirtualDevice): + + + def _set_listen(self, val): +- # Update the corresponding block +- find_listen = [l for l in self.listens if +- (l.type == "address" and l.address == self.listen)] +- if find_listen: +- if val is None: +- self.remove_child(find_listen[0]) +- else: +- find_listen[0].address = val +- return val ++ if val == "none": ++ self._set_listen_none() ++ elif val == "socket": ++ self._remove_all_listens() ++ obj = self.add_listen() ++ obj.type = "socket" ++ else: ++ self._remove_all_listens() ++ return val ++ return None + listen = XMLProperty("./@listen", set_converter=_set_listen) + + type = XMLProperty("./@type", +@@ -219,7 +220,7 @@ class VirtualGraphics(VirtualDevice): + defaultMode = XMLProperty("./@defaultMode") + + listens = XMLChildProperty(_GraphicsListen) +- def remove_all_listens(self): ++ def _remove_all_listens(self): + for listen in self.listens: + self.remove_child(listen) + +@@ -233,8 +234,8 @@ class VirtualGraphics(VirtualDevice): + return self.listens[0].type + return None + +- def set_listen_none(self): +- self.remove_all_listens() ++ def _set_listen_none(self): ++ self._remove_all_listens() + self.listen = None + self.port = None + self.tlsPort = None +-- +2.20.1 + diff --git a/SOURCES/virt-manager-guest-Add-DomainCapabilities-caching.patch b/SOURCES/virt-manager-guest-Add-DomainCapabilities-caching.patch new file mode 100644 index 0000000..57482d1 --- /dev/null +++ b/SOURCES/virt-manager-guest-Add-DomainCapabilities-caching.patch @@ -0,0 +1,160 @@ +From 8bf52a94315a3fa219875a009a5d9661c46c47fe Mon Sep 17 00:00:00 2001 +Message-Id: <8bf52a94315a3fa219875a009a5d9661c46c47fe@dist-git> +From: Pavel Hrdina +Date: Thu, 4 Oct 2018 12:22:22 -0400 +Subject: [PATCH] guest: Add DomainCapabilities caching + +From: Cole Robinson + +(cherry picked from commit 76334bfabdfd32498d78f390182d9621036e02d3) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Conflicts: + - virtinst/guest.py: different code-base as upstream have a lot of + cleanup patches that moved a lot of code around + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + tests/capabilities.py | 5 +++++ + virtinst/cpu.py | 26 ++++++++++++++------------ + virtinst/domcapabilities.py | 7 +++++-- + virtinst/guest.py | 21 ++++++++++++++++++++- + 4 files changed, 44 insertions(+), 15 deletions(-) + +diff --git a/tests/capabilities.py b/tests/capabilities.py +index ef1d961b..f1416925 100644 +--- a/tests/capabilities.py ++++ b/tests/capabilities.py +@@ -135,6 +135,11 @@ class TestCapabilities(unittest.TestCase): + xml = open("tests/capabilities-xml/kvm-x86_64-domcaps.xml").read() + caps = DomainCapabilities(utils.open_testdriver(), xml) + ++ self.assertEqual(caps.machine, "pc-i440fx-2.1") ++ self.assertEqual(caps.arch, "x86_64") ++ self.assertEqual(caps.domain, "kvm") ++ self.assertEqual(caps.path, "/bin/qemu-system-x86_64") ++ + custom_mode = caps.cpu.get_mode("custom") + self.assertTrue(bool(custom_mode)) + cpu_model = custom_mode.get_model("Opteron_G4") +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index 1b8f4a96..1f1ad7ec 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -19,7 +19,6 @@ + + import logging + +-from .domcapabilities import DomainCapabilities + from .xmlbuilder import XMLBuilder, XMLProperty, XMLChildProperty + + +@@ -237,20 +236,14 @@ class CPU(XMLBuilder): + # Default config # + ################## + +- def _set_cpu_x86_kvm_default(self, guest): +- if guest.os.arch != self.conn.caps.host.cpu.arch: +- return +- +- self.set_special_mode(guest.x86_cpu_default) +- if guest.x86_cpu_default != self.SPECIAL_MODE_HOST_MODEL_ONLY: +- return +- if not self.model: +- return +- ++ def _validate_default_host_model_only(self, guest): + # It's possible that the value HOST_MODEL_ONLY gets from + # is not actually supported by qemu/kvm + # combo which will be reported in +- domcaps = DomainCapabilities.build_from_guest(guest) ++ if not self.model: ++ return ++ ++ domcaps = guest.lookup_domcaps() + domcaps_mode = domcaps.cpu.get_mode("custom") + if not domcaps_mode: + return +@@ -264,6 +257,15 @@ class CPU(XMLBuilder): + self.model) + self.model = None + ++ def _set_cpu_x86_kvm_default(self, guest): ++ if guest.os.arch != self.conn.caps.host.cpu.arch: ++ return ++ ++ mode = guest.x86_cpu_default ++ self.set_special_mode(mode) ++ if mode == self.SPECIAL_MODE_HOST_MODEL_ONLY: ++ self._validate_default_host_model_only(guest) ++ + def set_defaults(self, guest): + self.set_topology_defaults(guest.vcpus) + +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index 78ac7a3e..1a84ab95 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -192,6 +192,9 @@ class DomainCapabilities(XMLBuilder): + os = XMLChildProperty(_OS, is_single=True) + cpu = XMLChildProperty(_CPU, is_single=True) + devices = XMLChildProperty(_Devices, is_single=True) +- +- arch = XMLProperty("./arch") + features = XMLChildProperty(_Features, is_single=True) ++ ++ arch = XMLProperty("./arch") ++ domain = XMLProperty("./domain") ++ machine = XMLProperty("./machine") ++ path = XMLProperty("./path") +diff --git a/virtinst/guest.py b/virtinst/guest.py +index 6bf1b59a..9c45b1b8 100644 +--- a/virtinst/guest.py ++++ b/virtinst/guest.py +@@ -140,6 +140,7 @@ class Guest(XMLBuilder): + + # This is set via Capabilities.build_virtinst_guest + self.capsinfo = None ++ self._domcaps = None + + self.installer = DistroInstaller(self.conn) + +@@ -534,6 +535,24 @@ class Guest(XMLBuilder): + logging.error("Failed to remove disk '%s': %s", name, e) + + ++ def lookup_domcaps(self): ++ # We need to regenerate domcaps cache if any of these values change ++ def _compare(domcaps): ++ if self.os.machine and self.os.machine != domcaps.machine: ++ return False ++ if self.type and self.type != domcaps.domain: ++ return False ++ if self.os.arch and self.os.arch != domcaps.arch: ++ return False ++ if self.emulator and self.emulator != domcaps.path: ++ return False ++ return True ++ ++ if not self._domcaps or not _compare(self._domcaps): ++ self._domcaps = DomainCapabilities.build_from_guest(self) ++ return self._domcaps ++ ++ + ########################### + # XML convenience helpers # + ########################### +@@ -543,7 +562,7 @@ class Guest(XMLBuilder): + Configure UEFI for the VM, but only if libvirt is advertising + a known UEFI binary path. + """ +- domcaps = DomainCapabilities.build_from_guest(self) ++ domcaps = self.lookup_domcaps() + + if not domcaps.supports_uefi_xml(): + raise RuntimeError(_("Libvirt version does not support UEFI.")) +-- +2.20.1 + diff --git a/SOURCES/virt-manager-guest-Default-to-cpu-mode-host-model-if-libvirt-is-new-enough.patch b/SOURCES/virt-manager-guest-Default-to-cpu-mode-host-model-if-libvirt-is-new-enough.patch new file mode 100644 index 0000000..93361c7 --- /dev/null +++ b/SOURCES/virt-manager-guest-Default-to-cpu-mode-host-model-if-libvirt-is-new-enough.patch @@ -0,0 +1,828 @@ +From faccada3d3891e8b38e5e884ddc058a5c461bd39 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Thu, 4 Oct 2018 12:23:32 -0400 +Subject: [PATCH] guest: Default to cpu mode=host-model if libvirt is new + enough + +From: Cole Robinson + +We check whether host-model is exposed in domcapabilities, which +indicates host-model is using the smarter new safer method in +cooperation with qemu + +(cherry picked from commit 469fed08a04777d72cbb73e1dc948cffe31f7858) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + .../compare/virt-convert-ovf-compare.xml | 4 +- + .../compare/virt-convert-vmx-compare.xml | 4 +- + .../compare/virt-install-boot-uefi.xml | 2 +- + .../compare/virt-install-f21-kvm-remote.xml | 4 +- + .../compare/virt-install-kvm-centos7.xml | 8 +- + .../virt-install-kvm-cpu-default-fallback.xml | 146 ++++++++++++++++++ + .../compare/virt-install-kvm-rhel6.xml | 8 +- + .../compare/virt-install-kvm-rhel7.xml | 8 +- + .../virt-install-kvm-session-defaults.xml | 8 +- + .../compare/virt-install-kvm-win2k3-cdrom.xml | 8 +- + .../compare/virt-install-location-iso.xml | 8 +- + .../compare/virt-install-location-nfs.xml | 8 +- + .../compare/virt-install-panic-default.xml | 4 +- + .../compare/virt-install-panic-isa-iobase.xml | 4 +- + .../compare/virt-install-panic-isa.xml | 4 +- + .../compare/virt-install-q35-defaults.xml | 8 +- + .../virt-install-solaris10-defaults.xml | 3 +- + .../compare/virt-install-spice-gl.xml | 4 +- + .../compare/virt-install-win7-uefi.xml | 8 +- + tests/clitest.py | 1 + + .../ovf2libvirt_ovf_directory.libvirt | 4 +- + .../libvirt_output/ovf2libvirt_test1.libvirt | 4 +- + .../ovf2libvirt_test1.libvirt.disk_qcow2 | 4 +- + .../libvirt_output/ovf2libvirt_test2.libvirt | 4 +- + .../ovf2libvirt_test_gzip.libvirt | 4 +- + .../ovf2libvirt_test_gzip.libvirt.disk_raw | 4 +- + .../vmx2libvirt_test-nodisks.libvirt | 4 +- + .../vmx2libvirt_test-vmx-zip.libvirt | 4 +- + .../libvirt_output/vmx2libvirt_test1.libvirt | 4 +- + .../vmx2libvirt_test1.libvirt.disk_raw | 4 +- + .../vmx2libvirt_vmx-dir.libvirt | 4 +- + virtinst/cpu.py | 12 +- + virtinst/domcapabilities.py | 10 ++ + virtinst/guest.py | 2 +- + 34 files changed, 207 insertions(+), 113 deletions(-) + create mode 100644 tests/cli-test-xml/compare/virt-install-kvm-cpu-default-fallback.xml + +diff --git a/tests/cli-test-xml/compare/virt-convert-ovf-compare.xml b/tests/cli-test-xml/compare/virt-convert-ovf-compare.xml +index 2d90abfc..190af176 100644 +--- a/tests/cli-test-xml/compare/virt-convert-ovf-compare.xml ++++ b/tests/cli-test-xml/compare/virt-convert-ovf-compare.xml +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-convert-vmx-compare.xml b/tests/cli-test-xml/compare/virt-convert-vmx-compare.xml +index 21dbcd65..92a4a3c1 100644 +--- a/tests/cli-test-xml/compare/virt-convert-vmx-compare.xml ++++ b/tests/cli-test-xml/compare/virt-convert-vmx-compare.xml +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-boot-uefi.xml b/tests/cli-test-xml/compare/virt-install-boot-uefi.xml +index f46b8f07..18b02ce8 100644 +--- a/tests/cli-test-xml/compare/virt-install-boot-uefi.xml ++++ b/tests/cli-test-xml/compare/virt-install-boot-uefi.xml +@@ -15,7 +15,7 @@ + + + +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-f21-kvm-remote.xml b/tests/cli-test-xml/compare/virt-install-f21-kvm-remote.xml +index 34f95aaf..36ea03f4 100644 +--- a/tests/cli-test-xml/compare/virt-install-f21-kvm-remote.xml ++++ b/tests/cli-test-xml/compare/virt-install-f21-kvm-remote.xml +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-kvm-centos7.xml b/tests/cli-test-xml/compare/virt-install-kvm-centos7.xml +index 22c81fde..2c693ad4 100644 +--- a/tests/cli-test-xml/compare/virt-install-kvm-centos7.xml ++++ b/tests/cli-test-xml/compare/virt-install-kvm-centos7.xml +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -84,9 +82,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-kvm-cpu-default-fallback.xml b/tests/cli-test-xml/compare/virt-install-kvm-cpu-default-fallback.xml +new file mode 100644 +index 00000000..29e050aa +--- /dev/null ++++ b/tests/cli-test-xml/compare/virt-install-kvm-cpu-default-fallback.xml +@@ -0,0 +1,146 @@ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ Opteron_G4 ++ ++ ++ ++ ++ ++ ++ destroy ++ ++ ++ ++ ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ /dev/urandom ++ ++ ++ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ ++ ++ Opteron_G4 ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ /dev/urandom ++ ++ ++ +diff --git a/tests/cli-test-xml/compare/virt-install-kvm-rhel6.xml b/tests/cli-test-xml/compare/virt-install-kvm-rhel6.xml +index 22c81fde..2c693ad4 100644 +--- a/tests/cli-test-xml/compare/virt-install-kvm-rhel6.xml ++++ b/tests/cli-test-xml/compare/virt-install-kvm-rhel6.xml +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -84,9 +82,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-kvm-rhel7.xml b/tests/cli-test-xml/compare/virt-install-kvm-rhel7.xml +index 22c81fde..2c693ad4 100644 +--- a/tests/cli-test-xml/compare/virt-install-kvm-rhel7.xml ++++ b/tests/cli-test-xml/compare/virt-install-kvm-rhel7.xml +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -84,9 +82,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-kvm-session-defaults.xml b/tests/cli-test-xml/compare/virt-install-kvm-session-defaults.xml +index 423c0680..cac6f727 100644 +--- a/tests/cli-test-xml/compare/virt-install-kvm-session-defaults.xml ++++ b/tests/cli-test-xml/compare/virt-install-kvm-session-defaults.xml +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -92,9 +90,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-kvm-win2k3-cdrom.xml b/tests/cli-test-xml/compare/virt-install-kvm-win2k3-cdrom.xml +index 357cbd23..588fc298 100644 +--- a/tests/cli-test-xml/compare/virt-install-kvm-win2k3-cdrom.xml ++++ b/tests/cli-test-xml/compare/virt-install-kvm-win2k3-cdrom.xml +@@ -19,9 +19,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -87,9 +85,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-location-iso.xml b/tests/cli-test-xml/compare/virt-install-location-iso.xml +index 8a627629..2678831c 100644 +--- a/tests/cli-test-xml/compare/virt-install-location-iso.xml ++++ b/tests/cli-test-xml/compare/virt-install-location-iso.xml +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -75,9 +73,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-location-nfs.xml b/tests/cli-test-xml/compare/virt-install-location-nfs.xml +index 5496a1d3..8e40672a 100644 +--- a/tests/cli-test-xml/compare/virt-install-location-nfs.xml ++++ b/tests/cli-test-xml/compare/virt-install-location-nfs.xml +@@ -15,9 +15,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -74,9 +72,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-panic-default.xml b/tests/cli-test-xml/compare/virt-install-panic-default.xml +index b391a290..d55cfafd 100644 +--- a/tests/cli-test-xml/compare/virt-install-panic-default.xml ++++ b/tests/cli-test-xml/compare/virt-install-panic-default.xml +@@ -12,9 +12,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-panic-isa-iobase.xml b/tests/cli-test-xml/compare/virt-install-panic-isa-iobase.xml +index 714cb56b..63e793e2 100644 +--- a/tests/cli-test-xml/compare/virt-install-panic-isa-iobase.xml ++++ b/tests/cli-test-xml/compare/virt-install-panic-isa-iobase.xml +@@ -12,9 +12,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-panic-isa.xml b/tests/cli-test-xml/compare/virt-install-panic-isa.xml +index b391a290..d55cfafd 100644 +--- a/tests/cli-test-xml/compare/virt-install-panic-isa.xml ++++ b/tests/cli-test-xml/compare/virt-install-panic-isa.xml +@@ -12,9 +12,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-q35-defaults.xml b/tests/cli-test-xml/compare/virt-install-q35-defaults.xml +index 657c5e07..2b4a0e6d 100644 +--- a/tests/cli-test-xml/compare/virt-install-q35-defaults.xml ++++ b/tests/cli-test-xml/compare/virt-install-q35-defaults.xml +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -84,9 +82,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-solaris10-defaults.xml b/tests/cli-test-xml/compare/virt-install-solaris10-defaults.xml +index 6d8b9fde..2fbb82d6 100644 +--- a/tests/cli-test-xml/compare/virt-install-solaris10-defaults.xml ++++ b/tests/cli-test-xml/compare/virt-install-solaris10-defaults.xml +@@ -13,8 +13,7 @@ + + + +- +- Opteron_G4 ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-spice-gl.xml b/tests/cli-test-xml/compare/virt-install-spice-gl.xml +index 095c43e5..b801ccbb 100644 +--- a/tests/cli-test-xml/compare/virt-install-spice-gl.xml ++++ b/tests/cli-test-xml/compare/virt-install-spice-gl.xml +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/cli-test-xml/compare/virt-install-win7-uefi.xml b/tests/cli-test-xml/compare/virt-install-win7-uefi.xml +index 796ff73f..15cf997f 100644 +--- a/tests/cli-test-xml/compare/virt-install-win7-uefi.xml ++++ b/tests/cli-test-xml/compare/virt-install-win7-uefi.xml +@@ -16,9 +16,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +@@ -89,9 +87,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/clitest.py b/tests/clitest.py +index 18513597..23d4f109 100644 +--- a/tests/clitest.py ++++ b/tests/clitest.py +@@ -805,6 +805,7 @@ c.add_compare("--disk none --location %(EXISTIMG3)s --nonetworks", "location-iso + c.add_compare("--disk none --location nfs:example.com/fake --nonetworks", "location-nfs") # Using --location nfs + c.add_compare("--disk %(EXISTIMG1)s --pxe --os-variant rhel6.4", "kvm-rhel6") # RHEL6 defaults + c.add_compare("--disk %(EXISTIMG1)s --pxe --os-variant rhel7.0", "kvm-rhel7") # RHEL7 defaults ++c.add_compare("--connect " + utils.uri_kvm_nodomcaps + " --disk %(EXISTIMG1)s --pxe --os-variant rhel7.0", "kvm-cpu-default-fallback") # No domcaps, so mode=host-model isn't safe, so we fallback to host-model-only + c.add_compare("--disk %(EXISTIMG1)s --pxe --os-variant centos7.0", "kvm-centos7") # Centos 7 defaults + c.add_compare("--os-variant win7 --cdrom %(EXISTIMG2)s --boot loader_type=pflash,loader=CODE.fd,nvram_template=VARS.fd --disk %(EXISTIMG1)s", "win7-uefi") # no HYPER-V with UEFI + c.add_compare("--machine q35 --cdrom %(EXISTIMG2)s --disk %(EXISTIMG1)s", "q35-defaults") # proper q35 disk defaults +diff --git a/tests/virtconv-files/libvirt_output/ovf2libvirt_ovf_directory.libvirt b/tests/virtconv-files/libvirt_output/ovf2libvirt_ovf_directory.libvirt +index 92629480..b347515d 100644 +--- a/tests/virtconv-files/libvirt_output/ovf2libvirt_ovf_directory.libvirt ++++ b/tests/virtconv-files/libvirt_output/ovf2libvirt_ovf_directory.libvirt +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/ovf2libvirt_test1.libvirt b/tests/virtconv-files/libvirt_output/ovf2libvirt_test1.libvirt +index a3d5b8d7..cb27a585 100644 +--- a/tests/virtconv-files/libvirt_output/ovf2libvirt_test1.libvirt ++++ b/tests/virtconv-files/libvirt_output/ovf2libvirt_test1.libvirt +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/ovf2libvirt_test1.libvirt.disk_qcow2 b/tests/virtconv-files/libvirt_output/ovf2libvirt_test1.libvirt.disk_qcow2 +index 60d7818b..548f586e 100644 +--- a/tests/virtconv-files/libvirt_output/ovf2libvirt_test1.libvirt.disk_qcow2 ++++ b/tests/virtconv-files/libvirt_output/ovf2libvirt_test1.libvirt.disk_qcow2 +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/ovf2libvirt_test2.libvirt b/tests/virtconv-files/libvirt_output/ovf2libvirt_test2.libvirt +index b8bd1ab9..fb1f8a1a 100644 +--- a/tests/virtconv-files/libvirt_output/ovf2libvirt_test2.libvirt ++++ b/tests/virtconv-files/libvirt_output/ovf2libvirt_test2.libvirt +@@ -14,9 +14,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/ovf2libvirt_test_gzip.libvirt b/tests/virtconv-files/libvirt_output/ovf2libvirt_test_gzip.libvirt +index 76a5b514..5716aa61 100644 +--- a/tests/virtconv-files/libvirt_output/ovf2libvirt_test_gzip.libvirt ++++ b/tests/virtconv-files/libvirt_output/ovf2libvirt_test_gzip.libvirt +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/ovf2libvirt_test_gzip.libvirt.disk_raw b/tests/virtconv-files/libvirt_output/ovf2libvirt_test_gzip.libvirt.disk_raw +index 3fbece09..9e5bed73 100644 +--- a/tests/virtconv-files/libvirt_output/ovf2libvirt_test_gzip.libvirt.disk_raw ++++ b/tests/virtconv-files/libvirt_output/ovf2libvirt_test_gzip.libvirt.disk_raw +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/vmx2libvirt_test-nodisks.libvirt b/tests/virtconv-files/libvirt_output/vmx2libvirt_test-nodisks.libvirt +index f00794ce..92b278cc 100644 +--- a/tests/virtconv-files/libvirt_output/vmx2libvirt_test-nodisks.libvirt ++++ b/tests/virtconv-files/libvirt_output/vmx2libvirt_test-nodisks.libvirt +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/vmx2libvirt_test-vmx-zip.libvirt b/tests/virtconv-files/libvirt_output/vmx2libvirt_test-vmx-zip.libvirt +index 60055b7d..1546ccfc 100644 +--- a/tests/virtconv-files/libvirt_output/vmx2libvirt_test-vmx-zip.libvirt ++++ b/tests/virtconv-files/libvirt_output/vmx2libvirt_test-vmx-zip.libvirt +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/vmx2libvirt_test1.libvirt b/tests/virtconv-files/libvirt_output/vmx2libvirt_test1.libvirt +index 065df6da..f19b83f0 100644 +--- a/tests/virtconv-files/libvirt_output/vmx2libvirt_test1.libvirt ++++ b/tests/virtconv-files/libvirt_output/vmx2libvirt_test1.libvirt +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/vmx2libvirt_test1.libvirt.disk_raw b/tests/virtconv-files/libvirt_output/vmx2libvirt_test1.libvirt.disk_raw +index 910de78d..0b420be3 100644 +--- a/tests/virtconv-files/libvirt_output/vmx2libvirt_test1.libvirt.disk_raw ++++ b/tests/virtconv-files/libvirt_output/vmx2libvirt_test1.libvirt.disk_raw +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/tests/virtconv-files/libvirt_output/vmx2libvirt_vmx-dir.libvirt b/tests/virtconv-files/libvirt_output/vmx2libvirt_vmx-dir.libvirt +index e72a7184..f94691cf 100644 +--- a/tests/virtconv-files/libvirt_output/vmx2libvirt_vmx-dir.libvirt ++++ b/tests/virtconv-files/libvirt_output/vmx2libvirt_vmx-dir.libvirt +@@ -13,9 +13,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index 1f1ad7ec..2de08145 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -95,9 +95,11 @@ class CPU(XMLBuilder): + SPECIAL_MODE_HOST_MODEL = "host-model" + SPECIAL_MODE_HOST_PASSTHROUGH = "host-passthrough" + SPECIAL_MODE_CLEAR = "clear" ++ SPECIAL_MODE_APP_DEFAULT = "default" + SPECIAL_MODES = [SPECIAL_MODE_HOST_MODEL_ONLY, SPECIAL_MODE_HV_DEFAULT, + SPECIAL_MODE_HOST_COPY, SPECIAL_MODE_HOST_MODEL, +- SPECIAL_MODE_HOST_PASSTHROUGH, SPECIAL_MODE_CLEAR] ++ SPECIAL_MODE_HOST_PASSTHROUGH, SPECIAL_MODE_CLEAR, ++ SPECIAL_MODE_APP_DEFAULT] + def set_special_mode(self, val): + if (val == self.SPECIAL_MODE_HOST_MODEL or + val == self.SPECIAL_MODE_HOST_PASSTHROUGH): +@@ -262,6 +264,14 @@ class CPU(XMLBuilder): + return + + mode = guest.x86_cpu_default ++ if mode == self.SPECIAL_MODE_APP_DEFAULT: ++ # If libvirt is new enough to support reliable mode=host-model ++ # then use it, otherwise use previous default HOST_MODEL_ONLY ++ domcaps = guest.lookup_domcaps() ++ mode = self.SPECIAL_MODE_HOST_MODEL_ONLY ++ if domcaps.supports_safe_host_model(): ++ mode = self.SPECIAL_MODE_HOST_MODEL ++ + self.set_special_mode(mode) + if mode == self.SPECIAL_MODE_HOST_MODEL_ONLY: + self._validate_default_host_model_only(guest) +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index 1a84ab95..7d7e2af7 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -85,6 +85,7 @@ class _CPUModel(XMLBuilder): + class _CPUMode(XMLBuilder): + _XML_ROOT_NAME = "mode" + name = XMLProperty("./@name") ++ supported = XMLProperty("./@supported", is_yesno=True) + models = XMLChildProperty(_CPUModel) + + def get_model(self, name): +@@ -187,6 +188,15 @@ class DomainCapabilities(XMLBuilder): + return ("readonly" in self.os.loader.enum_names() and + "yes" in self.os.loader.get_enum("readonly").get_values()) + ++ def supports_safe_host_model(self): ++ """ ++ Return True if domcaps reports support for cpu mode=host-model. ++ host-model infact predates this support, however it wasn't ++ general purpose safe prior to domcaps advertisement ++ """ ++ return [(m.name == "host-model" and m.supported) ++ for m in self.cpu.modes] ++ + + _XML_ROOT_NAME = "domainCapabilities" + os = XMLChildProperty(_OS, is_single=True) +diff --git a/virtinst/guest.py b/virtinst/guest.py +index 9c45b1b8..a19b8999 100644 +--- a/virtinst/guest.py ++++ b/virtinst/guest.py +@@ -128,7 +128,7 @@ class Guest(XMLBuilder): + self.skip_default_usbredir = False + self.skip_default_graphics = False + self.skip_default_rng = False +- self.x86_cpu_default = self.cpu.SPECIAL_MODE_HOST_MODEL_ONLY ++ self.x86_cpu_default = self.cpu.SPECIAL_MODE_APP_DEFAULT + + self.__os_object = None + self._random_uuid = None +-- +2.20.1 + diff --git a/SOURCES/virt-manager-manager-Fix-mem-disk-net-stats-graphs-bz-1543896.patch b/SOURCES/virt-manager-manager-Fix-mem-disk-net-stats-graphs-bz-1543896.patch new file mode 100644 index 0000000..aeb56ba --- /dev/null +++ b/SOURCES/virt-manager-manager-Fix-mem-disk-net-stats-graphs-bz-1543896.patch @@ -0,0 +1,58 @@ +From a0d4d3338e4c21bdbfb6a6498c605fdd85376073 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Fri, 9 Feb 2018 14:02:04 -0500 +Subject: [PATCH] manager: Fix mem, disk, net stats graphs (bz 1543896) + +From: Cole Robinson + +python2/3 division compat messed this up + +https://bugzilla.redhat.com/show_bug.cgi?id=1543896 +(cherry picked from commit 4c7c45908f6afd4e0edae9923218472d353caa3a) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1710772 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + virtManager/domain.py | 2 +- + virtManager/manager.py | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/virtManager/domain.py b/virtManager/domain.py +index c423a177..a0f40352 100644 +--- a/virtManager/domain.py ++++ b/virtManager/domain.py +@@ -1982,7 +1982,7 @@ class vmmDomain(vmmLibvirtObject): + except libvirt.libvirtError as err: + logging.error("Error reading mem stats: %s", err) + +- pcentCurrMem = (curmem // float(totalmem)) * 100 ++ pcentCurrMem = (curmem / float(totalmem)) * 100 + pcentCurrMem = max(0.0, min(pcentCurrMem, 100.0)) + + return pcentCurrMem, curmem +diff --git a/virtManager/manager.py b/virtManager/manager.py +index d6640fbc..d38fc4e4 100644 +--- a/virtManager/manager.py ++++ b/virtManager/manager.py +@@ -1068,7 +1068,7 @@ class vmmManager(vmmGObjectUI): + return + + d1, d2 = obj.disk_io_vectors(GRAPH_LEN, self.max_disk_rate) +- data = [(x + y) // 2 for x, y in zip(d1, d2)] ++ data = [(x + y) / 2 for x, y in zip(d1, d2)] + cell.set_property('data_array', data) + + def network_traffic_img(self, column_ignore, cell, model, _iter, data): +@@ -1077,5 +1077,5 @@ class vmmManager(vmmGObjectUI): + return + + d1, d2 = obj.network_traffic_vectors(GRAPH_LEN, self.max_net_rate) +- data = [(x + y) // 2 for x, y in zip(d1, d2)] ++ data = [(x + y) / 2 for x, y in zip(d1, d2)] + cell.set_property('data_array', data) +-- +2.21.0 + diff --git a/SOURCES/virt-manager-prefs-Add-a-setting-to-enable-disable-libguestfs-inspection.patch b/SOURCES/virt-manager-prefs-Add-a-setting-to-enable-disable-libguestfs-inspection.patch new file mode 100644 index 0000000..d191463 --- /dev/null +++ b/SOURCES/virt-manager-prefs-Add-a-setting-to-enable-disable-libguestfs-inspection.patch @@ -0,0 +1,270 @@ +From b62d337031b89d9c3cfdb3ee35a618f9fdcd013d Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Tue, 13 Mar 2018 13:00:59 -0400 +Subject: [PATCH] prefs: Add a setting to enable/disable libguestfs inspection + +From: Cole Robinson + +Rather than key it on the library being available. Makes it much +easier to test both modes of behavior. + +Fix up a few inspection bugs while I'm in the area, and convert +it to be more singleton like. + +(cherry picked from commit 6b1278ccda1bf52fd51c619858dfeaffb12a4029) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1566187 + +Conflicts: + - The codebase is completely different so this patch backports only + the bare minimum to add setting to enable/disable inspection + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + .../org.virt-manager.virt-manager.gschema.xml | 6 ++ + ui/preferences.ui | 65 ++++++++++++++++++- + virtManager/config.py | 11 ++++ + virtManager/details.py | 4 +- + virtManager/engine.py | 4 +- + virtManager/preferences.py | 23 +++++++ + 6 files changed, 108 insertions(+), 5 deletions(-) + +diff --git a/data/org.virt-manager.virt-manager.gschema.xml b/data/org.virt-manager.virt-manager.gschema.xml +index d88450f5..f6db721b 100644 +--- a/data/org.virt-manager.virt-manager.gschema.xml ++++ b/data/org.virt-manager.virt-manager.gschema.xml +@@ -47,6 +47,12 @@ + Show system tray icon while app is running + + ++ ++ true ++ Enable libguestfs VM inspection ++ Enable libguestfs VM inspection for things like OS icons, installed applications, etc. This only works if python libguestfs bindings are installed. ++ ++ + + 0 + Default manager window height +diff --git a/ui/preferences.ui b/ui/preferences.ui +index 81802a28..01b54602 100644 +--- a/ui/preferences.ui ++++ b/ui/preferences.ui +@@ -1,5 +1,5 @@ + +- ++ + + + +@@ -49,6 +49,7 @@ + True + True + False ++ start + True + True + +@@ -58,6 +59,68 @@ + 0 + + ++ ++ ++ True ++ False ++ 3 ++ ++ ++ Enable libgues_tfs VM introspection ++ True ++ True ++ False ++ start ++ True ++ True ++ ++ ++ ++ 0 ++ 0 ++ ++ ++ ++ ++ False ++ 3 ++ ++ ++ True ++ False ++ gtk-dialog-warning ++ ++ ++ False ++ True ++ 0 ++ ++ ++ ++ ++ True ++ False ++ <small>You must restart the application for this change to take effect</small> ++ True ++ ++ ++ False ++ True ++ 1 ++ ++ ++ ++ ++ 0 ++ 1 ++ ++ ++ ++ ++ 0 ++ 1 ++ ++ + + + +diff --git a/virtManager/config.py b/virtManager/config.py +index a3daf341..b7bee29b 100644 +--- a/virtManager/config.py ++++ b/virtManager/config.py +@@ -233,6 +233,9 @@ class vmmConfig(object): + ret = ["vnc", "spice"] + return ret + ++ def inspection_supported(self): ++ return self.support_inspection and self.get_libguestfs_inspect_vms() ++ + def remove_notifier(self, h): + self.conf.notify_remove(h) + +@@ -395,6 +398,14 @@ class vmmConfig(object): + def set_view_system_tray(self, val): + self.conf.set("/system-tray", val) + ++ # Libguestfs VM inspection ++ def on_libguestfs_inspect_vms_changed(self, cb): ++ return self.conf.notify_add("/enable-libguestfs-vm-inspection", cb) ++ def get_libguestfs_inspect_vms(self): ++ return self.conf.get("/enable-libguestfs-vm-inspection") ++ def set_libguestfs_inspect_vms(self, val): ++ self.conf.set("/enable-libguestfs-vm-inspection", val) ++ + + # Stats history and interval length + def get_stats_history_length(self): +diff --git a/virtManager/details.py b/virtManager/details.py +index be0f25c9..65fea500 100644 +--- a/virtManager/details.py ++++ b/virtManager/details.py +@@ -2420,7 +2420,7 @@ class vmmDetails(vmmGObjectUI): + self.widget(name).set_value(int(IdMap_proper)) + + def refresh_inspection_page(self): +- inspection_supported = self.config.support_inspection ++ inspection_supported = self.config.inspection_supported() + uiutil.set_grid_row_visible(self.widget("details-overview-error"), + self.vm.inspection.error) + if self.vm.inspection.error: +@@ -3120,7 +3120,7 @@ class vmmDetails(vmmGObjectUI): + + add_hw_list_option(_("Overview"), HW_LIST_TYPE_GENERAL, "computer") + if not self.is_customize_dialog: +- if self.config.support_inspection: ++ if self.config.inspection_supported(): + add_hw_list_option(_("OS information"), + HW_LIST_TYPE_INSPECTION, "computer") + add_hw_list_option(_("Performance"), HW_LIST_TYPE_STATS, +diff --git a/virtManager/engine.py b/virtManager/engine.py +index 90ff97e9..10e04e03 100644 +--- a/virtManager/engine.py ++++ b/virtManager/engine.py +@@ -497,8 +497,8 @@ class vmmEngine(vmmGObject): + + def _create_inspection_thread(self): + logging.debug("libguestfs inspection support: %s", +- self.config.support_inspection) +- if not self.config.support_inspection: ++ self.config.inspection_supported()) ++ if not self.config.inspection_supported(): + return + + from .inspection import vmmInspection +diff --git a/virtManager/preferences.py b/virtManager/preferences.py +index 5739af29..fbffa1b5 100644 +--- a/virtManager/preferences.py ++++ b/virtManager/preferences.py +@@ -35,7 +35,10 @@ class vmmPreferences(vmmGObjectUI): + + self._init_ui() + ++ self._orig_libguestfs_val = None ++ + self.refresh_view_system_tray() ++ self.refresh_libguestfs() + self.refresh_update_interval() + self.refresh_console_accels() + self.refresh_console_scaling() +@@ -63,6 +66,7 @@ class vmmPreferences(vmmGObjectUI): + "on_prefs_close_clicked": self.close, + + "on_prefs_system_tray_toggled": self.change_view_system_tray, ++ "on_prefs_libguestfs_toggled": self.change_libguestfs, + "on_prefs_stats_update_interval_changed": self.change_update_interval, + "on_prefs_console_accels_toggled": self.change_console_accels, + "on_prefs_console_scaling_changed": self.change_console_scaling, +@@ -173,6 +177,11 @@ class vmmPreferences(vmmGObjectUI): + combo.set_model(model) + uiutil.init_combo_text_column(combo, 1) + ++ if not self.config.support_inspection: ++ self.widget("prefs-libguestfs").set_sensitive(False) ++ self.widget("prefs-libguestfs").set_tooltip_text( ++ _("python libguestfs support is not installed")) ++ + + ######################### + # Config Change Options # +@@ -182,6 +191,12 @@ class vmmPreferences(vmmGObjectUI): + val = self.config.get_view_system_tray() + self.widget("prefs-system-tray").set_active(bool(val)) + ++ def refresh_libguestfs(self): ++ val = self.config.get_libguestfs_inspect_vms() ++ if self._orig_libguestfs_val is None: ++ self._orig_libguestfs_val = val ++ self.widget("prefs-libguestfs").set_active(bool(val)) ++ + def refresh_update_interval(self): + self.widget("prefs-stats-update-interval").set_value( + self.config.get_stats_update_interval()) +@@ -333,6 +348,14 @@ class vmmPreferences(vmmGObjectUI): + + def change_view_system_tray(self, src): + self.config.set_view_system_tray(src.get_active()) ++ def change_libguestfs(self, src): ++ val = src.get_active() ++ self.config.set_libguestfs_inspect_vms(val) ++ ++ vis = (val != self._orig_libguestfs_val and ++ self.widget("prefs-libguestfs").get_sensitive()) ++ uiutil.set_grid_row_visible( ++ self.widget("prefs-libguestfs-warn-box"), vis) + + def change_update_interval(self, src): + self.config.set_stats_update_interval(src.get_value_as_int()) +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virt-clone-fix-force-copy-of-empty-cdrom-or-floppy-disk.patch b/SOURCES/virt-manager-virt-clone-fix-force-copy-of-empty-cdrom-or-floppy-disk.patch new file mode 100644 index 0000000..efd862a --- /dev/null +++ b/SOURCES/virt-manager-virt-clone-fix-force-copy-of-empty-cdrom-or-floppy-disk.patch @@ -0,0 +1,52 @@ +From 6508e3d1c85a2cc1e3225bb4808b67c7d2ad5109 Mon Sep 17 00:00:00 2001 +Message-Id: <6508e3d1c85a2cc1e3225bb4808b67c7d2ad5109@dist-git> +From: Pavel Hrdina +Date: Thu, 28 Feb 2019 17:53:58 +0100 +Subject: [PATCH] virt-clone: fix force-copy of empty cdrom or floppy disk + +There is nothing to copy so don't try to generate new path. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1564863 + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 57db41854c86704af331d283810db0d86786825a) +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + tests/clitest.py | 1 + + virt-clone | 5 ++--- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tests/clitest.py b/tests/clitest.py +index 2288f0aa..a6d995fe 100644 +--- a/tests/clitest.py ++++ b/tests/clitest.py +@@ -1043,6 +1043,7 @@ c.add_invalid("--original-xml %(CLONE_DISK_XML)s --file virt-install --file %(EX + c.add_invalid("--original-xml %(CLONE_DISK_XML)s --file %(NEWCLONEIMG1)s --file %(NEWCLONEIMG2)s --force-copy=hdc") # XML w/ disks, force copy but not enough disks passed + c.add_invalid("--original-xml %(CLONE_STORAGE_XML)s --file /tmp/clonevol") # XML w/ managed storage, specify unmanaged path (should fail) + c.add_invalid("--original-xml %(CLONE_NOEXIST_XML)s --file %(EXISTIMG1)s") # XML w/ non-existent storage, WITHOUT --preserve ++c.add_valid("--original-xml %(CLONE_STORAGE_XML)s --auto-clone --force-copy fda") # force copy empty floppy drive + + + +diff --git a/virt-clone b/virt-clone +index 12f0d062..291f7ab0 100755 +--- a/virt-clone ++++ b/virt-clone +@@ -81,11 +81,10 @@ def get_clone_diskfile(new_diskfiles, design, preserve, auto_clone): + new_diskfiles.append(None) + newpath = new_diskfiles[newidx] + +- if newpath is None and auto_clone: +- newpath = design.generate_clone_disk_path(origpath) +- + if origpath is None: + newpath = None ++ elif newpath is None and auto_clone: ++ newpath = design.generate_clone_disk_path(origpath) + + clonepaths.append(newpath) + newidx += 1 +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virt-manager-Wire-up-support-for-default-mode-host-model.patch b/SOURCES/virt-manager-virt-manager-Wire-up-support-for-default-mode-host-model.patch new file mode 100644 index 0000000..2a6c7a6 --- /dev/null +++ b/SOURCES/virt-manager-virt-manager-Wire-up-support-for-default-mode-host-model.patch @@ -0,0 +1,220 @@ +From 1b24900787b6b6cb52dae323ed0c6cff7492f66a Mon Sep 17 00:00:00 2001 +Message-Id: <1b24900787b6b6cb52dae323ed0c6cff7492f66a@dist-git> +From: Pavel Hrdina +Date: Thu, 4 Oct 2018 14:19:32 -0400 +Subject: [PATCH] virt-manager: Wire up support for default mode=host-model + +From: Cole Robinson + +Simplify things a long the way + +(cherry picked from commit 9edca3486abd76e9a7c2c2fe3ad12ae32fc65733) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Conflicts: + - CPU class is renamed to DomainCpu in upstream + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtManager/config.py | 20 +++----------------- + virtManager/create.py | 3 +-- + virtManager/details.py | 8 ++++---- + virtManager/domain.py | 2 +- + virtManager/preferences.py | 16 ++++++++++------ + virtinst/cli.py | 2 +- + virtinst/cpu.py | 19 ++++++++++--------- + 7 files changed, 30 insertions(+), 40 deletions(-) + +diff --git a/virtManager/config.py b/virtManager/config.py +index 4d47b477..a3daf341 100644 +--- a/virtManager/config.py ++++ b/virtManager/config.py +@@ -198,7 +198,6 @@ class vmmConfig(object): + self.hv_packages = ["qemu-kvm"] + + self.default_storage_format_from_config = "qcow2" +- self.cpu_default_from_config = CPU.SPECIAL_MODE_HOST_MODEL_ONLY + self.default_console_resizeguest = 0 + self.default_add_spice_usbredir = "yes" + +@@ -531,24 +530,11 @@ class vmmConfig(object): + def set_storage_format(self, typ): + self.conf.set("/new-vm/storage-format", typ.lower()) + +- def get_default_cpu_setting(self, raw=False, for_cpu=False): ++ def get_default_cpu_setting(self): + ret = self.conf.get("/new-vm/cpu-default") +- whitelist = [CPU.SPECIAL_MODE_HOST_MODEL_ONLY, +- CPU.SPECIAL_MODE_HOST_MODEL, +- CPU.SPECIAL_MODE_HV_DEFAULT] +- +- if ret not in whitelist: +- ret = "default" +- if ret == "default" and not raw: +- ret = self.cpu_default_from_config +- if ret not in whitelist: +- ret = whitelist[0] +- +- if for_cpu and ret == CPU.SPECIAL_MODE_HOST_MODEL: +- # host-model has known issues, so use our 'copy cpu' +- # behavior until host-model does what we need +- ret = CPU.SPECIAL_MODE_HOST_COPY + ++ if ret not in CPU.SPECIAL_MODES: ++ ret = CPU.SPECIAL_MODE_APP_DEFAULT + return ret + def set_default_cpu_setting(self, val): + self.conf.set("/new-vm/cpu-default", val.lower()) +diff --git a/virtManager/create.py b/virtManager/create.py +index d5d1d5a0..3e1fc624 100644 +--- a/virtManager/create.py ++++ b/virtManager/create.py +@@ -1880,8 +1880,7 @@ class vmmCreate(vmmGObjectUI): + guest.skip_default_sound = not self.config.get_new_vm_sound() + guest.skip_default_usbredir = ( + self.config.get_add_spice_usbredir() == "no") +- guest.x86_cpu_default = self.config.get_default_cpu_setting( +- for_cpu=True) ++ guest.x86_cpu_default = self.config.get_default_cpu_setting() + + guest.add_default_devices() + except Exception as e: +diff --git a/virtManager/details.py b/virtManager/details.py +index ebe010b5..be0f25c9 100644 +--- a/virtManager/details.py ++++ b/virtManager/details.py +@@ -972,7 +972,8 @@ class vmmDetails(vmmGObjectUI): + cpu_model.set_entry_text_column(0) + cpu_model.set_row_separator_func(sep_func, None) + model.set_sort_column_id(1, Gtk.SortType.ASCENDING) +- model.append([_("Application Default"), "1", "appdefault", False]) ++ model.append([_("Application Default"), "1", ++ virtinst.CPU.SPECIAL_MODE_APP_DEFAULT, False]) + model.append([_("Hypervisor Default"), "2", + virtinst.CPU.SPECIAL_MODE_HV_DEFAULT, False]) + model.append([_("Clear CPU configuration"), "3", +@@ -1572,12 +1573,11 @@ class vmmDetails(vmmGObjectUI): + if text == row[0]: + key = row[2] + break +- + if not key: + return text + +- if key == "appdefault": +- return self.config.get_default_cpu_setting(for_cpu=True) ++ if key == virtinst.CPU.SPECIAL_MODE_APP_DEFAULT: ++ return self.config.get_default_cpu_setting() + return key + + def inspection_refresh(self, src_ignore): +diff --git a/virtManager/domain.py b/virtManager/domain.py +index ed94cf16..50ccbdb1 100644 +--- a/virtManager/domain.py ++++ b/virtManager/domain.py +@@ -663,7 +663,7 @@ class vmmDomain(vmmLibvirtObject): + + if model != _SENTINEL: + if model in guest.cpu.SPECIAL_MODES: +- guest.cpu.set_special_mode(model) ++ guest.cpu.set_special_mode(guest, model) + else: + guest.cpu.model = model + self._redefine_xmlobj(guest) +diff --git a/virtManager/preferences.py b/virtManager/preferences.py +index bf67590f..5739af29 100644 +--- a/virtManager/preferences.py ++++ b/virtManager/preferences.py +@@ -23,6 +23,8 @@ import logging + from gi.repository import Gtk + from gi.repository import Gdk + ++from virtinst import CPU ++ + from . import uiutil + from .baseclass import vmmGObjectUI + +@@ -160,11 +162,13 @@ class vmmPreferences(vmmGObjectUI): + combo = self.widget("prefs-cpu-default") + # [gsettings value, string] + model = Gtk.ListStore(str, str) +- for row in [["default", _("System default (%s)") % +- self.config.cpu_default_from_config], +- ["hv-default", _("Hypervisor default")], +- ["host-model-only", _("Nearest host CPU model")], +- ["host-model", _("Copy host CPU definition")]]: ++ for row in [ ++ [CPU.SPECIAL_MODE_APP_DEFAULT, _("Application default")], ++ [CPU.SPECIAL_MODE_HV_DEFAULT, _("Hypervisor default")], ++ [CPU.SPECIAL_MODE_HOST_MODEL_ONLY, ++ _("Nearest host CPU model")], ++ [CPU.SPECIAL_MODE_HOST_MODEL, ++ _("Copy host CPU definition")]]: + model.append(row) + combo.set_model(model) + uiutil.init_combo_text_column(combo, 1) +@@ -211,7 +215,7 @@ class vmmPreferences(vmmGObjectUI): + uiutil.set_list_selection(combo, val) + def refresh_cpu_default(self): + combo = self.widget("prefs-cpu-default") +- val = self.config.get_default_cpu_setting(raw=True) ++ val = self.config.get_default_cpu_setting() + uiutil.set_list_selection(combo, val) + + def refresh_cpu_poll(self): +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 3d3ac0ac..7e8ab536 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -1484,7 +1484,7 @@ class ParserCPU(VirtCLIParser): + val = inst.SPECIAL_MODE_CLEAR + + if val in inst.SPECIAL_MODES: +- inst.set_special_mode(val) ++ inst.set_special_mode(self.guest, val) + else: + inst.model = val + +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index 2de08145..356df206 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -100,7 +100,15 @@ class CPU(XMLBuilder): + SPECIAL_MODE_HOST_COPY, SPECIAL_MODE_HOST_MODEL, + SPECIAL_MODE_HOST_PASSTHROUGH, SPECIAL_MODE_CLEAR, + SPECIAL_MODE_APP_DEFAULT] +- def set_special_mode(self, val): ++ def set_special_mode(self, guest, val): ++ if val == self.SPECIAL_MODE_APP_DEFAULT: ++ # If libvirt is new enough to support reliable mode=host-model ++ # then use it, otherwise use previous default HOST_MODEL_ONLY ++ domcaps = guest.lookup_domcaps() ++ val = self.SPECIAL_MODE_HOST_MODEL_ONLY ++ if domcaps.supports_safe_host_model(): ++ val = self.SPECIAL_MODE_HOST_MODEL ++ + if (val == self.SPECIAL_MODE_HOST_MODEL or + val == self.SPECIAL_MODE_HOST_PASSTHROUGH): + self.model = None +@@ -264,15 +272,8 @@ class CPU(XMLBuilder): + return + + mode = guest.x86_cpu_default +- if mode == self.SPECIAL_MODE_APP_DEFAULT: +- # If libvirt is new enough to support reliable mode=host-model +- # then use it, otherwise use previous default HOST_MODEL_ONLY +- domcaps = guest.lookup_domcaps() +- mode = self.SPECIAL_MODE_HOST_MODEL_ONLY +- if domcaps.supports_safe_host_model(): +- mode = self.SPECIAL_MODE_HOST_MODEL + +- self.set_special_mode(mode) ++ self.set_special_mode(guest, mode) + if mode == self.SPECIAL_MODE_HOST_MODEL_ONLY: + self._validate_default_host_model_only(guest) + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virt-manager-add-new-checkbox-to-control-CPU-security-features.patch b/SOURCES/virt-manager-virt-manager-add-new-checkbox-to-control-CPU-security-features.patch new file mode 100644 index 0000000..7cbb2cf --- /dev/null +++ b/SOURCES/virt-manager-virt-manager-add-new-checkbox-to-control-CPU-security-features.patch @@ -0,0 +1,187 @@ +From 50eaeeb15e51030ac9548a90e7388868a645ecca Mon Sep 17 00:00:00 2001 +Message-Id: <50eaeeb15e51030ac9548a90e7388868a645ecca@dist-git> +From: Pavel Hrdina +Date: Wed, 3 Apr 2019 15:23:20 +0200 +Subject: [PATCH] virt-manager: add new checkbox to control CPU security + features +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +By default we copy CPU security features to the guest if specific CPU +model is selected. However, this may break migration and will affect +performance of the guest. This adds an option to disable this default +behavior. + +The checkbox is clickable only on x86 and only on host where we can +detect any CPU security features, otherwise a tooltip is set to notify +users that there is nothing to copy. + +Signed-off-by: Pavel Hrdina +Reviewed-by: Daniel P. Berrangé +(cherry picked from commit 8720637cff7b0766d9e27a60b0f81740176d70c8) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667 + +Signed-off-by: Pavel Hrdina +Reviewed-by: Cole Robinson +--- + ui/details.ui | 15 +++++++++++++++ + virtManager/details.py | 21 +++++++++++++++++++++ + virtManager/domain.py | 5 +++-- + virtinst/cpu.py | 30 ++++++++++++++++++++++++++++++ + 4 files changed, 69 insertions(+), 2 deletions(-) + +diff --git a/ui/details.ui b/ui/details.ui +index e0689f4d..6fe5e18a 100644 +--- a/ui/details.ui ++++ b/ui/details.ui +@@ -2213,6 +2213,21 @@ + 1 + + ++ ++ ++ Enable available CPU security flaw mitigations ++ True ++ True ++ False ++ True ++ ++ ++ ++ 0 ++ 2 ++ 2 ++ ++ + + + +diff --git a/virtManager/details.py b/virtManager/details.py +index 65fea500..e5028b25 100644 +--- a/virtManager/details.py ++++ b/virtManager/details.py +@@ -507,6 +507,7 @@ class vmmDetails(vmmGObjectUI): + "on_cpu_maxvcpus_changed": self.config_maxvcpus_changed, + "on_cpu_model_changed": lambda *x: self.config_cpu_model_changed(x), + "on_cpu_copy_host_clicked": self.on_cpu_copy_host_clicked, ++ "on_cpu_secure_toggled": self.on_cpu_secure_toggled, + "on_cpu_cores_changed": self.config_cpu_topology_changed, + "on_cpu_sockets_changed": self.config_cpu_topology_changed, + "on_cpu_threads_changed": self.config_cpu_topology_changed, +@@ -1700,6 +1701,11 @@ class vmmDetails(vmmGObjectUI): + def on_cpu_copy_host_clicked(self, src): + uiutil.set_grid_row_visible( + self.widget("cpu-model"), not src.get_active()) ++ uiutil.set_grid_row_visible( ++ self.widget("cpu-secure"), not src.get_active()) ++ self.enable_apply(EDIT_CPU) ++ ++ def on_cpu_secure_toggled(self, ignore): + self.enable_apply(EDIT_CPU) + + def config_cpu_model_changed(self, ignore): +@@ -1999,6 +2005,7 @@ class vmmDetails(vmmGObjectUI): + + if self.edited(EDIT_CPU): + kwargs["model"] = self.get_config_cpu_model() ++ kwargs["secure"] = self.widget("cpu-secure").get_active() + + if self.edited(EDIT_TOPOLOGY): + do_top = self.widget("cpu-topology-enable").get_active() +@@ -2529,6 +2536,11 @@ class vmmDetails(vmmGObjectUI): + n1, n2 = self.vm.network_traffic_vectors() + self.network_traffic_graph.set_property("data_array", n1 + n2) + ++ def _cpu_secure_is_available(self): ++ domcaps = self.vm.get_domain_capabilities() ++ features = domcaps.get_cpu_security_features() ++ return self.vm.get_xmlobj().os.is_x86() and len(features) > 0 ++ + def refresh_config_cpu(self): + # Set topology first, because it impacts maxvcpus values + cpu = self.vm.get_cpu_config() +@@ -2582,6 +2594,15 @@ class vmmDetails(vmmGObjectUI): + self.widget("cpu-copy-host").set_active(bool(is_host)) + self.on_cpu_copy_host_clicked(self.widget("cpu-copy-host")) + ++ if not self._cpu_secure_is_available(): ++ self.widget("cpu-secure").set_sensitive(False) ++ self.widget("cpu-secure").set_tooltip_text( ++ "No security features to copy, the host is missing " ++ "security patches or the host CPU is not vulnerable.") ++ ++ cpu.check_security_features(self.vm.get_xmlobj()) ++ self.widget("cpu-secure").set_active(cpu.secure) ++ + def refresh_config_memory(self): + host_mem_widget = self.widget("state-host-memory") + host_mem = self.vm.conn.host_memory_size() // 1024 +diff --git a/virtManager/domain.py b/virtManager/domain.py +index 7c1f511d..c423a177 100644 +--- a/virtManager/domain.py ++++ b/virtManager/domain.py +@@ -647,7 +647,7 @@ class vmmDomain(vmmLibvirtObject): + self._redefine_xmlobj(xmlobj) + + def define_cpu(self, vcpus=_SENTINEL, maxvcpus=_SENTINEL, +- model=_SENTINEL, sockets=_SENTINEL, ++ model=_SENTINEL, secure=_SENTINEL, sockets=_SENTINEL, + cores=_SENTINEL, threads=_SENTINEL): + guest = self._make_xmlobj_to_define() + +@@ -661,7 +661,8 @@ class vmmDomain(vmmLibvirtObject): + guest.cpu.cores = cores + guest.cpu.threads = threads + +- if model != _SENTINEL: ++ if secure != _SENTINEL or model != _SENTINEL: ++ guest.cpu.secure = secure + if model in guest.cpu.SPECIAL_MODES: + guest.cpu.set_special_mode(guest, model) + else: +diff --git a/virtinst/cpu.py b/virtinst/cpu.py +index 4776f90e..c76f06e8 100644 +--- a/virtinst/cpu.py ++++ b/virtinst/cpu.py +@@ -145,6 +145,36 @@ class CPU(XMLBuilder): + if not exists: + self.add_feature(feature) + ++ def check_security_features(self, guest): ++ """ ++ Since 'secure' property is not exported into the domain XML ++ we might need to refresh its state. ++ """ ++ domcaps = guest.lookup_domcaps() ++ features = domcaps.get_cpu_security_features() ++ ++ if len(features) == 0: ++ self.secure = False ++ return ++ ++ for feature in features: ++ exists = False ++ for f in self.features: ++ if f.name == feature and f.policy == "require": ++ exists = True ++ break ++ if not exists: ++ self.secure = False ++ return ++ ++ def _remove_security_features(self, guest): ++ domcaps = guest.lookup_domcaps() ++ for feature in domcaps.get_cpu_security_features(): ++ for f in self.features: ++ if f.name == feature and f.policy == "require": ++ self.remove_child(f) ++ break ++ + def set_model(self, guest, val): + logging.debug("setting cpu model %s", val) + if val: +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtManager-clone-build-default-clone-path-if-we-know-how.patch b/SOURCES/virt-manager-virtManager-clone-build-default-clone-path-if-we-know-how.patch new file mode 100644 index 0000000..6fa8ff5 --- /dev/null +++ b/SOURCES/virt-manager-virtManager-clone-build-default-clone-path-if-we-know-how.patch @@ -0,0 +1,73 @@ +From 99ec53b6e43323373623d2e93d5ef06436350e5d Mon Sep 17 00:00:00 2001 +Message-Id: <99ec53b6e43323373623d2e93d5ef06436350e5d@dist-git> +From: Pavel Hrdina +Date: Tue, 5 Mar 2019 10:16:06 +0100 +Subject: [PATCH] virtManager: clone: build default clone path if we know how + +Function do_we_default returns only if we want to default to clone disk +even if we know how to create default clone path. Only in case that the +storage pool is TYPE_DISK we don't know how to create default path and +we cannot default to clone that disk. In all other cases as ReadOnly +disk or Shareable and so on we can prepare the default path for user if +they decide to clone it. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1565106 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +(cherry picked from commit a02fc0d02272ade8aea851be4e0f7c7ec38de2fe) +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtManager/clone.py | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/virtManager/clone.py b/virtManager/clone.py +index eb74be5b..501683ff 100644 +--- a/virtManager/clone.py ++++ b/virtManager/clone.py +@@ -102,6 +102,7 @@ def do_we_default(conn, vol, path, ro, shared, devtype): + """ Returns (do we clone by default?, info string if not)""" + ignore = conn + info = "" ++ can_default = True + + def append_str(str1, str2, delim=", "): + if not str2: +@@ -124,11 +125,12 @@ def do_we_default(conn, vol, path, ro, shared, devtype): + pool_type = vol.get_parent_pool().get_type() + if pool_type == virtinst.StoragePool.TYPE_DISK: + info = append_str(info, _("Disk device")) ++ can_default = False + + if shared: + info = append_str(info, _("Shareable")) + +- return (not info, info) ++ return (not info, info, can_default) + + + class vmmCloneVM(vmmGObjectUI): +@@ -383,8 +385,8 @@ class vmmCloneVM(vmmGObjectUI): + skip_targets.remove(force_target) + + vol = self.conn.get_vol_by_path(path) +- default, definfo = do_we_default(self.conn, vol, path, ro, shared, +- devtype) ++ default, definfo, can_default = do_we_default(self.conn, vol, path, ++ ro, shared, devtype) + + def storage_add(failinfo=None): + # pylint: disable=cell-var-from-loop +@@ -419,7 +421,7 @@ class vmmCloneVM(vmmGObjectUI): + storage_row[STORAGE_INFO_CAN_CLONE] = True + + # If we cannot create default clone_path don't even try to do that +- if not default: ++ if not can_default: + storage_add() + continue + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtManager-clone-check-which-storage-pools-supports-volume-cloning.patch b/SOURCES/virt-manager-virtManager-clone-check-which-storage-pools-supports-volume-cloning.patch new file mode 100644 index 0000000..0301d3a --- /dev/null +++ b/SOURCES/virt-manager-virtManager-clone-check-which-storage-pools-supports-volume-cloning.patch @@ -0,0 +1,108 @@ +From 7004099551885f285f371a8464b08e4d3790d3fa Mon Sep 17 00:00:00 2001 +Message-Id: <7004099551885f285f371a8464b08e4d3790d3fa@dist-git> +From: Pavel Hrdina +Date: Thu, 28 Feb 2019 11:47:40 +0100 +Subject: [PATCH] virtManager: clone: check which storage pools supports volume + cloning + +When cloning a guest in virt-manager the GUI shows a list of disks and +select default cloning policy for every disk. For storage pools where +we know that cloning is not possible we should not select that option +as default one. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1463066 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +(cherry picked from commit 26a433fc421b7c23e02deb8fe84cdedc21fd8f95) +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtManager/clone.py | 10 +++++----- + virtManager/storagepool.py | 4 ++-- + virtinst/storage.py | 24 ++++++++++++++++++------ + 3 files changed, 25 insertions(+), 13 deletions(-) + +diff --git a/virtManager/clone.py b/virtManager/clone.py +index baa4d2e6..eb74be5b 100644 +--- a/virtManager/clone.py ++++ b/virtManager/clone.py +@@ -75,6 +75,10 @@ def can_we_clone(conn, vol, path): + vol.get_parent_pool().get_backend()): + if conn.is_remote() or not os.access(path, os.R_OK): + msg = _("Connection does not support managed storage cloning.") ++ ++ pool = vol.get_parent_pool() ++ if not pool.supports_volume_creation(clone=True): ++ msg = _("Cannot clone %s storage pool.") % pool.get_type() + else: + is_dev = path.startswith("/dev") + if conn.is_remote(): +@@ -118,12 +122,8 @@ def do_we_default(conn, vol, path, ro, shared, devtype): + + if vol: + pool_type = vol.get_parent_pool().get_type() +- if pool_type == virtinst.StoragePool.TYPE_SCSI: +- info = append_str(info, _("SCSI device")) +- elif pool_type == virtinst.StoragePool.TYPE_DISK: ++ if pool_type == virtinst.StoragePool.TYPE_DISK: + info = append_str(info, _("Disk device")) +- elif pool_type == virtinst.StoragePool.TYPE_ISCSI: +- info = append_str(info, _("iSCSI share")) + + if shared: + info = append_str(info, _("Shareable")) +diff --git a/virtManager/storagepool.py b/virtManager/storagepool.py +index 6eaf16f0..e621ff63 100644 +--- a/virtManager/storagepool.py ++++ b/virtManager/storagepool.py +@@ -250,8 +250,8 @@ class vmmStoragePool(vmmLibvirtObject): + def can_change_alloc(self): + typ = self.get_type() + return (typ in [StoragePool.TYPE_LOGICAL, StoragePool.TYPE_ZFS]) +- def supports_volume_creation(self): +- return self.get_xmlobj().supports_volume_creation() ++ def supports_volume_creation(self, clone=False): ++ return self.get_xmlobj().supports_volume_creation(clone=clone) + + def get_type(self): + return self.get_xmlobj().type +diff --git a/virtinst/storage.py b/virtinst/storage.py +index c7c75127..9966401a 100644 +--- a/virtinst/storage.py ++++ b/virtinst/storage.py +@@ -467,13 +467,25 @@ class StoragePool(_StorageObject): + return ["auto", "bsd", "dos", "dvh", "gpt", "mac", "pc98", "sun"] + return [] + +- def supports_volume_creation(self): +- return self.type in [ +- StoragePool.TYPE_DIR, StoragePool.TYPE_FS, +- StoragePool.TYPE_NETFS, StoragePool.TYPE_LOGICAL, ++ def supports_volume_creation(self, clone=False): ++ """ ++ Returns if pool supports volume creation. If @clone is set to True ++ returns if pool supports volume cloning (virVolCreateXMLFrom). ++ """ ++ supported = [ ++ StoragePool.TYPE_DIR, ++ StoragePool.TYPE_FS, ++ StoragePool.TYPE_NETFS, + StoragePool.TYPE_DISK, +- StoragePool.TYPE_RBD, StoragePool.TYPE_SHEEPDOG, +- StoragePool.TYPE_ZFS] ++ StoragePool.TYPE_LOGICAL, ++ StoragePool.TYPE_RBD, ++ ] ++ if not clone: ++ supported.extend([ ++ StoragePool.TYPE_SHEEPDOG, ++ StoragePool.TYPE_ZFS, ++ ]) ++ return self.type in supported + + def get_disk_type(self): + if (self.type == StoragePool.TYPE_DISK or +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtManager-createinterface-don-t-delete-ip-config-window.patch b/SOURCES/virt-manager-virtManager-createinterface-don-t-delete-ip-config-window.patch new file mode 100644 index 0000000..f539470 --- /dev/null +++ b/SOURCES/virt-manager-virtManager-createinterface-don-t-delete-ip-config-window.patch @@ -0,0 +1,37 @@ +From ed5adc76d372618e9858e13ce95b9a21852355a5 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Wed, 6 Mar 2019 17:10:37 +0100 +Subject: [PATCH] virtManager: createinterface: don't delete ip-config window + +RHEL-only + +When creating new host network interface the ip-config window can be +closed even for incorrect configuration which will remove it completely +from memory and the next time user tries to open host network interface +configuration virt-manager fails to clear the ip-config window. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1563638 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtManager/createinterface.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/virtManager/createinterface.py b/virtManager/createinterface.py +index fa2c6e79..036f6ab5 100644 +--- a/virtManager/createinterface.py ++++ b/virtManager/createinterface.py +@@ -1101,7 +1101,7 @@ class vmmCreateInterface(vmmGObjectUI): + + def ip_config_finish(self, ignore1=None, ignore2=None): + if not self.validate_ip_info(): +- return ++ return 1 + self.update_ip_desc() + self.ip_config.hide() + return 1 +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtManager-domain-override-rename_domain-in-vmmDomainVirtinst.patch b/SOURCES/virt-manager-virtManager-domain-override-rename_domain-in-vmmDomainVirtinst.patch new file mode 100644 index 0000000..512a868 --- /dev/null +++ b/SOURCES/virt-manager-virtManager-domain-override-rename_domain-in-vmmDomainVirtinst.patch @@ -0,0 +1,34 @@ +From a1df4746ffaf87e13e72f12650f945c76aaa6127 Mon Sep 17 00:00:00 2001 +Message-Id: +From: Pavel Hrdina +Date: Tue, 5 Mar 2019 15:49:23 +0100 +Subject: [PATCH] virtManager: domain: override rename_domain in + vmmDomainVirtinst + +If user renames guest in VM details page before installation starts +there is no need to rename NVRAM file as well. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1667308 + +Signed-off-by: Pavel Hrdina +(cherry picked from commit b206931eb9644e33b31c3141ba3403993898a090) +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtManager/domain.py | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/virtManager/domain.py b/virtManager/domain.py +index 3ec99a49..a60e054f 100644 +--- a/virtManager/domain.py ++++ b/virtManager/domain.py +@@ -2124,3 +2124,6 @@ class vmmDomainVirtinst(vmmDomain): + + def _redefine_xmlobj(self, xmlobj, origxml=None): + vmmDomain._redefine_xmlobj(self, xmlobj, origxml=self._orig_xml) ++ ++ def rename_domain(self, new_name): ++ self.define_name(new_name) +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtinst-Remove-only-auto-generated-channel-source-path.patch b/SOURCES/virt-manager-virtinst-Remove-only-auto-generated-channel-source-path.patch new file mode 100644 index 0000000..b28a02b --- /dev/null +++ b/SOURCES/virt-manager-virtinst-Remove-only-auto-generated-channel-source-path.patch @@ -0,0 +1,136 @@ +From 3e7e10ffe0d761c92fc2065e0030229845bd5322 Mon Sep 17 00:00:00 2001 +Message-Id: <3e7e10ffe0d761c92fc2065e0030229845bd5322@dist-git> +From: Pavel Hrdina +Date: Thu, 28 Jun 2018 16:18:43 +0200 +Subject: [PATCH] virtinst: Remove only auto-generated channel source path + +In attempt to fix https://bugzilla.redhat.com/show_bug.cgi?id=1270696 +this code was introduced but it removes the path for all channel +devices. We need to limit it only to the devices that have +auto-generated source path. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1591670 + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 931936a328d22413bb663e0e21d2f7bb111dbd7c) +Signed-off-by: Pavel Hrdina +--- + tests/clone-xml/channel-source-in.xml | 35 ++++++++++++++++++++++++++ + tests/clone-xml/channel-source-out.xml | 35 ++++++++++++++++++++++++++ + tests/clonetest.py | 3 +++ + virtinst/cloner.py | 4 ++- + 4 files changed, 76 insertions(+), 1 deletion(-) + create mode 100644 tests/clone-xml/channel-source-in.xml + create mode 100644 tests/clone-xml/channel-source-out.xml + +diff --git a/tests/clone-xml/channel-source-in.xml b/tests/clone-xml/channel-source-in.xml +new file mode 100644 +index 00000000..f69054c4 +--- /dev/null ++++ b/tests/clone-xml/channel-source-in.xml +@@ -0,0 +1,35 @@ ++ ++ clone-orig ++ aaa3ae22-fed2-bfbd-ac02-3bea3bcfad82 ++ 262144 ++ 262144 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ destroy ++ restart ++ destroy ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +diff --git a/tests/clone-xml/channel-source-out.xml b/tests/clone-xml/channel-source-out.xml +new file mode 100644 +index 00000000..210e7a7b +--- /dev/null ++++ b/tests/clone-xml/channel-source-out.xml +@@ -0,0 +1,35 @@ ++ ++ clone-new ++ 12345678-1234-1234-1234-123456789012 ++ 262144 ++ 262144 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ destroy ++ restart ++ destroy ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +diff --git a/tests/clonetest.py b/tests/clonetest.py +index 3546be01..5fd51e73 100644 +--- a/tests/clonetest.py ++++ b/tests/clonetest.py +@@ -191,3 +191,6 @@ class TestClone(unittest.TestCase): + def testCloneGraphicsPassword(self): + base = "graphics-password" + self._clone_helper(base) ++ ++ def testCloneChannelSource(self): ++ self._clone_helper("channel-source") +diff --git a/virtinst/cloner.py b/virtinst/cloner.py +index c4030ddf..632c3cbf 100644 +--- a/virtinst/cloner.py ++++ b/virtinst/cloner.py +@@ -441,7 +441,9 @@ class Cloner(object): + # For guest agent channel, remove a path to generate a new one with + # new guest name + for channel in self._guest.get_devices("channel"): +- if channel.type == VirtualChannelDevice.TYPE_UNIX: ++ if (channel.type == VirtualChannelDevice.TYPE_UNIX and ++ channel.target_name and channel.source_path and ++ channel.target_name in channel.source_path): + channel.source_path = None + + if self._guest.os.nvram: +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtinst-Trivial-spelling-fix.patch b/SOURCES/virt-manager-virtinst-Trivial-spelling-fix.patch new file mode 100644 index 0000000..e6022ba --- /dev/null +++ b/SOURCES/virt-manager-virtinst-Trivial-spelling-fix.patch @@ -0,0 +1,37 @@ +From 196313a5ff5ad051db6f538a44a42ce3b5e9aa42 Mon Sep 17 00:00:00 2001 +Message-Id: <196313a5ff5ad051db6f538a44a42ce3b5e9aa42@dist-git> +From: Pavel Hrdina +Date: Tue, 3 Apr 2018 14:56:23 -0600 +Subject: [PATCH] virtinst: Trivial spelling fix + +From: Charles Arnold + +Trivial spelling fix. + +Signed-off-by: Charles Arnold +(cherry picked from commit 0f2e0a49f9090ca27d6f44e6e49c81fa15f46a31) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtinst/guest.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/virtinst/guest.py b/virtinst/guest.py +index 6d4aeb26..bede9e86 100644 +--- a/virtinst/guest.py ++++ b/virtinst/guest.py +@@ -903,7 +903,7 @@ class Guest(XMLBuilder): + return + + logging.debug("Host capabilities CPU '%s' is not supported " +- "according to domain capabilities. Unsettings CPU model", ++ "according to domain capabilities. Unsetting CPU model", + self.cpu.model) + self.cpu.model = None + +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtinst-cli-fix-ParserBoot-to-return-the-parsed-object.patch b/SOURCES/virt-manager-virtinst-cli-fix-ParserBoot-to-return-the-parsed-object.patch new file mode 100644 index 0000000..67997f5 --- /dev/null +++ b/SOURCES/virt-manager-virtinst-cli-fix-ParserBoot-to-return-the-parsed-object.patch @@ -0,0 +1,40 @@ +From 17d821959cf76464be277edb8a656bacb74d2208 Mon Sep 17 00:00:00 2001 +Message-Id: <17d821959cf76464be277edb8a656bacb74d2208@dist-git> +From: Pavel Hrdina +Date: Mon, 21 Jan 2019 13:47:17 +0100 +Subject: [PATCH] virtinst: cli: fix ParserBoot to return the parsed object + +This fixes virt-xml to return an XML for command: + + virt-xml --build-xml --boot os_type=hvm + +The VirtCLIParser.parse() expects the _parse() method to return +the parsed object. + +Signed-off-by: Pavel Hrdina +(cherry picked from commit 7672b1b0101e736ba4bd9747f14dde279c81cb1f) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1550513 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + virtinst/cli.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/virtinst/cli.py b/virtinst/cli.py +index 71cba4cf..99d952ec 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -1683,7 +1683,7 @@ class ParserBoot(VirtCLIParser): + if boot_order: + inst.bootorder = boot_order + +- VirtCLIParser._parse(self, inst) ++ return VirtCLIParser._parse(self, inst) + + + _register_virt_parser(ParserBoot) +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtinst-compare-host-and-domain-cpu-models.patch b/SOURCES/virt-manager-virtinst-compare-host-and-domain-cpu-models.patch new file mode 100644 index 0000000..b3ed9fd --- /dev/null +++ b/SOURCES/virt-manager-virtinst-compare-host-and-domain-cpu-models.patch @@ -0,0 +1,98 @@ +From 8b2f541cb9d2cff02c5bbb7af2de3cb2b0b05d17 Mon Sep 17 00:00:00 2001 +Message-Id: <8b2f541cb9d2cff02c5bbb7af2de3cb2b0b05d17@dist-git> +From: Pavel Hrdina +Date: Wed, 28 Mar 2018 13:45:30 -0600 +Subject: [PATCH] virtinst: compare host and domain cpu models + +From: Charles Arnold + +Lookup the domain capabilities CPU model and compare with +the host capabilities CPU model and if they are not equal +set the guest's CPU model to None. + +(crobinso: compare against 'custom' list not 'host-model', move + to separate function) + +(cherry picked from commit fd6a8154408fb462e5437dc920afe4d80da3c1f8) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + .../compare/virt-install-boot-uefi.xml | 4 +-- + virtinst/guest.py | 32 ++++++++++++++++--- + 2 files changed, 29 insertions(+), 7 deletions(-) + +diff --git a/tests/cli-test-xml/compare/virt-install-boot-uefi.xml b/tests/cli-test-xml/compare/virt-install-boot-uefi.xml +index 22f31e6b..f46b8f07 100644 +--- a/tests/cli-test-xml/compare/virt-install-boot-uefi.xml ++++ b/tests/cli-test-xml/compare/virt-install-boot-uefi.xml +@@ -15,9 +15,7 @@ + + + +- +- Opteron_G4 +- ++ + + + +diff --git a/virtinst/guest.py b/virtinst/guest.py +index 32acd521..6d4aeb26 100644 +--- a/virtinst/guest.py ++++ b/virtinst/guest.py +@@ -880,6 +880,33 @@ class Guest(XMLBuilder): + else: + self.emulator = "/usr/lib/xen/bin/qemu-dm" + ++ def _set_cpu_x86_kvm_default(self): ++ if self.os.arch != self.conn.caps.host.cpu.arch: ++ return ++ ++ self.cpu.set_special_mode(self.x86_cpu_default) ++ if self.x86_cpu_default != self.cpu.SPECIAL_MODE_HOST_MODEL_ONLY: ++ return ++ if not self.cpu.model: ++ return ++ ++ # It's possible that the value HOST_MODEL_ONLY gets from ++ # is not actually supported by qemu/kvm ++ # combo which will be reported in ++ domcaps = DomainCapabilities.build_from_guest(self) ++ domcaps_mode = domcaps.cpu.get_mode("custom") ++ if not domcaps_mode: ++ return ++ ++ cpu_model = domcaps_mode.get_model(self.cpu.model) ++ if cpu_model and cpu_model.usable: ++ return ++ ++ logging.debug("Host capabilities CPU '%s' is not supported " ++ "according to domain capabilities. Unsettings CPU model", ++ self.cpu.model) ++ self.cpu.model = None ++ + def _set_cpu_defaults(self): + self.cpu.set_topology_defaults(self.vcpus) + +@@ -898,14 +925,11 @@ class Guest(XMLBuilder): + self.cpu.model = "cortex-a57" + + elif self.os.is_x86() and self.type == "kvm": +- if self.os.arch != self.conn.caps.host.cpu.arch: +- return ++ self._set_cpu_x86_kvm_default() + +- self.cpu.set_special_mode(self.x86_cpu_default) + if self._os_object.broken_x2apic(): + self.cpu.add_feature("x2apic", policy="disable") + +- + def _hyperv_supported(self): + if (self.os.loader_type == "pflash" and + self.os_variant in ("win2k8r2", "win7")): +-- +2.20.1 + diff --git a/SOURCES/virt-manager-virtinst-read-CPU-model-from-domain-capabilities.patch b/SOURCES/virt-manager-virtinst-read-CPU-model-from-domain-capabilities.patch new file mode 100644 index 0000000..2bd4ca6 --- /dev/null +++ b/SOURCES/virt-manager-virtinst-read-CPU-model-from-domain-capabilities.patch @@ -0,0 +1,217 @@ +From 5f8393892d60fe1ee982e34c4af229ce148b5996 Mon Sep 17 00:00:00 2001 +Message-Id: <5f8393892d60fe1ee982e34c4af229ce148b5996@dist-git> +From: Pavel Hrdina +Date: Wed, 28 Mar 2018 13:45:29 -0600 +Subject: [PATCH] virtinst: read CPU model from domain capabilities + +From: Charles Arnold + +Add functionality to acquire the CPU model from the +libvirt domain capabilities. This is used to compare +with the host CPU model. + +(crobinso: add test coverage, rework domcaps layout a bit) + +(cherry picked from commit d15b78ab0d7b9e73261a19fafc841a4ee206d413) + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1525337 + +Conflicts: + - _XML_ROOT_NAME is renamed to XML_NAME in upstream + + - utils.open_testdriver() is changed to + utils.URIs.open_testdriver_cached() in upstream + +Reviewed-by: Cole Robinson +Signed-off-by: Pavel Hrdina +--- + tests/capabilities-xml/kvm-x86_64-domcaps.xml | 88 +++++++++++++++++-- + tests/capabilities.py | 10 +++ + virtinst/domcapabilities.py | 28 ++++++ + 3 files changed, 121 insertions(+), 5 deletions(-) + +diff --git a/tests/capabilities-xml/kvm-x86_64-domcaps.xml b/tests/capabilities-xml/kvm-x86_64-domcaps.xml +index cf15c195..d2a3d11f 100644 +--- a/tests/capabilities-xml/kvm-x86_64-domcaps.xml ++++ b/tests/capabilities-xml/kvm-x86_64-domcaps.xml +@@ -18,6 +18,68 @@ + + + ++ ++ ++ ++ Broadwell ++ Intel ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ qemu64 ++ qemu32 ++ phenom ++ pentium3 ++ pentium2 ++ pentium ++ n270 ++ kvm64 ++ kvm32 ++ coreduo ++ core2duo ++ athlon ++ Westmere ++ Westmere-IBRS ++ Skylake-Server ++ Skylake-Server-IBRS ++ Skylake-Client ++ Skylake-Client-IBRS ++ SandyBridge ++ SandyBridge-IBRS ++ Penryn ++ Opteron_G5 ++ Opteron_G4 ++ Opteron_G3 ++ Opteron_G2 ++ Opteron_G1 ++ Nehalem ++ Nehalem-IBRS ++ IvyBridge ++ IvyBridge-IBRS ++ Haswell ++ Haswell-noTSX ++ Haswell-noTSX-IBRS ++ Haswell-IBRS ++ EPYC ++ EPYC-IBPB ++ Conroe ++ Broadwell ++ Broadwell-noTSX ++ Broadwell-noTSX-IBRS ++ Broadwell-IBRS ++ 486 ++ ++ + + + +@@ -32,8 +94,25 @@ + scsi + virtio + usb ++ sata + + ++ ++ ++ sdl ++ vnc ++ spice ++ ++ ++ + + + subsystem +@@ -50,11 +129,10 @@ + scsi + + +- +- default +- kvm +- vfio +- ++ + + ++ ++ ++ + +diff --git a/tests/capabilities.py b/tests/capabilities.py +index 40f9fd86..ef1d961b 100644 +--- a/tests/capabilities.py ++++ b/tests/capabilities.py +@@ -131,6 +131,16 @@ class TestCapabilities(unittest.TestCase): + self.assertEqual(caps.os.loader.get_enum("type").get_values(), + ["rom", "pflash"]) + ++ def testDomainCapabilitiesx86(self): ++ xml = open("tests/capabilities-xml/kvm-x86_64-domcaps.xml").read() ++ caps = DomainCapabilities(utils.open_testdriver(), xml) ++ ++ custom_mode = caps.cpu.get_mode("custom") ++ self.assertTrue(bool(custom_mode)) ++ cpu_model = custom_mode.get_model("Opteron_G4") ++ self.assertTrue(bool(cpu_model)) ++ self.assertTrue(cpu_model.usable) ++ + + if __name__ == "__main__": + unittest.main() +diff --git a/virtinst/domcapabilities.py b/virtinst/domcapabilities.py +index be2281a6..78ac7a3e 100644 +--- a/virtinst/domcapabilities.py ++++ b/virtinst/domcapabilities.py +@@ -76,6 +76,33 @@ class _Features(_CapsBlock): + gic = XMLChildProperty(_make_capsblock("gic"), is_single=True) + + ++class _CPUModel(XMLBuilder): ++ _XML_ROOT_NAME = "model" ++ model = XMLProperty(".") ++ usable = XMLProperty("./@usable", is_yesno=True) ++ ++ ++class _CPUMode(XMLBuilder): ++ _XML_ROOT_NAME = "mode" ++ name = XMLProperty("./@name") ++ models = XMLChildProperty(_CPUModel) ++ ++ def get_model(self, name): ++ for model in self.models: ++ if model.model == name: ++ return model ++ ++ ++class _CPU(XMLBuilder): ++ _XML_ROOT_NAME = "cpu" ++ modes = XMLChildProperty(_CPUMode) ++ ++ def get_mode(self, name): ++ for mode in self.modes: ++ if mode.name == name: ++ return mode ++ ++ + class DomainCapabilities(XMLBuilder): + @staticmethod + def build_from_params(conn, emulator, arch, machine, hvtype): +@@ -163,6 +190,7 @@ class DomainCapabilities(XMLBuilder): + + _XML_ROOT_NAME = "domainCapabilities" + os = XMLChildProperty(_OS, is_single=True) ++ cpu = XMLChildProperty(_CPU, is_single=True) + devices = XMLChildProperty(_Devices, is_single=True) + + arch = XMLProperty("./arch") +-- +2.20.1 + diff --git a/SPECS/virt-manager.spec b/SPECS/virt-manager.spec index d8fad51..ce7186a 100644 --- a/SPECS/virt-manager.spec +++ b/SPECS/virt-manager.spec @@ -20,7 +20,7 @@ Name: virt-manager Version: 1.5.0 -Release: 1%{?dist}%{?extra_release} +Release: 7%{?dist}%{?extra_release} %global verrel %{version}-%{release} Summary: Desktop tool for managing virtual machines via libvirt @@ -32,6 +32,49 @@ Source0: http://virt-manager.org/download/sources/%{name}/%{name}-%{version}.tar Source1: symlinks Patch1: virt-manager-RHEL-only-virt-install-doc-remove-reference-to-physical-CD-devices.patch +Patch2: virt-manager-virtinst-Remove-only-auto-generated-channel-source-path.patch +Patch3: virt-manager-virtinst-read-CPU-model-from-domain-capabilities.patch +Patch4: virt-manager-virtinst-compare-host-and-domain-cpu-models.patch +Patch5: virt-manager-virtinst-Trivial-spelling-fix.patch +Patch6: virt-manager-domain-cpu-Add-set_defaults.patch +Patch7: virt-manager-guest-Add-DomainCapabilities-caching.patch +Patch8: virt-manager-guest-Default-to-cpu-mode-host-model-if-libvirt-is-new-enough.patch +Patch9: virt-manager-virt-manager-Wire-up-support-for-default-mode-host-model.patch +Patch10: virt-manager-cpu-Have-host-copy-use-domcaps-if-qemu-is-new-enough-bz-1637767.patch +Patch11: virt-manager-domain.numatune-Remove-cpuset_str_to_tuple.patch +Patch12: virt-manager-domain.numatune-Remove-MEMORY_MODES.patch +Patch13: virt-manager-domain.numatune-Drop-cpuset-validation.patch +Patch14: virt-manager-graphics-move-all-listen-code-into-one-place.patch +Patch15: virt-manager-cli-fix-typos-in-virt-install-help-output.patch +Patch16: virt-manager-cli-Fix-boot-smbios_mode-sysinfo-bz-1570549.patch +Patch17: virt-manager-virt-clone-fix-force-copy-of-empty-cdrom-or-floppy-disk.patch +Patch18: virt-manager-cli-Drop-clear_attr-property.patch +Patch19: virt-manager-virtinst-cli-fix-ParserBoot-to-return-the-parsed-object.patch +Patch20: virt-manager-virtManager-clone-check-which-storage-pools-supports-volume-cloning.patch +Patch21: virt-manager-virtManager-domain-override-rename_domain-in-vmmDomainVirtinst.patch +Patch22: virt-manager-virtManager-createinterface-don-t-delete-ip-config-window.patch +Patch23: virt-manager-virtManager-clone-build-default-clone-path-if-we-know-how.patch +Patch24: virt-manager-prefs-Add-a-setting-to-enable-disable-libguestfs-inspection.patch +Patch25: virt-manager-domcapabilities-fix-detection-if-host-model-is-safe-to-use.patch +Patch26: virt-manager-cloner-don-t-fail-to-clone-VM-if-nvram-file-doesn-t-exist.patch +Patch27: virt-manager-domcapabilities-actually-fix-detection-if-host-model-is-safe-to-use.patch +Patch28: virt-manager-domcapabilities-introduce-get_cpu_security_features.patch +Patch29: virt-manager-domain-cpu-introduce-set_model-function.patch +Patch30: virt-manager-domain-cpu-automatically-add-CPU-security-features-for-custom-mode.patch +Patch31: virt-manager-domcapabilities-remove-recommended-CPU-features-from-security-features.patch +Patch32: virt-manager-domcapabilities-fix-typo-in-function-name.patch +Patch33: virt-manager-cli-introduce-CPU-secure-parameter.patch +Patch34: virt-manager-domcapabilities-add-caching-of-CPU-security-features.patch +Patch35: virt-manager-virt-manager-add-new-checkbox-to-control-CPU-security-features.patch +Patch36: virt-manager-DomainCpu-fix-detection-of-CPU-security-features.patch +Patch37: virt-manager-DomainCpu-check-CPU-model-name-only-if-model-exists.patch +Patch38: virt-manager-cloner-Handle-nonsparse-for-qcow2-images.patch +Patch39: virt-manager-clone-Fix-inverted-nonsparse-check.patch +Patch40: virt-manager-cli-fix-sysinfo-type-parsing.patch +Patch41: virt-manager-domcapabilities-detect-MDS-new-vulnerability.patch +Patch42: virt-manager-manager-Fix-mem-disk-net-stats-graphs-bz-1543896.patch +Patch43: virt-manager-cli-fix-cpu-secure-option-to-actually-work.patch +Patch44: virt-manager-cli-Fix-pool-default-when-path-belongs-to-another-pool-bz-1692489.patch Requires: virt-manager-common = %{verrel} @@ -281,6 +324,61 @@ fi %changelog +* Wed May 29 2019 Pavel Hrdina - 1.5.0-7 +- cli: Fix pool=default when path belongs to another pool (bz 1692489) (rhbz#1711806) + +* Thu May 23 2019 Pavel Hrdina - 1.5.0-6 +- manager: Fix mem, disk, net stats graphs (bz 1543896) (rhbz#1710772) +- cli: fix cpu secure option to actually work (rhbz#1582667) + +* Wed May 15 2019 Pavel Hrdina - 1.5.0-5 +- clone: Fix inverted --nonsparse check (rhbz#1675743) +- cli: fix sysinfo type parsing (rhbz#1707380) +- domcapabilities: detect MDS new vulnerability (rhbz#1582667) + +* Fri May 10 2019 Pavel Hrdina - 1.5.0-4 +- cloner: Handle --nonsparse for qcow2 images (rhbz#1675743) + +* Fri Apr 12 2019 Pavel Hrdina - 1.5.0-3 +- domcapabilities: fix detection if host-model is safe to use (rhbz#1525337) +- cloner: don't fail to clone VM if nvram file doesn't exist (rhbz#1679021) +- domcapabilities: actually fix detection if host-model is safe to use (rhbz#1525337) +- domcapabilities: introduce get_cpu_security_features (rhbz#1582667) +- domain: cpu: introduce set_model function (rhbz#1582667) +- domain: cpu: automatically add CPU security features for "custom" mode (rhbz#1582667) +- domcapabilities: remove recommended CPU features from security features (rhbz#1582667) +- domcapabilities: fix typo in function name (rhbz#1582667) +- cli: introduce CPU secure parameter (rhbz#1582667) +- domcapabilities: add caching of CPU security features (rhbz#1582667) +- virt-manager: add new checkbox to control CPU security features (rhbz#1582667) +- DomainCpu: fix detection of CPU security features (rhbz#1582667) +- DomainCpu: check CPU model name only if model exists (rhbz#1582667) + +* Tue Mar 19 2019 Pavel Hrdina - 1.5.0-2 +- virtinst: Remove only auto-generated channel source path (rhbz#1591670) +- virtinst: read CPU model from domain capabilities (rhbz#1525337) +- virtinst: compare host and domain cpu models (rhbz#1525337) +- virtinst: Trivial spelling fix (rhbz#1525337) +- domain: cpu: Add set_defaults (rhbz#1525337) +- guest: Add DomainCapabilities caching (rhbz#1525337) +- guest: Default to cpu mode=host-model if libvirt is new enough (rhbz#1525337) +- virt-manager: Wire up support for default mode=host-model (rhbz#1525337) +- cpu: Have host-copy use domcaps if qemu is new enough (bz 1637767) (rhbz#1525337) +- domain.numatune: Remove cpuset_str_to_tuple (rhbz#1566818) +- domain.numatune: Remove MEMORY_MODES (rhbz#1566818) +- domain.numatune: Drop cpuset validation (rhbz#1566818) +- graphics: move all listen code into one place (rhbz#1565968) +- cli: fix typos in virt-install --help output (rhbz#1533015) +- cli: Fix --boot smbios_mode=sysinfo (bz 1570549) (rhbz#1570549) +- virt-clone: fix force-copy of empty cdrom or floppy disk (rhbz#1564863) +- cli: Drop clear_attr property (rhbz#1550513) +- virtinst: cli: fix ParserBoot to return the parsed object (rhbz#1550513) +- virtManager: clone: check which storage pools supports volume cloning (rhbz#1463066) +- virtManager: domain: override rename_domain in vmmDomainVirtinst (rhbz#1667308) +- virtManager: createinterface: don't delete ip-config window (rhbz#1563638) +- virtManager: clone: build default clone path if we know how (rhbz#1565106) +- prefs: Add a setting to enable/disable libguestfs inspection (rhbz#1566187) + * Tue May 22 2018 Pavel Hrdina - 1.5.0-1 - Rebased to virt-manager-1.5.0 (rhbz#1562102) - The rebase also fixes the following bugs: