diff --git a/2099a194-reset-guest-domain-to-none-on-domain-creation-error.patch b/2099a194-reset-guest-domain-to-none-on-domain-creation-error.patch index db47585c..5b172ac1 100644 --- a/2099a194-reset-guest-domain-to-none-on-domain-creation-error.patch +++ b/2099a194-reset-guest-domain-to-none-on-domain-creation-error.patch @@ -21,10 +21,10 @@ self.domain to None when an exception is caught. Signed-off-by: Christophe Fergeau -diff --git a/virtinst/guest.py b/virtinst/guest.py -index c8c3d14c..39975199 100644 ---- a/virtinst/guest.py -+++ b/virtinst/guest.py +Index: virt-manager-1.4.1/virtinst/guest.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/guest.py ++++ virt-manager-1.4.1/virtinst/guest.py @@ -408,6 +408,7 @@ class Guest(XMLBuilder): exc_info = sys.exc_info() try: diff --git a/24f9d053-add-support-for-loader-secure-attribute.patch b/24f9d053-add-support-for-loader-secure-attribute.patch new file mode 100644 index 00000000..1d06f849 --- /dev/null +++ b/24f9d053-add-support-for-loader-secure-attribute.patch @@ -0,0 +1,134 @@ +References: rbz#1387479 + +Subject: virt-install: add support for loader secure attribute +From: Pavel Hrdina phrdina@redhat.com Thu Jan 26 16:11:31 2017 +0100 +Date: Thu Jun 1 09:58:46 2017 +0200: +Git: 24f9d05329a485c21325fc2e93a283b832359d05 + +Signed-off-by: Pavel Hrdina + +Index: virt-manager-1.4.1/man/virt-install.pod +=================================================================== +--- virt-manager-1.4.1.orig/man/virt-install.pod ++++ virt-manager-1.4.1/man/virt-install.pod +@@ -514,13 +514,14 @@ correct UEFI parameters, libvirt needs t + via domcapabilities XML, so this will likely only work if using properly + configured distro packages. + +-=item B<--boot loader=/.../OVMF_CODE.fd,loader_ro=yes,loader_type=pflash,nvram_template=/.../OVMF_VARS.fd> ++=item B<--boot loader=/.../OVMF_CODE.fd,loader_ro=yes,loader_type=pflash,nvram_template=/.../OVMF_VARS.fd,loader_secure=no> + + Specify that the virtual machine use the custom OVMF binary as boot firmware, + mapped as a virtual flash chip. In addition, request that libvirt instantiate + the VM-specific UEFI varstore from the custom "/.../OVMF_VARS.fd" varstore + template. This is the recommended UEFI setup, and should be used if +---boot uefi doesn't know about your UEFI binaries. ++--boot uefi doesn't know about your UEFI binaries. If your UEFI firmware ++supports Secure boot feature you can enable it via loader_secure. + + =back + +Index: virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-loader-secure.xml +=================================================================== +--- /dev/null ++++ virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-loader-secure.xml +@@ -0,0 +1,29 @@ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ /path/to/loader ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ /usr/bin/test-hv ++ ++ ++ ++ ++ ++ ++ ++ +Index: virt-manager-1.4.1/tests/clitest.py +=================================================================== +--- virt-manager-1.4.1.orig/tests/clitest.py ++++ virt-manager-1.4.1/tests/clitest.py +@@ -561,6 +561,14 @@ c.add_compare("--features smm=on", "feat + c.add_invalid("--features smm=on --machine pc") + + ++######################## ++# Boot install options # ++######################## ++ ++c = vinst.add_category("boot", "--nographics --noautoconsole --import --disk none --controller usb,model=none") ++c.add_compare("--boot loader=/path/to/loader,loader_secure=yes", "boot-loader-secure") ++ ++ + #################################################### + # CPU/RAM/numa and other singleton VM config tests # + #################################################### +Index: virt-manager-1.4.1/virtinst/cli.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/cli.py ++++ virt-manager-1.4.1/virtinst/cli.py +@@ -1573,6 +1573,13 @@ class ParserBoot(VirtCLIParser): + inst.os.smbios_mode = val + self.optdict["smbios_mode"] = val + ++ def set_loader_secure_cb(self, inst, val, virtarg): ++ if not inst.conn.check_support(inst.conn.SUPPORT_DOMAIN_LOADER_SECURE): ++ raise RuntimeError("secure attribute for loader is not supported " ++ "by libvirt.") ++ inst.os.loader_secure = val ++ return val ++ + def noset_cb(self, inst, val, virtarg): + pass + +@@ -1609,6 +1616,8 @@ ParserBoot.add_arg("os.dtb", "dtb") + ParserBoot.add_arg("os.loader", "loader") + ParserBoot.add_arg("os.loader_ro", "loader_ro", is_onoff=True) + ParserBoot.add_arg("os.loader_type", "loader_type") ++ParserBoot.add_arg("os.loader_secure", "loader_secure", is_onoff=True, ++ cb=ParserBoot.set_loader_secure_cb) + ParserBoot.add_arg("os.nvram", "nvram") + ParserBoot.add_arg("os.nvram_template", "nvram_template") + ParserBoot.add_arg("os.kernel_args", "kernel_args", +Index: virt-manager-1.4.1/virtinst/osxml.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/osxml.py ++++ virt-manager-1.4.1/virtinst/osxml.py +@@ -116,6 +116,7 @@ class OSXML(XMLBuilder): + loader = XMLProperty("./loader") + loader_ro = XMLProperty("./loader/@readonly", is_yesno=True) + loader_type = XMLProperty("./loader/@type") ++ loader_secure = XMLProperty("./loader/@secure", is_yesno=True) + smbios_mode = XMLProperty("./smbios/@mode") + nvram = XMLProperty("./nvram") + nvram_template = XMLProperty("./nvram/@template") +Index: virt-manager-1.4.1/virtinst/support.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/support.py ++++ virt-manager-1.4.1/virtinst/support.py +@@ -362,6 +362,7 @@ SUPPORT_DOMAIN_STATE = _make(function="v + SUPPORT_DOMAIN_OPEN_GRAPHICS = _make(function="virDomain.openGraphicsFD", + version="1.2.8", hv_version={"qemu": 0}) + SUPPORT_DOMAIN_FEATURE_SMM = _make(version="2.1.0") ++SUPPORT_DOMAIN_LOADER_SECURE = _make(version="2.1.0") + + + ############### diff --git a/4f8e795c-if-required-by-UEFI-enable-SMM-feature-and-set-q35-machine-type.patch b/4f8e795c-if-required-by-UEFI-enable-SMM-feature-and-set-q35-machine-type.patch new file mode 100644 index 00000000..1eb76c5e --- /dev/null +++ b/4f8e795c-if-required-by-UEFI-enable-SMM-feature-and-set-q35-machine-type.patch @@ -0,0 +1,297 @@ +References: rbz#1387479 + +Subject: virtinst: if required by UEFI enable SMM feature and set q35 machine type +From: Pavel Hrdina phrdina@redhat.com Mon Feb 6 13:46:06 2017 +0100 +Date: Thu Jun 1 09:58:46 2017 +0200: +Git: 4f8e795c6a7158b3da48f65322cabfae1d110cae + +If we detect that the UEFI image is build to require SMM feature we +should configure the guest to enable SMM feature and set q35 machine +type. Without this user wouldn't be able to boot the guest. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1387479 + +Signed-off-by: Pavel Hrdina + +Index: virt-manager-1.4.1/tests/capabilities-xml/kvm-x86_64-domcaps-q35.xml +=================================================================== +--- /dev/null ++++ virt-manager-1.4.1/tests/capabilities-xml/kvm-x86_64-domcaps-q35.xml +@@ -0,0 +1,126 @@ ++ ++ /home/phrdina/work/qemu/x86_64-softmmu/qemu-system-x86_64 ++ kvm ++ pc-q35-2.9 ++ x86_64 ++ ++ ++ ++ /usr/share/ovmf/OVMF_CODE.secboot.fd ++ ++ rom ++ pflash ++ ++ ++ yes ++ no ++ ++ ++ ++ ++ ++ ++ Skylake-Client ++ Intel ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ qemu64 ++ qemu32 ++ phenom ++ pentium3 ++ pentium2 ++ pentium ++ n270 ++ kvm64 ++ kvm32 ++ coreduo ++ core2duo ++ athlon ++ Westmere ++ Skylake-Client ++ SandyBridge ++ Penryn ++ Opteron_G5 ++ Opteron_G4 ++ Opteron_G3 ++ Opteron_G2 ++ Opteron_G1 ++ Nehalem ++ IvyBridge ++ Haswell ++ Haswell-noTSX ++ Conroe ++ Broadwell ++ Broadwell-noTSX ++ 486 ++ ++ ++ ++ ++ ++ disk ++ cdrom ++ floppy ++ lun ++ ++ ++ fdc ++ scsi ++ virtio ++ usb ++ sata ++ ++ ++ ++ ++ sdl ++ vnc ++ spice ++ ++ ++ ++ ++ ++ subsystem ++ ++ ++ default ++ mandatory ++ requisite ++ optional ++ ++ ++ usb ++ pci ++ scsi ++ ++ ++ ++ default ++ kvm ++ vfio ++ ++ ++ ++ ++ ++ ++ ++ ++ +Index: virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-uefi.xml +=================================================================== +--- /dev/null ++++ virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-uefi.xml +@@ -0,0 +1,61 @@ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ /usr/share/ovmf/OVMF_CODE.secboot.fd ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ Opteron_G4 ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ /usr/bin/qemu-kvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ +Index: virt-manager-1.4.1/tests/clitest.py +=================================================================== +--- virt-manager-1.4.1.orig/tests/clitest.py ++++ virt-manager-1.4.1/tests/clitest.py +@@ -71,6 +71,7 @@ test_files = { + 'URI-TEST-DEFAULT': utils.uri_test_default, + 'URI-TEST-REMOTE': utils.uri_test_remote, + 'URI-KVM': utils.uri_kvm, ++ 'URI-KVM-Q35': utils.uri_kvm_q35, + 'URI-KVM-SESSION': utils.uri_kvm_session, + 'URI-KVM-REMOTE': utils.uri_kvm + ",remote", + 'URI-KVM-NODOMCAPS': utils.uri_kvm_nodomcaps, +@@ -771,6 +772,9 @@ c.add_invalid("--disk none --boot networ + c.add_invalid("--nodisks --boot network --arch mips --virt-type kvm") # Invalid domain type for arch + c.add_invalid("--nodisks --boot network --paravirt --arch mips") # Invalid arch/virt combo + ++c = vinst.add_category("kvm-q35", "--connect %(URI-KVM-Q35)s --noautoconsole", compare_check=support.SUPPORT_CONN_VMPORT) ++c.add_compare("--boot uefi --disk none", "boot-uefi") ++ + + ###################### + # LXC specific tests # +Index: virt-manager-1.4.1/tests/utils.py +=================================================================== +--- virt-manager-1.4.1.orig/tests/utils.py ++++ virt-manager-1.4.1/tests/utils.py +@@ -37,10 +37,12 @@ uri_test_remote = uri_test + ",remote" + + _uri_qemu = "%s,qemu" % uri_test + _uri_kvm_domcaps = (_uri_qemu + _domcapsprefix + "kvm-x86_64-domcaps.xml") ++_uri_kvm_domcaps_q35 = (_uri_qemu + _domcapsprefix + "kvm-x86_64-domcaps-q35.xml") + _uri_kvm_aarch64_domcaps = (_uri_qemu + _domcapsprefix + "kvm-aarch64-domcaps.xml") + uri_kvm_nodomcaps = (_uri_qemu + _capsprefix + "kvm-x86_64.xml") + uri_kvm_rhel = (_uri_kvm_domcaps + _capsprefix + "kvm-x86_64-rhel7.xml") + uri_kvm = (_uri_kvm_domcaps + _capsprefix + "kvm-x86_64.xml") ++uri_kvm_q35 = (_uri_kvm_domcaps_q35 + _capsprefix + "kvm-x86_64.xml") + uri_kvm_session = uri_kvm + ",session" + + uri_kvm_armv7l = (_uri_kvm_domcaps + _capsprefix + "kvm-armv7l.xml") +Index: virt-manager-1.4.1/virtManager/domain.py +=================================================================== +--- virt-manager-1.4.1.orig/virtManager/domain.py ++++ virt-manager-1.4.1/virtManager/domain.py +@@ -698,6 +698,7 @@ class vmmDomain(vmmLibvirtObject): + guest.os.loader = loader + guest.os.loader_type = "pflash" + guest.os.loader_ro = True ++ guest.check_uefi_smm() + + if nvram != _SENTINEL: + guest.os.nvram = nvram +Index: virt-manager-1.4.1/virtinst/guest.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/guest.py ++++ virt-manager-1.4.1/virtinst/guest.py +@@ -542,6 +542,29 @@ class Guest(XMLBuilder): + self.os.loader_type = "pflash" + self.os.loader = path + ++ self.check_uefi_smm() ++ ++ ++ def check_uefi_smm(self): ++ """ ++ If the firmware name contains "secboot" it is probably build ++ with SMM feature required so we need to enable that feature, ++ otherwise the firmware may fail to load. True secure boot is ++ currently supported only on x86 architecture and with q35 with ++ SMM feature enabled so change the machine to q35 as well. ++ """ ++ ++ if not self.os.is_x86(): ++ return ++ ++ if "secboot" not in self.os.loader: ++ return ++ ++ if not self.conn.check_support(self.conn.SUPPORT_DOMAIN_FEATURE_SMM): ++ return ++ ++ self.features.smm = True ++ self.os.machine = "q35" + + ################### + # Device defaults # diff --git a/93085d2b-reset-guest-domain-to-none-on-domain-creation-error.patch b/93085d2b-reset-guest-domain-to-none-on-domain-creation-error.patch new file mode 100644 index 00000000..0b6bbc60 --- /dev/null +++ b/93085d2b-reset-guest-domain-to-none-on-domain-creation-error.patch @@ -0,0 +1,47 @@ +Subject: guest: Don't repeatedly overwrite self.domain +From: Cole Robinson crobinso@redhat.com Thu Apr 13 14:56:03 2017 -0400 +Date: Thu Apr 13 14:56:03 2017 -0400: +Git: 93085d2b9d4a3dd6cbb9edfeae9b6cefee9419c1 + +Since clearing it is important, just set it at the end when things +have succeeded + +diff --git a/virtinst/guest.py b/virtinst/guest.py +index 39975199..6bdfe170 100644 +--- a/virtinst/guest.py ++++ b/virtinst/guest.py +@@ -394,28 +394,28 @@ class Guest(XMLBuilder): + meter.start(size=None, text=meter_label) + + if transient: +- self.domain = self.conn.createXML(install_xml or final_xml, 0) ++ domain = self.conn.createXML(install_xml or final_xml, 0) + else: + # Not all hypervisors (vz) support createXML, so avoid it here +- self.domain = self.conn.defineXML(install_xml or final_xml) ++ domain = self.conn.defineXML(install_xml or final_xml) + + # Handle undefining the VM if the initial startup fails + if doboot or self.installer.has_install_phase(): + try: +- self.domain.create() ++ domain.create() + except: + import sys + exc_info = sys.exc_info() + try: +- self.domain.undefine() +- self.domain = None ++ domain.undefine() + except: + pass + raise exc_info[0], exc_info[1], exc_info[2] + + if install_xml and install_xml != final_xml: +- self.domain = self.conn.defineXML(final_xml) ++ domain = self.conn.defineXML(final_xml) + ++ self.domain = domain + try: + logging.debug("XML fetched from libvirt object:\n%s", + self.domain.XMLDesc(0)) diff --git a/b690908a-enable-secure-feature-together-with-smm-for-UEFI.patch b/b690908a-enable-secure-feature-together-with-smm-for-UEFI.patch new file mode 100644 index 00000000..dbec721d --- /dev/null +++ b/b690908a-enable-secure-feature-together-with-smm-for-UEFI.patch @@ -0,0 +1,77 @@ +Subject: virtinst: enable secure feature together with smm for UEFI +From: Pavel Hrdina phrdina@redhat.com Wed Jun 7 20:47:59 2017 +0200 +Date: Wed Jun 7 20:49:45 2017 +0200: +Git: b690908aa47ea4040a0b232328a7b79ff99ceabc + +The secure feature actually enforce the secure boot if Secure Boot +Mode is configured. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1387479 + +Signed-off-by: Pavel Hrdina + +Index: virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-uefi.xml +=================================================================== +--- virt-manager-1.4.1.orig/tests/cli-test-xml/compare/virt-install-boot-uefi.xml ++++ virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-boot-uefi.xml +@@ -6,7 +6,7 @@ + 1 + + hvm +- /usr/share/ovmf/OVMF_CODE.secboot.fd ++ /usr/share/ovmf/OVMF_CODE.secboot.fd + + + +Index: virt-manager-1.4.1/virtManager/domain.py +=================================================================== +--- virt-manager-1.4.1.orig/virtManager/domain.py ++++ virt-manager-1.4.1/virtManager/domain.py +@@ -698,7 +698,7 @@ class vmmDomain(vmmLibvirtObject): + guest.os.loader = loader + guest.os.loader_type = "pflash" + guest.os.loader_ro = True +- guest.check_uefi_smm() ++ guest.check_uefi_secure() + + if nvram != _SENTINEL: + guest.os.nvram = nvram +Index: virt-manager-1.4.1/virtinst/guest.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/guest.py ++++ virt-manager-1.4.1/virtinst/guest.py +@@ -542,16 +542,18 @@ class Guest(XMLBuilder): + self.os.loader_type = "pflash" + self.os.loader = path + +- self.check_uefi_smm() ++ self.check_uefi_secure() + + +- def check_uefi_smm(self): ++ def check_uefi_secure(self): + """ + If the firmware name contains "secboot" it is probably build + with SMM feature required so we need to enable that feature, + otherwise the firmware may fail to load. True secure boot is + currently supported only on x86 architecture and with q35 with + SMM feature enabled so change the machine to q35 as well. ++ To actually enforce the secure boot for the guest if Secure Boot ++ Mode is configured we need to enable loader secure feature. + """ + + if not self.os.is_x86(): +@@ -560,10 +562,12 @@ class Guest(XMLBuilder): + if "secboot" not in self.os.loader: + return + +- if not self.conn.check_support(self.conn.SUPPORT_DOMAIN_FEATURE_SMM): ++ if (not self.conn.check_support(self.conn.SUPPORT_DOMAIN_FEATURE_SMM) or ++ not self.conn.check_support(self.conn.SUPPORT_DOMAIN_LOADER_SECURE)): + return + + self.features.smm = True ++ self.os.loader_secure = True + self.os.machine = "q35" + + ################### diff --git a/f38c56c9-add-support-for-SMM-feature.patch b/f38c56c9-add-support-for-SMM-feature.patch new file mode 100644 index 00000000..610374e4 --- /dev/null +++ b/f38c56c9-add-support-for-SMM-feature.patch @@ -0,0 +1,148 @@ +References: rbz#1387479 + +Subject: virt-install: add support for SMM feature +From: Pavel Hrdina phrdina@redhat.com Thu Jan 26 15:08:36 2017 +0100 +Date: Thu Jun 1 09:58:46 2017 +0200: +Git: f38c56c971d8b04bdee41ecba96f3f6d921a4aa7 + +Signed-off-by: Pavel Hrdina + +Index: virt-manager-1.4.1/man/virt-install.pod +=================================================================== +--- virt-manager-1.4.1.orig/man/virt-install.pod ++++ virt-manager-1.4.1/man/virt-install.pod +@@ -275,6 +275,12 @@ Notify the guest that the host supports + This is relevant only for ARM architectures. Possible values are "host" or + version number. + ++=item B<--features smm=on> ++ ++This enables System Management Mode of hypervisor. Some UEFI firmwares may ++require this feature to be present. (QEMU supports SMM only with q35 machine ++type.) ++ + =back + + Use --features=? to see a list of all available sub options. Complete details at L +Index: virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-features-smm.xml +=================================================================== +--- /dev/null ++++ virt-manager-1.4.1/tests/cli-test-xml/compare/virt-install-features-smm.xml +@@ -0,0 +1,29 @@ ++ ++ foobar ++ 00000000-1111-2222-3333-444444444444 ++ 65536 ++ 65536 ++ 1 ++ ++ hvm ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ /usr/bin/test-hv ++ ++ ++ ++ ++ ++ ++ ++ +Index: virt-manager-1.4.1/tests/clitest.py +=================================================================== +--- virt-manager-1.4.1.orig/tests/clitest.py ++++ virt-manager-1.4.1/tests/clitest.py +@@ -552,6 +552,14 @@ c.add_compare(""" \ + """, "spice-gl", compare_check=support.SUPPORT_CONN_VMPORT) + + ++############################ ++# Features install options # ++############################ ++ ++c = vinst.add_category("features", "--nographics --noautoconsole --import --disk none --controller usb,model=none") ++c.add_compare("--features smm=on", "features-smm") ++c.add_invalid("--features smm=on --machine pc") ++ + + #################################################### + # CPU/RAM/numa and other singleton VM config tests # +Index: virt-manager-1.4.1/virt-install +=================================================================== +--- virt-manager-1.4.1.orig/virt-install ++++ virt-manager-1.4.1/virt-install +@@ -633,6 +633,16 @@ def build_guest_instance(conn, options): + logging.warn("Couldn't configure UEFI: %s", e) + logging.warn("Your aarch64 VM may not boot successfully.") + ++ # Check usability of SMM feature ++ if guest.features.smm: ++ if not guest.os.is_x86(): ++ fail(_("SMM feature is valid only for x86 architecture.")) ++ ++ if guest.os.machine is None: ++ guest.os.machine = "q35" ++ elif not guest.os.is_q35(): ++ fail(_("SMM feature is valid only for q35 machine type")) ++ + # Various little validations about option collisions. Need to do + # this after setting guest.installer at least + check_option_collisions(options, guest) +Index: virt-manager-1.4.1/virtinst/cli.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/cli.py ++++ virt-manager-1.4.1/virtinst/cli.py +@@ -1666,6 +1666,12 @@ class ParserFeatures(VirtCLIParser): + cli_arg_name = "features" + objclass = DomainFeatures + ++ def set_smm_cb(self, inst, val, virtarg): ++ if not inst.conn.check_support(inst.conn.SUPPORT_DOMAIN_FEATURE_SMM): ++ raise RuntimeError("smm is not supported by libvirt") ++ inst.smm = val ++ return val ++ + _register_virt_parser(ParserFeatures) + ParserFeatures.add_arg("acpi", "acpi", is_onoff=True) + ParserFeatures.add_arg("apic", "apic", is_onoff=True) +@@ -1688,6 +1694,8 @@ ParserFeatures.add_arg("pvspinlock", "pv + + ParserFeatures.add_arg("gic_version", "gic_version") + ++ParserFeatures.add_arg("smm", "smm", is_onoff=True, cb=ParserFeatures.set_smm_cb) ++ + + ################### + # --clock parsing # +Index: virt-manager-1.4.1/virtinst/domainfeatures.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/domainfeatures.py ++++ virt-manager-1.4.1/virtinst/domainfeatures.py +@@ -52,3 +52,5 @@ class DomainFeatures(XMLBuilder): + default_name="default", default_cb=lambda s: False) + kvm_hidden = XMLProperty("./kvm/hidden/@state", is_onoff=True) + pvspinlock = XMLProperty("./pvspinlock/@state", is_onoff=True) ++ ++ smm = XMLProperty("./smm/@state", is_onoff=True) +Index: virt-manager-1.4.1/virtinst/support.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/support.py ++++ virt-manager-1.4.1/virtinst/support.py +@@ -361,6 +361,7 @@ SUPPORT_DOMAIN_MEMORY_STATS = _make( + SUPPORT_DOMAIN_STATE = _make(function="virDomain.state", run_args=()) + SUPPORT_DOMAIN_OPEN_GRAPHICS = _make(function="virDomain.openGraphicsFD", + version="1.2.8", hv_version={"qemu": 0}) ++SUPPORT_DOMAIN_FEATURE_SMM = _make(version="2.1.0") + + + ############### diff --git a/virt-manager.changes b/virt-manager.changes index f585c7c2..d9db20eb 100644 --- a/virt-manager.changes +++ b/virt-manager.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Wed Jun 7 11:29:02 MDT 2017 - carnold@suse.com + +- bsc#1042709 - unable to create VM with SLE4SAP SP1 over network + install + virtinst-fix-sle-distro-parsing.patch + +------------------------------------------------------------------- +Mon Jun 5 11:38:58 MDT 2017 - carnold@suse.com + +- bsc#1027942 - virt-manager: Missing upstream bug fixes + f38c56c9-add-support-for-SMM-feature.patch + 24f9d053-add-support-for-loader-secure-attribute.patch + 4f8e795c-if-required-by-UEFI-enable-SMM-feature-and-set-q35-machine-type.patch + b690908a-enable-secure-feature-together-with-smm-for-UEFI.patch + +------------------------------------------------------------------- +Thu May 25 16:31:57 MDT 2017 - carnold@suse.com + +- bsc#1027942 - virt-manager: Missing upstream bug fixes + 93085d2b-reset-guest-domain-to-none-on-domain-creation-error.patch + ------------------------------------------------------------------- Mon May 8 16:13:38 MDT 2017 - carnold@suse.com diff --git a/virt-manager.spec b/virt-manager.spec index 9b953e8b..aaaf47a8 100644 --- a/virt-manager.spec +++ b/virt-manager.spec @@ -47,7 +47,12 @@ Patch6: 0610cd6a-ensure-bool-value-used-for-set_sensitive-call.patch Patch7: f341352c-remove-redundant-error-string.patch Patch8: ff3b4dc5-dont-overwrite-install-bootorder.patch Patch9: 2099a194-reset-guest-domain-to-none-on-domain-creation-error.patch -Patch10: 7aee124d-fix-multiple-warnings-2.patch +Patch10: 93085d2b-reset-guest-domain-to-none-on-domain-creation-error.patch +Patch11: 7aee124d-fix-multiple-warnings-2.patch +Patch12: f38c56c9-add-support-for-SMM-feature.patch +Patch13: 24f9d053-add-support-for-loader-secure-attribute.patch +Patch14: 4f8e795c-if-required-by-UEFI-enable-SMM-feature-and-set-q35-machine-type.patch +Patch15: b690908a-enable-secure-feature-together-with-smm-for-UEFI.patch # SUSE Only Patch70: virtman-desktop.patch Patch71: virtman-kvm.patch @@ -86,6 +91,7 @@ Patch161: virtinst-xenbus-disk-index-fix.patch Patch162: virtinst-refresh_before_fetch_pool.patch Patch163: virtinst-use-xenpae-kernel-for-32bit.patch Patch164: virtinst-use-qemu-for-cdrom-device.patch +Patch165: virtinst-fix-sle-distro-parsing.patch BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -179,6 +185,11 @@ machine). %patch8 -p1 %patch9 -p1 %patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 # SUSE Only %patch70 -p1 %patch71 -p1 @@ -217,6 +228,7 @@ machine). %patch162 -p1 %patch163 -p1 %patch164 -p1 +%patch165 -p1 %build %if %{qemu_user} diff --git a/virtinst-fix-sle-distro-parsing.patch b/virtinst-fix-sle-distro-parsing.patch new file mode 100644 index 00000000..f6e8d9c6 --- /dev/null +++ b/virtinst-fix-sle-distro-parsing.patch @@ -0,0 +1,42 @@ +References: bsc#1042709 + +Index: virt-manager-1.4.1/virtinst/urlfetcher.py +=================================================================== +--- virt-manager-1.4.1.orig/virtinst/urlfetcher.py ++++ virt-manager-1.4.1/virtinst/urlfetcher.py +@@ -444,9 +444,20 @@ def _distroFromSUSEContent(fetcher, arch + arch = "ppc64le" + + def _parse_sle_distribution(d): +- sle_version = d[1].strip().rsplit(' ')[4] +- if len(d[1].strip().rsplit(' ')) > 5: +- sle_version = sle_version + '.' + d[1].strip().rsplit(' ')[5][2] ++ d_list = d[1].strip().rsplit(' ') ++ d_len = len(d_list) ++ sle_version = 12 ++ counter = 0 ++ while counter < d_len: ++ item = d_list[counter].strip() ++ if item.isdigit(): ++ sle_version = item ++ if counter+1 < d_len: ++ item = d_list[counter+1].strip() ++ if item[2].isdigit(): ++ sle_version = sle_version + '.' + item[2] ++ break ++ counter += 1 + return ['VERSION', sle_version] + + dclass = GenericDistro +@@ -1029,7 +1040,10 @@ class SuseDistro(Distro): + distro_version = self.version_from_content[1].strip() + version = distro_version.split('.', 1)[0].strip() + self.os_variant = self.urldistro +- version_int = int(version) ++ if version.isdigit(): ++ version_int = int(version) ++ else: ++ version_int = 12 + if version_int >= 10: + if self.os_variant.startswith(("sles", "sled")): + sp_version = None diff --git a/virtinst-s390x-disable-graphics.patch b/virtinst-s390x-disable-graphics.patch index e91cde50..089713c3 100644 --- a/virtinst-s390x-disable-graphics.patch +++ b/virtinst-s390x-disable-graphics.patch @@ -16,7 +16,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py self.skip_default_rng = False self.x86_cpu_default = self.cpu.SPECIAL_MODE_HOST_MODEL_ONLY -@@ -620,7 +623,7 @@ class Guest(XMLBuilder): +@@ -647,7 +650,7 @@ class Guest(XMLBuilder): self.add_device(dev) def add_default_video_device(self): @@ -25,7 +25,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py return if self.get_devices("video"): return -@@ -658,6 +661,8 @@ class Guest(XMLBuilder): +@@ -685,6 +688,8 @@ class Guest(XMLBuilder): dev.target_type = "virtio" dev.target_name = dev.CHANNEL_NAME_QEMUGA self.add_device(dev) @@ -34,7 +34,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py def add_default_graphics(self): if self.skip_default_graphics: -@@ -666,7 +671,7 @@ class Guest(XMLBuilder): +@@ -693,7 +698,7 @@ class Guest(XMLBuilder): return if self.os.is_container(): return @@ -43,7 +43,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py return self.add_device(VirtualGraphics(self.conn)) -@@ -1004,7 +1009,7 @@ class Guest(XMLBuilder): +@@ -1031,7 +1036,7 @@ class Guest(XMLBuilder): if self._hv_only_supports_virtio(): return True diff --git a/virtinst-set-qemu-emulator.patch b/virtinst-set-qemu-emulator.patch index ab048946..df770108 100644 --- a/virtinst-set-qemu-emulator.patch +++ b/virtinst-set-qemu-emulator.patch @@ -5,7 +5,7 @@ Index: virt-manager-1.4.1/virtinst/guest.py =================================================================== --- virt-manager-1.4.1.orig/virtinst/guest.py +++ virt-manager-1.4.1/virtinst/guest.py -@@ -817,14 +817,11 @@ class Guest(XMLBuilder): +@@ -844,14 +844,11 @@ class Guest(XMLBuilder): self.emulator = None return