pool/virt-manager
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Accepting request 503738 from Virtualization

Browse Source 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/503738
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/virt-manager?expand=0&rev=152
This commit is contained in:
Dominique Leuenberger 2017-06-15 09:25:38 +00:00 committed by Git OBS Bridge
commit 1bd2e3f3b2
11 changed files with 789 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
2099a194-reset-guest-domain-to-none-on-domain-creation-error.patch
View File

@ -21,10 +21,10 @@ self.domain to None when an exception is caught.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
diff --git a/virtinst/guest.py b/virtinst/guest.py
index c8c3d14c..39975199 100644
--- a/virtinst/guest.py
+++ b/virtinst/guest.py
Index: virt-manager-1.4.1/virtinst/guest.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/guest.py
+++ virt-manager-1.4.1/virtinst/guest.py
@@ -408,6 +408,7 @@ class Guest(XMLBuilder):
exc_info = sys.exc_info()
try:

134
24f9d053-add-support-for-loader-secure-attribute.patch Normal file
View File

@ -0,0 +1,134 @@
References: rbz#1387479
Subject: virt-install: add support for loader secure attribute
From: Pavel Hrdina phrdina@redhat.com Thu Jan 26 16:11:31 2017 +0100
Date: Thu Jun 1 09:58:46 2017 +0200:
Git: 24f9d05329a485c21325fc2e93a283b832359d05
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Index: virt-manager-1.4.1/man/virt-install.pod
===================================================================
--- virt-manager-1.4.1.orig/man/virt-install.pod
+++ virt-manager-1.4.1/man/virt-install.pod
@@ -514,13 +514,14 @@ correct UEFI parameters, libvirt needs t
via domcapabilities XML, so this will likely only work if using properly
configured distro packages.
-=item B<--boot loader=/.../OVMF_CODE.fd,loader_ro=yes,loader_type=pflash,nvram_template=/.../OVMF_VARS.fd>
+=item B<--boot loader=/.../OVMF_CODE.fd,loader_ro=yes,loader_type=pflash,nvram_template=/.../OVMF_VARS.fd,loader_secure=no>
Specify that the virtual machine use the custom OVMF binary as boot firmware,
mapped as a virtual flash chip. In addition, request that libvirt instantiate
the VM-specific UEFI varstore from the custom "/.../OVMF_VARS.fd" varstore
template. This is the recommended UEFI setup, and should be used if
---boot uefi doesn't know about your UEFI binaries.
+--boot uefi doesn't know about your UEFI binaries. If your UEFI firmware
+supports Secure boot feature you can enable it via loader_secure.
=back
Index: virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-loader-secure.xml
===================================================================
--- /dev/null
+++ virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-loader-secure.xml
@@ -0,0 +1,29 @@
+<domain type="test">
+ <name>foobar</name>
+ <uuid>00000000-1111-2222-3333-444444444444</uuid>
+ <memory>65536</memory>
+ <currentMemory>65536</currentMemory>
+ <vcpu>1</vcpu>
+ <os>
+ <type arch="i686">hvm</type>
+ <loader secure="yes">/path/to/loader</loader>
+ <boot dev="hd"/>
+ </os>
+ <features>
+ <pae/>
+ </features>
+ <clock offset="utc"/>
+ <pm>
+ <suspend-to-mem enabled="no"/>
+ <suspend-to-disk enabled="no"/>
+ </pm>
+ <devices>
+ <emulator>/usr/bin/test-hv</emulator>
+ <controller type="usb" index="0" model="none"/>
+ <interface type="user">
+ <mac address="00:11:22:33:44:55"/>
+ </interface>
+ <input type="mouse" bus="ps2"/>
+ <console type="pty"/>
+ </devices>
+</domain>
Index: virt-manager-1.4.1/tests/clitest.py
===================================================================
--- virt-manager-1.4.1.orig/tests/clitest.py
+++ virt-manager-1.4.1/tests/clitest.py
@@ -561,6 +561,14 @@ c.add_compare("--features smm=on", "feat
c.add_invalid("--features smm=on --machine pc")
+########################
+# Boot install options #
+########################
+
+c = vinst.add_category("boot", "--nographics --noautoconsole --import --disk none --controller usb,model=none")
+c.add_compare("--boot loader=/path/to/loader,loader_secure=yes", "boot-loader-secure")
+
+
####################################################
# CPU/RAM/numa and other singleton VM config tests #
####################################################
Index: virt-manager-1.4.1/virtinst/cli.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/cli.py
+++ virt-manager-1.4.1/virtinst/cli.py
@@ -1573,6 +1573,13 @@ class ParserBoot(VirtCLIParser):
inst.os.smbios_mode = val
self.optdict["smbios_mode"] = val
+ def set_loader_secure_cb(self, inst, val, virtarg):
+ if not inst.conn.check_support(inst.conn.SUPPORT_DOMAIN_LOADER_SECURE):
+ raise RuntimeError("secure attribute for loader is not supported "
+ "by libvirt.")
+ inst.os.loader_secure = val
+ return val
+
def noset_cb(self, inst, val, virtarg):
pass
@@ -1609,6 +1616,8 @@ ParserBoot.add_arg("os.dtb", "dtb")
ParserBoot.add_arg("os.loader", "loader")
ParserBoot.add_arg("os.loader_ro", "loader_ro", is_onoff=True)
ParserBoot.add_arg("os.loader_type", "loader_type")
+ParserBoot.add_arg("os.loader_secure", "loader_secure", is_onoff=True,
+ cb=ParserBoot.set_loader_secure_cb)
ParserBoot.add_arg("os.nvram", "nvram")
ParserBoot.add_arg("os.nvram_template", "nvram_template")
ParserBoot.add_arg("os.kernel_args", "kernel_args",
Index: virt-manager-1.4.1/virtinst/osxml.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/osxml.py
+++ virt-manager-1.4.1/virtinst/osxml.py
@@ -116,6 +116,7 @@ class OSXML(XMLBuilder):
loader = XMLProperty("./loader")
loader_ro = XMLProperty("./loader/@readonly", is_yesno=True)
loader_type = XMLProperty("./loader/@type")
+ loader_secure = XMLProperty("./loader/@secure", is_yesno=True)
smbios_mode = XMLProperty("./smbios/@mode")
nvram = XMLProperty("./nvram")
nvram_template = XMLProperty("./nvram/@template")
Index: virt-manager-1.4.1/virtinst/support.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/support.py
+++ virt-manager-1.4.1/virtinst/support.py
@@ -362,6 +362,7 @@ SUPPORT_DOMAIN_STATE = _make(function="v
SUPPORT_DOMAIN_OPEN_GRAPHICS = _make(function="virDomain.openGraphicsFD",
version="1.2.8", hv_version={"qemu": 0})
SUPPORT_DOMAIN_FEATURE_SMM = _make(version="2.1.0")
+SUPPORT_DOMAIN_LOADER_SECURE = _make(version="2.1.0")
###############

297
4f8e795c-if-required-by-UEFI-enable-SMM-feature-and-set-q35-machine-type.patch Normal file
View File

@ -0,0 +1,297 @@
References: rbz#1387479
Subject: virtinst: if required by UEFI enable SMM feature and set q35 machine type
From: Pavel Hrdina phrdina@redhat.com Mon Feb 6 13:46:06 2017 +0100
Date: Thu Jun 1 09:58:46 2017 +0200:
Git: 4f8e795c6a7158b3da48f65322cabfae1d110cae
If we detect that the UEFI image is build to require SMM feature we
should configure the guest to enable SMM feature and set q35 machine
type. Without this user wouldn't be able to boot the guest.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1387479
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Index: virt-manager-1.4.1/tests/capabilities-xml/kvm-x86_64-domcaps-q35.xml
===================================================================
--- /dev/null
+++ virt-manager-1.4.1/tests/capabilities-xml/kvm-x86_64-domcaps-q35.xml
@@ -0,0 +1,126 @@
+<domainCapabilities>
+ <path>/home/phrdina/work/qemu/x86_64-softmmu/qemu-system-x86_64</path>
+ <domain>kvm</domain>
+ <machine>pc-q35-2.9</machine>
+ <arch>x86_64</arch>
+ <vcpu max='288'/>
+ <os supported='yes'>
+ <loader supported='yes'>
+ <value>/usr/share/ovmf/OVMF_CODE.secboot.fd</value>
+ <enum name='type'>
+ <value>rom</value>
+ <value>pflash</value>
+ </enum>
+ <enum name='readonly'>
+ <value>yes</value>
+ <value>no</value>
+ </enum>
+ </loader>
+ </os>
+ <cpu>
+ <mode name='host-passthrough' supported='yes'/>
+ <mode name='host-model' supported='yes'>
+ <model fallback='forbid'>Skylake-Client</model>
+ <vendor>Intel</vendor>
+ <feature policy='require' name='ss'/>
+ <feature policy='require' name='vmx'/>
+ <feature policy='require' name='hypervisor'/>
+ <feature policy='require' name='tsc_adjust'/>
+ <feature policy='require' name='clflushopt'/>
+ <feature policy='require' name='xsaves'/>
+ <feature policy='require' name='pdpe1gb'/>
+ <feature policy='require' name='invtsc'/>
+ </mode>
+ <mode name='custom' supported='yes'>
+ <model usable='yes'>qemu64</model>
+ <model usable='yes'>qemu32</model>
+ <model usable='no'>phenom</model>
+ <model usable='yes'>pentium3</model>
+ <model usable='yes'>pentium2</model>
+ <model usable='yes'>pentium</model>
+ <model usable='yes'>n270</model>
+ <model usable='yes'>kvm64</model>
+ <model usable='yes'>kvm32</model>
+ <model usable='yes'>coreduo</model>
+ <model usable='yes'>core2duo</model>
+ <model usable='no'>athlon</model>
+ <model usable='yes'>Westmere</model>
+ <model usable='yes'>Skylake-Client</model>
+ <model usable='yes'>SandyBridge</model>
+ <model usable='yes'>Penryn</model>
+ <model usable='no'>Opteron_G5</model>
+ <model usable='no'>Opteron_G4</model>
+ <model usable='no'>Opteron_G3</model>
+ <model usable='yes'>Opteron_G2</model>
+ <model usable='yes'>Opteron_G1</model>
+ <model usable='yes'>Nehalem</model>
+ <model usable='yes'>IvyBridge</model>
+ <model usable='yes'>Haswell</model>
+ <model usable='yes'>Haswell-noTSX</model>
+ <model usable='yes'>Conroe</model>
+ <model usable='yes'>Broadwell</model>
+ <model usable='yes'>Broadwell-noTSX</model>
+ <model usable='yes'>486</model>
+ </mode>
+ </cpu>
+ <devices>
+ <disk supported='yes'>
+ <enum name='diskDevice'>
+ <value>disk</value>
+ <value>cdrom</value>
+ <value>floppy</value>
+ <value>lun</value>
+ </enum>
+ <enum name='bus'>
+ <value>fdc</value>
+ <value>scsi</value>
+ <value>virtio</value>
+ <value>usb</value>
+ <value>sata</value>
+ </enum>
+ </disk>
+ <graphics supported='yes'>
+ <enum name='type'>
+ <value>sdl</value>
+ <value>vnc</value>
+ <value>spice</value>
+ </enum>
+ </graphics>
+ <video supported='yes'>
+ <enum name='modelType'>
+ <value>vga</value>
+ <value>cirrus</value>
+ <value>vmvga</value>
+ <value>qxl</value>
+ <value>virtio</value>
+ </enum>
+ </video>
+ <hostdev supported='yes'>
+ <enum name='mode'>
+ <value>subsystem</value>
+ </enum>
+ <enum name='startupPolicy'>
+ <value>default</value>
+ <value>mandatory</value>
+ <value>requisite</value>
+ <value>optional</value>
+ </enum>
+ <enum name='subsysType'>
+ <value>usb</value>
+ <value>pci</value>
+ <value>scsi</value>
+ </enum>
+ <enum name='capsType'/>
+ <enum name='pciBackend'>
+ <value>default</value>
+ <value>kvm</value>
+ <value>vfio</value>
+ </enum>
+ </hostdev>
+ </devices>
+ <features>
+ <gic supported='no'/>
+ </features>
+</domainCapabilities>
+
+
Index: virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-uefi.xml
===================================================================
--- /dev/null
+++ virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-uefi.xml
@@ -0,0 +1,61 @@
+<domain type="kvm">
+ <name>foobar</name>
+ <uuid>00000000-1111-2222-3333-444444444444</uuid>
+ <memory>65536</memory>
+ <currentMemory>65536</currentMemory>
+ <vcpu>1</vcpu>
+ <os>
+ <type arch="x86_64" machine="q35">hvm</type>
+ <loader readonly="yes" type="pflash">/usr/share/ovmf/OVMF_CODE.secboot.fd</loader>
+ <boot dev="hd"/>
+ </os>
+ <features>
+ <acpi/>
+ <apic/>
+ <smm state="on"/>
+ <vmport state="off"/>
+ </features>
+ <cpu mode="custom" match="exact">
+ <model>Opteron_G4</model>
+ </cpu>
+ <clock offset="utc">
+ <timer name="rtc" tickpolicy="catchup"/>
+ <timer name="pit" tickpolicy="delay"/>
+ <timer name="hpet" present="no"/>
+ </clock>
+ <pm>
+ <suspend-to-mem enabled="no"/>
+ <suspend-to-disk enabled="no"/>
+ </pm>
+ <devices>
+ <emulator>/usr/bin/qemu-kvm</emulator>
+ <controller type="usb" index="0" model="ich9-ehci1"/>
+ <controller type="usb" index="0" model="ich9-uhci1">
+ <master startport="0"/>
+ </controller>
+ <controller type="usb" index="0" model="ich9-uhci2">
+ <master startport="2"/>
+ </controller>
+ <controller type="usb" index="0" model="ich9-uhci3">
+ <master startport="4"/>
+ </controller>
+ <interface type="bridge">
+ <source bridge="eth0"/>
+ <mac address="00:11:22:33:44:55"/>
+ </interface>
+ <input type="mouse" bus="ps2"/>
+ <graphics type="spice" port="-1" tlsPort="-1" autoport="yes">
+ <image compression="off"/>
+ </graphics>
+ <console type="pty"/>
+ <channel type="spicevmc">
+ <target type="virtio" name="com.redhat.spice.0"/>
+ </channel>
+ <sound model="ich6"/>
+ <video>
+ <model type="qxl"/>
+ </video>
+ <redirdev bus="usb" type="spicevmc"/>
+ <redirdev bus="usb" type="spicevmc"/>
+ </devices>
+</domain>
Index: virt-manager-1.4.1/tests/clitest.py
===================================================================
--- virt-manager-1.4.1.orig/tests/clitest.py
+++ virt-manager-1.4.1/tests/clitest.py
@@ -71,6 +71,7 @@ test_files = {
'URI-TEST-DEFAULT': utils.uri_test_default,
'URI-TEST-REMOTE': utils.uri_test_remote,
'URI-KVM': utils.uri_kvm,
+ 'URI-KVM-Q35': utils.uri_kvm_q35,
'URI-KVM-SESSION': utils.uri_kvm_session,
'URI-KVM-REMOTE': utils.uri_kvm + ",remote",
'URI-KVM-NODOMCAPS': utils.uri_kvm_nodomcaps,
@@ -771,6 +772,9 @@ c.add_invalid("--disk none --boot networ
c.add_invalid("--nodisks --boot network --arch mips --virt-type kvm") # Invalid domain type for arch
c.add_invalid("--nodisks --boot network --paravirt --arch mips") # Invalid arch/virt combo
+c = vinst.add_category("kvm-q35", "--connect %(URI-KVM-Q35)s --noautoconsole", compare_check=support.SUPPORT_CONN_VMPORT)
+c.add_compare("--boot uefi --disk none", "boot-uefi")
+
######################
# LXC specific tests #
Index: virt-manager-1.4.1/tests/utils.py
===================================================================
--- virt-manager-1.4.1.orig/tests/utils.py
+++ virt-manager-1.4.1/tests/utils.py
@@ -37,10 +37,12 @@ uri_test_remote = uri_test + ",remote"
_uri_qemu = "%s,qemu" % uri_test
_uri_kvm_domcaps = (_uri_qemu + _domcapsprefix + "kvm-x86_64-domcaps.xml")
+_uri_kvm_domcaps_q35 = (_uri_qemu + _domcapsprefix + "kvm-x86_64-domcaps-q35.xml")
_uri_kvm_aarch64_domcaps = (_uri_qemu + _domcapsprefix + "kvm-aarch64-domcaps.xml")
uri_kvm_nodomcaps = (_uri_qemu + _capsprefix + "kvm-x86_64.xml")
uri_kvm_rhel = (_uri_kvm_domcaps + _capsprefix + "kvm-x86_64-rhel7.xml")
uri_kvm = (_uri_kvm_domcaps + _capsprefix + "kvm-x86_64.xml")
+uri_kvm_q35 = (_uri_kvm_domcaps_q35 + _capsprefix + "kvm-x86_64.xml")
uri_kvm_session = uri_kvm + ",session"
uri_kvm_armv7l = (_uri_kvm_domcaps + _capsprefix + "kvm-armv7l.xml")
Index: virt-manager-1.4.1/virtManager/domain.py
===================================================================
--- virt-manager-1.4.1.orig/virtManager/domain.py
+++ virt-manager-1.4.1/virtManager/domain.py
@@ -698,6 +698,7 @@ class vmmDomain(vmmLibvirtObject):
guest.os.loader = loader
guest.os.loader_type = "pflash"
guest.os.loader_ro = True
+ guest.check_uefi_smm()
if nvram != _SENTINEL:
guest.os.nvram = nvram
Index: virt-manager-1.4.1/virtinst/guest.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/guest.py
+++ virt-manager-1.4.1/virtinst/guest.py
@@ -542,6 +542,29 @@ class Guest(XMLBuilder):
self.os.loader_type = "pflash"
self.os.loader = path
+ self.check_uefi_smm()
+
+
+ def check_uefi_smm(self):
+ """
+ If the firmware name contains "secboot" it is probably build
+ with SMM feature required so we need to enable that feature,
+ otherwise the firmware may fail to load. True secure boot is
+ currently supported only on x86 architecture and with q35 with
+ SMM feature enabled so change the machine to q35 as well.
+ """
+
+ if not self.os.is_x86():
+ return
+
+ if "secboot" not in self.os.loader:
+ return
+
+ if not self.conn.check_support(self.conn.SUPPORT_DOMAIN_FEATURE_SMM):
+ return
+
+ self.features.smm = True
+ self.os.machine = "q35"
###################
# Device defaults #

47
93085d2b-reset-guest-domain-to-none-on-domain-creation-error.patch Normal file
View File

@ -0,0 +1,47 @@
Subject: guest: Don't repeatedly overwrite self.domain
From: Cole Robinson crobinso@redhat.com Thu Apr 13 14:56:03 2017 -0400
Date: Thu Apr 13 14:56:03 2017 -0400:
Git: 93085d2b9d4a3dd6cbb9edfeae9b6cefee9419c1
Since clearing it is important, just set it at the end when things
have succeeded
diff --git a/virtinst/guest.py b/virtinst/guest.py
index 39975199..6bdfe170 100644
--- a/virtinst/guest.py
+++ b/virtinst/guest.py
@@ -394,28 +394,28 @@ class Guest(XMLBuilder):
meter.start(size=None, text=meter_label)
if transient:
- self.domain = self.conn.createXML(install_xml or final_xml, 0)
+ domain = self.conn.createXML(install_xml or final_xml, 0)
else:
# Not all hypervisors (vz) support createXML, so avoid it here
- self.domain = self.conn.defineXML(install_xml or final_xml)
+ domain = self.conn.defineXML(install_xml or final_xml)
# Handle undefining the VM if the initial startup fails
if doboot or self.installer.has_install_phase():
try:
- self.domain.create()
+ domain.create()
except:
import sys
exc_info = sys.exc_info()
try:
- self.domain.undefine()
- self.domain = None
+ domain.undefine()
except:
pass
raise exc_info[0], exc_info[1], exc_info[2]
if install_xml and install_xml != final_xml:
- self.domain = self.conn.defineXML(final_xml)
+ domain = self.conn.defineXML(final_xml)
+ self.domain = domain
try:
logging.debug("XML fetched from libvirt object:\n%s",
self.domain.XMLDesc(0))

77
b690908a-enable-secure-feature-together-with-smm-for-UEFI.patch Normal file
View File

@ -0,0 +1,77 @@
Subject: virtinst: enable secure feature together with smm for UEFI
From: Pavel Hrdina phrdina@redhat.com Wed Jun 7 20:47:59 2017 +0200
Date: Wed Jun 7 20:49:45 2017 +0200:
Git: b690908aa47ea4040a0b232328a7b79ff99ceabc
The secure feature actually enforce the secure boot if Secure Boot
Mode is configured.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1387479
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Index: virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-uefi.xml
===================================================================
--- virt-manager-1.4.1.orig/tests/cli-test-xml/compare/virt-install-boot-uefi.xml
+++ virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-uefi.xml
@@ -6,7 +6,7 @@
<vcpu>1</vcpu>
<os>
<type arch="x86_64" machine="q35">hvm</type>
- <loader readonly="yes" type="pflash">/usr/share/ovmf/OVMF_CODE.secboot.fd</loader>
+ <loader readonly="yes" type="pflash" secure="yes">/usr/share/ovmf/OVMF_CODE.secboot.fd</loader>
<boot dev="hd"/>
</os>
<features>
Index: virt-manager-1.4.1/virtManager/domain.py
===================================================================
--- virt-manager-1.4.1.orig/virtManager/domain.py
+++ virt-manager-1.4.1/virtManager/domain.py
@@ -698,7 +698,7 @@ class vmmDomain(vmmLibvirtObject):
guest.os.loader = loader
guest.os.loader_type = "pflash"
guest.os.loader_ro = True
- guest.check_uefi_smm()
+ guest.check_uefi_secure()
if nvram != _SENTINEL:
guest.os.nvram = nvram
Index: virt-manager-1.4.1/virtinst/guest.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/guest.py
+++ virt-manager-1.4.1/virtinst/guest.py
@@ -542,16 +542,18 @@ class Guest(XMLBuilder):
self.os.loader_type = "pflash"
self.os.loader = path
- self.check_uefi_smm()
+ self.check_uefi_secure()
- def check_uefi_smm(self):
+ def check_uefi_secure(self):
"""
If the firmware name contains "secboot" it is probably build
with SMM feature required so we need to enable that feature,
otherwise the firmware may fail to load. True secure boot is
currently supported only on x86 architecture and with q35 with
SMM feature enabled so change the machine to q35 as well.
+ To actually enforce the secure boot for the guest if Secure Boot
+ Mode is configured we need to enable loader secure feature.
"""
if not self.os.is_x86():
@@ -560,10 +562,12 @@ class Guest(XMLBuilder):
if "secboot" not in self.os.loader:
return
- if not self.conn.check_support(self.conn.SUPPORT_DOMAIN_FEATURE_SMM):
+ if (not self.conn.check_support(self.conn.SUPPORT_DOMAIN_FEATURE_SMM) or
+ not self.conn.check_support(self.conn.SUPPORT_DOMAIN_LOADER_SECURE)):
return
self.features.smm = True
+ self.os.loader_secure = True
self.os.machine = "q35"
###################

148
f38c56c9-add-support-for-SMM-feature.patch Normal file
View File

@ -0,0 +1,148 @@
References: rbz#1387479
Subject: virt-install: add support for SMM feature
From: Pavel Hrdina phrdina@redhat.com Thu Jan 26 15:08:36 2017 +0100
Date: Thu Jun 1 09:58:46 2017 +0200:
Git: f38c56c971d8b04bdee41ecba96f3f6d921a4aa7
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Index: virt-manager-1.4.1/man/virt-install.pod
===================================================================
--- virt-manager-1.4.1.orig/man/virt-install.pod
+++ virt-manager-1.4.1/man/virt-install.pod
@@ -275,6 +275,12 @@ Notify the guest that the host supports
This is relevant only for ARM architectures. Possible values are "host" or
version number.
+=item B<--features smm=on>
+
+This enables System Management Mode of hypervisor. Some UEFI firmwares may
+require this feature to be present. (QEMU supports SMM only with q35 machine
+type.)
+
=back
Use --features=? to see a list of all available sub options. Complete details at L<http://libvirt.org/formatdomain.html#elementsFeatures>
Index: virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-features-smm.xml
===================================================================
--- /dev/null
+++ virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-features-smm.xml
@@ -0,0 +1,29 @@
+<domain type="test">
+ <name>foobar</name>
+ <uuid>00000000-1111-2222-3333-444444444444</uuid>
+ <memory>65536</memory>
+ <currentMemory>65536</currentMemory>
+ <vcpu>1</vcpu>
+ <os>
+ <type arch="i686" machine="q35">hvm</type>
+ <boot dev="hd"/>
+ </os>
+ <features>
+ <pae/>
+ <smm state="on"/>
+ </features>
+ <clock offset="utc"/>
+ <pm>
+ <suspend-to-mem enabled="no"/>
+ <suspend-to-disk enabled="no"/>
+ </pm>
+ <devices>
+ <emulator>/usr/bin/test-hv</emulator>
+ <controller type="usb" index="0" model="none"/>
+ <interface type="user">
+ <mac address="00:11:22:33:44:55"/>
+ </interface>
+ <input type="mouse" bus="ps2"/>
+ <console type="pty"/>
+ </devices>
+</domain>
Index: virt-manager-1.4.1/tests/clitest.py
===================================================================
--- virt-manager-1.4.1.orig/tests/clitest.py
+++ virt-manager-1.4.1/tests/clitest.py
@@ -552,6 +552,14 @@ c.add_compare(""" \
""", "spice-gl", compare_check=support.SUPPORT_CONN_VMPORT)
+############################
+# Features install options #
+############################
+
+c = vinst.add_category("features", "--nographics --noautoconsole --import --disk none --controller usb,model=none")
+c.add_compare("--features smm=on", "features-smm")
+c.add_invalid("--features smm=on --machine pc")
+
####################################################
# CPU/RAM/numa and other singleton VM config tests #
Index: virt-manager-1.4.1/virt-install
===================================================================
--- virt-manager-1.4.1.orig/virt-install
+++ virt-manager-1.4.1/virt-install
@@ -633,6 +633,16 @@ def build_guest_instance(conn, options):
logging.warn("Couldn't configure UEFI: %s", e)
logging.warn("Your aarch64 VM may not boot successfully.")
+ # Check usability of SMM feature
+ if guest.features.smm:
+ if not guest.os.is_x86():
+ fail(_("SMM feature is valid only for x86 architecture."))
+
+ if guest.os.machine is None:
+ guest.os.machine = "q35"
+ elif not guest.os.is_q35():
+ fail(_("SMM feature is valid only for q35 machine type"))
+
# Various little validations about option collisions. Need to do
# this after setting guest.installer at least
check_option_collisions(options, guest)
Index: virt-manager-1.4.1/virtinst/cli.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/cli.py
+++ virt-manager-1.4.1/virtinst/cli.py
@@ -1666,6 +1666,12 @@ class ParserFeatures(VirtCLIParser):
cli_arg_name = "features"
objclass = DomainFeatures
+ def set_smm_cb(self, inst, val, virtarg):
+ if not inst.conn.check_support(inst.conn.SUPPORT_DOMAIN_FEATURE_SMM):
+ raise RuntimeError("smm is not supported by libvirt")
+ inst.smm = val
+ return val
+
_register_virt_parser(ParserFeatures)
ParserFeatures.add_arg("acpi", "acpi", is_onoff=True)
ParserFeatures.add_arg("apic", "apic", is_onoff=True)
@@ -1688,6 +1694,8 @@ ParserFeatures.add_arg("pvspinlock", "pv
ParserFeatures.add_arg("gic_version", "gic_version")
+ParserFeatures.add_arg("smm", "smm", is_onoff=True, cb=ParserFeatures.set_smm_cb)
+
###################
# --clock parsing #
Index: virt-manager-1.4.1/virtinst/domainfeatures.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/domainfeatures.py
+++ virt-manager-1.4.1/virtinst/domainfeatures.py
@@ -52,3 +52,5 @@ class DomainFeatures(XMLBuilder):
default_name="default", default_cb=lambda s: False)
kvm_hidden = XMLProperty("./kvm/hidden/@state", is_onoff=True)
pvspinlock = XMLProperty("./pvspinlock/@state", is_onoff=True)
+
+ smm = XMLProperty("./smm/@state", is_onoff=True)
Index: virt-manager-1.4.1/virtinst/support.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/support.py
+++ virt-manager-1.4.1/virtinst/support.py
@@ -361,6 +361,7 @@ SUPPORT_DOMAIN_MEMORY_STATS = _make(
SUPPORT_DOMAIN_STATE = _make(function="virDomain.state", run_args=())
SUPPORT_DOMAIN_OPEN_GRAPHICS = _make(function="virDomain.openGraphicsFD",
version="1.2.8", hv_version={"qemu": 0})
+SUPPORT_DOMAIN_FEATURE_SMM = _make(version="2.1.0")
###############

22
virt-manager.changes
View File

@ -1,3 +1,25 @@
-------------------------------------------------------------------
Wed Jun 7 11:29:02 MDT 2017 - carnold@suse.com
- bsc#1042709 - unable to create VM with SLE4SAP SP1 over network
install
virtinst-fix-sle-distro-parsing.patch
-------------------------------------------------------------------
Mon Jun 5 11:38:58 MDT 2017 - carnold@suse.com
- bsc#1027942 - virt-manager: Missing upstream bug fixes
f38c56c9-add-support-for-SMM-feature.patch
24f9d053-add-support-for-loader-secure-attribute.patch
4f8e795c-if-required-by-UEFI-enable-SMM-feature-and-set-q35-machine-type.patch
b690908a-enable-secure-feature-together-with-smm-for-UEFI.patch
-------------------------------------------------------------------
Thu May 25 16:31:57 MDT 2017 - carnold@suse.com
- bsc#1027942 - virt-manager: Missing upstream bug fixes
93085d2b-reset-guest-domain-to-none-on-domain-creation-error.patch
-------------------------------------------------------------------
Mon May 8 16:13:38 MDT 2017 - carnold@suse.com

14
virt-manager.spec
View File

@ -47,7 +47,12 @@ Patch6: 0610cd6a-ensure-bool-value-used-for-set_sensitive-call.patch
Patch7: f341352c-remove-redundant-error-string.patch
Patch8: ff3b4dc5-dont-overwrite-install-bootorder.patch
Patch9: 2099a194-reset-guest-domain-to-none-on-domain-creation-error.patch
Patch10: 7aee124d-fix-multiple-warnings-2.patch
Patch10: 93085d2b-reset-guest-domain-to-none-on-domain-creation-error.patch
Patch11: 7aee124d-fix-multiple-warnings-2.patch
Patch12: f38c56c9-add-support-for-SMM-feature.patch
Patch13: 24f9d053-add-support-for-loader-secure-attribute.patch
Patch14: 4f8e795c-if-required-by-UEFI-enable-SMM-feature-and-set-q35-machine-type.patch
Patch15: b690908a-enable-secure-feature-together-with-smm-for-UEFI.patch
# SUSE Only
Patch70: virtman-desktop.patch
Patch71: virtman-kvm.patch
@ -86,6 +91,7 @@ Patch161: virtinst-xenbus-disk-index-fix.patch
Patch162: virtinst-refresh_before_fetch_pool.patch
Patch163: virtinst-use-xenpae-kernel-for-32bit.patch
Patch164: virtinst-use-qemu-for-cdrom-device.patch
Patch165: virtinst-fix-sle-distro-parsing.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -179,6 +185,11 @@ machine).
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
# SUSE Only
%patch70 -p1
%patch71 -p1
@ -217,6 +228,7 @@ machine).
%patch162 -p1
%patch163 -p1
%patch164 -p1
%patch165 -p1
%build
%if %{qemu_user}

42
virtinst-fix-sle-distro-parsing.patch Normal file
View File

@ -0,0 +1,42 @@
References: bsc#1042709
Index: virt-manager-1.4.1/virtinst/urlfetcher.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/urlfetcher.py
+++ virt-manager-1.4.1/virtinst/urlfetcher.py
@@ -444,9 +444,20 @@ def _distroFromSUSEContent(fetcher, arch
arch = "ppc64le"
def _parse_sle_distribution(d):
- sle_version = d[1].strip().rsplit(' ')[4]
- if len(d[1].strip().rsplit(' ')) > 5:
- sle_version = sle_version + '.' + d[1].strip().rsplit(' ')[5][2]
+ d_list = d[1].strip().rsplit(' ')
+ d_len = len(d_list)
+ sle_version = 12
+ counter = 0
+ while counter < d_len:
+ item = d_list[counter].strip()
+ if item.isdigit():
+ sle_version = item
+ if counter+1 < d_len:
+ item = d_list[counter+1].strip()
+ if item[2].isdigit():
+ sle_version = sle_version + '.' + item[2]
+ break
+ counter += 1
return ['VERSION', sle_version]
dclass = GenericDistro
@@ -1029,7 +1040,10 @@ class SuseDistro(Distro):
distro_version = self.version_from_content[1].strip()
version = distro_version.split('.', 1)[0].strip()
self.os_variant = self.urldistro
- version_int = int(version)
+ if version.isdigit():
+ version_int = int(version)
+ else:
+ version_int = 12
if version_int >= 10:
if self.os_variant.startswith(("sles", "sled")):
sp_version = None

8
virtinst-s390x-disable-graphics.patch
View File

@ -16,7 +16,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py
self.skip_default_rng = False
self.x86_cpu_default = self.cpu.SPECIAL_MODE_HOST_MODEL_ONLY
@@ -620,7 +623,7 @@ class Guest(XMLBuilder):
@@ -647,7 +650,7 @@ class Guest(XMLBuilder):
self.add_device(dev)
def add_default_video_device(self):
@ -25,7 +25,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py
return
if self.get_devices("video"):
return
@@ -658,6 +661,8 @@ class Guest(XMLBuilder):
@@ -685,6 +688,8 @@ class Guest(XMLBuilder):
dev.target_type = "virtio"
dev.target_name = dev.CHANNEL_NAME_QEMUGA
self.add_device(dev)
@ -34,7 +34,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py
def add_default_graphics(self):
if self.skip_default_graphics:
@@ -666,7 +671,7 @@ class Guest(XMLBuilder):
@@ -693,7 +698,7 @@ class Guest(XMLBuilder):
return
if self.os.is_container():
return
@ -43,7 +43,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py
return
self.add_device(VirtualGraphics(self.conn))
@@ -1004,7 +1009,7 @@ class Guest(XMLBuilder):
@@ -1031,7 +1036,7 @@ class Guest(XMLBuilder):
if self._hv_only_supports_virtio():
return True

2
virtinst-set-qemu-emulator.patch
View File

@ -5,7 +5,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py
===================================================================
--- virt-manager-1.4.1.orig/virtinst/guest.py
+++ virt-manager-1.4.1/virtinst/guest.py
@@ -817,14 +817,11 @@ class Guest(XMLBuilder):
@@ -844,14 +844,11 @@ class Guest(XMLBuilder):
self.emulator = None
return