Commit Graph

6376 Commits

Author SHA1 Message Date
Andrea Bolognani
a989986cb9 tests: Add RISC-V support
RISC-V doesn't support KVM yet, so we are forced to use TCG
on x86 until that's working.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2019-04-04 18:57:39 -04:00
Pavel Hrdina
8720637cff virt-manager: add new checkbox to control CPU security features
By default we copy CPU security features to the guest if specific CPU
model is selected.  However, this may break migration and will affect
performance of the guest.  This adds an option to disable this default
behavior.

The checkbox is clickable only on x86 and only on host where we can
detect any CPU security features, otherwise a tooltip is set to notify
users that there is nothing to copy.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-04 15:32:42 +02:00
Pavel Hrdina
00f8dea370 domcapabilities: add caching of CPU security features
We will call this function multiple times so it makes sense to cache the
result so we don't have to call libvirt APIs every time we will check
what security features are available on the host.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-04 13:40:45 +02:00
Pavel Hrdina
22342ef7ee cli: introduce CPU secure parameter
This will allow users to override the default behavior of virt-install
which copies CPU security features available on the host to the guest
XML if specific CPU model is configured.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-04 13:40:20 +02:00
Pavel Hrdina
b711b28b1a domcapabilities: fix typo in function name
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-04 11:51:03 +02:00
Pavel Hrdina
29f815fbd2 domcapabilities: remove recommended CPU features from security features
These features are only recommended to be enabled since they improve
performance of the VMs if security features are enabled.

pcid is a very useful perf feature, but missing in some silicon
so not portable.

pdpe1gb lets the guest use 1 GB pages which is good for perf
but again not all silicon can do it.

amd-ssbd is a security feature which fixes the same SSBD flaws as the
virt-ssbd feature does. virt-ssbd is usable across all CPU models
affected by SSBD, while amd-ssbd is only available in very new silicon.
So virt-ssbd is the bette rchoice.

amd-no-ssb just indicates that the CPU is not affected by SSBD, so not
critical to expose. I expect a future named CPU model will include that
where appropriate.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-04 11:49:29 +02:00
Cole Robinson
c6b5f22fa6 initrdinject: Force added files to be owned as root (bz 1686464)
systemd in fedora30 has some new security restriction about non-root
owned directories. Initrd inject would tickle this because the cpio
archive would cause the root dir in the initrd to be owned by the
uid that launched virt-install.

Pass --owner=+0:+0 to cpio to force root ownership

Suggested-by: James Szinger <jszinger@gmail.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1686464
2019-04-03 20:29:16 -04:00
Cole Robinson
d252061b4b tests: inject: Update test cases 2019-04-03 20:23:55 -04:00
Cole Robinson
309840b953 initrdinject: Use full option versions for cpio
Makes it more self documenting IMO
2019-04-02 15:03:03 -04:00
Fabiano Fidêncio
d5af67d077 installer: add support for windows unattended install
The Windows unattended installation is quite similar to the Linux one
with a few major differences:
- It uses floppy injection instead of initrd injection
  - Yes, it does. Then we have to create a floppy, add the device and,
    when finishing the installation, remove the device;
- There's no InstallerTreeMedia in the game making us end up duplicating
  some code in the Installer class as:
  - keeping track of files that have to be cleanup up;
  - actually cleaning up the files;
  - generating the install script

Apart from that, some obvious differences in the scripts where already
done in a previous commit, but those were basically:
- Not using /dev/*da as a target disk, but use "C" instead;
- Set the product-key
- Explicitly set the injection method as "floppy"

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-04-01 16:28:52 -04:00
Fabiano Fidêncio
ec102a07a1 installer: add unattended data
Let's add unattended data to the Installer class as it's going to be
used whenever a Windows unattended installation is performed.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-04-01 16:28:52 -04:00
Fabiano Fidêncio
a9a983af30 installer: deal with unattended files
Let's have a way to keep track of unattended files that are going to be
used when performing a unattended installation of a Windows guest so we
can clean them up whenever the installation is done.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-04-01 16:28:52 -04:00
Fabiano Fidêncio
889936f857 installer: deal with floppy devices used during install
A floppy device is going to be used when performing a unattended
installation in a Windows guest.

In order to have it done cleanly, let's mimic the what's already
existent for dealing with cdrom devices used during installation.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-04-01 16:28:52 -04:00
Fabiano Fidêncio
1ead62964c unattended: Adapt for Windows
The main differences are:
- Windows unattended installation will be performed via "floppy"
  injection instead of "initrd";
- Windows target disk must be a letter ("C", in our case);
- Windows requires a product-key to be passed

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-04-01 16:28:52 -04:00
Fabiano Fidêncio
5de172501c unattended: Add product-key to Unattended data
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-04-01 16:28:52 -04:00
Fabiano Fidêncio
e7a1e1ca5b Add perform_floppy_injections()
Similar to perform_initrd_injections(), which is used by Linux(es)
unattended installations, perform_floppy_injections() is going to be
used by Windows(es) unattended installations.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-04-01 16:28:52 -04:00
Cole Robinson
091dae5d65 Fix a couple new pylint warnings 2019-04-01 16:18:00 -04:00
Fabiano Fidêncio
12ec663f0b osdict: Fix OsMedia::requires_internet() logic
In case there's no self.osinfo_media, it means the installation won't
happen from the media itself, so it should return "True" (as in, it
requires internet).

Returning "False", though, should be done when no "netinst" variant was
found (but we do have a media).

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-04-01 15:01:04 -04:00
Lin Ma
4c3b27c835 testdriver: Add genid example
Signed-off-by: Lin Ma <lma@suse.com>
2019-04-01 13:54:21 -04:00
Fabiano Fidêncio
cb6600296c installer: Set the network install resources when needed
Some distros (as Fedora, RHEL, and CentOS) require a bigger amount of
RAM during network installation than the recommended amount to run the
system.

In order to properly have it set, let's take advantages of the libosinfo
network-install resources API and change the guest amount of ram for the
installation.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-03-28 15:56:44 -04:00
Fabiano Fidêncio
3f2bf91be4 installertreemedia: Add requires_internet()
This method returns whether the installer requires or not internet to
perform the installation.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-03-28 15:56:44 -04:00
Fabiano Fidêncio
3f6e11ec05 unattended: Take advantage of OsinfoMedia.requires_internet()
By using OsinfoMedia.requires_internet() we ensure this logic is not
spread in our codebase and also keep _OsinfoIter internal to osdict.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-03-28 15:56:44 -04:00
Fabiano Fidêncio
467cb9bc0a urldetect: return osdict.py:OsMedia instead of Libosinfo.Media
Consequently, let's:
- rename urldetect::get_osinfo_media() to get_os_media()
- rename the installertreemedia::_LocationData::osinfo_media to os_media
- rename unattended::prepare_install_script's media argument to os_media
  - and also rename media to os_media on its internal
    _get_installation_source() method
- rename osdict::get_install_script's media argument to os_media

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-03-28 15:56:44 -04:00
Fabiano Fidêncio
313a95bd8e osdict: Add requires_internet() to OsMedia
In order to properly do a unattended installation of some medias (as net
installers), we have to check whether the media requires or not
internet. Doing so by checking its variant is not the most beautiful way
(as variants do not have a set of predefined names), but that's the best
that can be done with the current state of osinfo-db.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-03-28 15:56:44 -04:00
Fabiano Fidêncio
0247f97012 osdict: Add OsMedia class
The OsMedia class is a wrapper around OsinfoMedia and will help us
to keep the logic of dealing with media related stuff from inside
osdict.py

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-03-28 15:56:44 -04:00
Fabiano Fidêncio
6c7d765c60 osdict: Add get_network_install_resources()
get_network_install_resources() is going to be used when performing a
network based installations where more RAM is needed during the
installation time than the recommended one, which is the case of some
distros as CentOS, RHEL, (some versions of) Silverblue and (some
versions of) Fedora.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2019-03-28 15:56:44 -04:00
Pavel Hrdina
986097d5f8 cloner: don't fail to clone VM if nvram file doesn't exist
If a VM is defined and never started the nvram file might not exist and
in that case it's created by libvirt automatically on the first start.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1679018

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2019-03-28 16:07:13 +01:00
Cole Robinson
ffe7be601b tests: uitests: Fix CPU model test
We need to use a fake domcaps URI after 95d1275f57
2019-03-26 11:43:12 -04:00
Cole Robinson
cfd543adb9 storage: more logging when we look up default pool 2019-03-26 11:16:14 -04:00
Cole Robinson
fcabcb7a95 tests: clitest: Add a test case for the last commit
We need a custom test driver input to reproduce the pool collision
2019-03-26 11:15:46 -04:00
Cole Robinson
a0ca387aad cli: Fix pool=default when path belongs to another pool (bz 1692489)
Using 'virt-install --disk size=X' implicitly uses pool=default. If
a pool named 'default' exists we use that; if not, and a pool using
the default path exists under a different name, we attempt to use
that as well, and if that doesn't exist, we create pool=default

The second case is broken, so if there's no pool=default and eg.
pool=FOO points to /var/lib/libvirt/images, we still attempt to
look up pool=default which understandably fails

https://bugzilla.redhat.com/show_bug.cgi?id=1692489
2019-03-26 11:15:46 -04:00
Cole Robinson
3be238b03e tests: test_urls: Add --*libosinfo, --iso-only, --url-only
These are options that will help tweak the test_urls logic,
to help as we try to ensure libosinfo covers all the cases
we care about.
2019-03-24 12:32:03 -04:00
Cole Robinson
97a5af1e43 urldetect: Use libosinfo for tree detection too
Ask libosinfo for tree detection, but still fall back to our
own implementation if libosinfo fails
2019-03-24 12:27:46 -04:00
Cole Robinson
e7cdb695c3 test_urls: debian8 urls are dead, remove them 2019-03-24 11:14:47 -04:00
Andrea Bolognani
7b9de27a99 guest: Add default RNG to s390x guests
As long as it's supported by both QEMU and the guest OS,
there's really no reason not to add it.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2019-03-21 14:16:28 -04:00
Jim Fehlig
8d9743d69f virt-install: Add support for xenbus controller
libvirt commit 09eb1ae0 added support for a new 'xenbus' controller
type. Add support for the controller in virtinst, including support
for the maxGrantFrames attribute.

Reviewed-by: Cole Robinson <crobinso@redhat.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2019-03-21 14:15:40 -04:00
Cole Robinson
7afbb90b4d virt-xml: Handle VM names that look like id/uuid (bz 1679025)
Previously we assume they are id/uuid, so if it's actually the VM
name then the command fails. Now we always check for a name first,

https://bugzilla.redhat.com/show_bug.cgi?id=1679025
2019-03-21 13:45:58 -04:00
Andrea Bolognani
f23b01be53 guest: Add VirtIO input devices to s390x guests with graphics
We're not including any input devices in the generated XML
for s390x guests, and the results is that it's not possible
to interact with them short of using the serial console or
connecting through ssh, which is fine but probably not what
is expected when graphics are present.

USB input devices are not a good fit for s390x guests: USB
requires PCI, and PCI is not widely available or used on
s390x; VirtIO devices, on the other hand, are a perfect
match since s390x guests use basically no emulated devices
and rely on VirtIO for most functionality.

https://bugzilla.redhat.com/show_bug.cgi?id=1683609

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2019-03-21 15:31:20 +01:00
Andrea Bolognani
708af01c14 osdict: Add supports_virtioinput()
We can use this function to figure out whether the guest OS
supports VirtIO input devices (virtio-tablet, virtio-keyboard
and virtio-mouse).

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2019-03-21 15:31:20 +01:00
Andrea Bolognani
5dad99216e guest: Add USB input devices to pSeries guests with graphics
libvirt already does this for us, sort of: it will automatically
add a USB keyboard and mouse to ppc64 guests with graphics;
in addition, these devices are impossible to remove.

Unfortunately this results in a pretty poor experience for the
user, since the relative pointing device makes interacting with
the GUI an exercise in frustration.

As of commit 186bb479d0f4, libvirt will still add the USB
keyboard automatically but will skip the USB mouse if a USB
tablet is already present, so by explicitly including USB input
devices in the generated XML we can create guests that are
actually usable.

We can do this unconditionally, without having to worry about
what version of libvirt we're running against: if it's new
enough we'll take advantage of the fix, and if not then the
resulting guest will not be any more broken than it would have
been before.

https://bugzilla.redhat.com/show_bug.cgi?id=1683609

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2019-03-21 15:31:20 +01:00
Andrea Bolognani
6a24a2a13a tests: cli: Add simple guests with graphics
These cover the use case "I want to get an existing guest
image running in the cloud, and I need graphics".

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2019-03-21 15:29:46 +01:00
Andrea Bolognani
e5b8c97896 tests: cli: Add simple headless guests
These cover the use case "I want to get an existing guest
image running in the cloud, and I don't need graphics".

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2019-03-21 15:28:25 +01:00
Andrea Bolognani
d409c76848 tests: cli: Drop existing aarch64-graphics test
We're going to add a number of tests covering the same scenario
on multiple architectures soon, so this one is no longer needed
and would in fact cause a name clash if it stayed.

Signed-off-by: Andrea Bolognani <abologna@redhat.com>
2019-03-21 14:54:04 +01:00
Pavel Hrdina
fb5136a6a9 domain: cpu: automatically add CPU security features for "custom" mode
If user selects specific CPU model to be configured for guest we will
automatically add CPU security features to make sure that the guest is
not vulnerable to these CPU HW bugs.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1582667

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-03-19 13:45:49 +01:00
Pavel Hrdina
6423f653fd domain: cpu: introduce set_model function
We will need to pass another variable into the setter so we cannot use
the property setter.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-03-19 13:45:49 +01:00
Pavel Hrdina
4a8b6363c0 domcapabilities: introduce get_cpu_security_features
Get all CPU security features that we should enable for guests.

In order to do that we need to get CPU definition from domain
capabilities and modify the XML so it is in required format for
libvirt CPU baseline APIs.  We will prefer the baselineHypervisorCPU
API because that considers what QEMU actually supports and we will
fallback to baselineCPU API if the better one is not supported by
libvirt.

This way we can figure out which of the security features are actually
available on that specific host for that specific QEMU binary.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-03-19 13:45:49 +01:00
Pavel Hrdina
95d1275f57 domcapabilities: get list of CPU models from domcapabilities
Currently we just call libvirt API which will return all CPU models for
specific architecture known to libvirt and we offer all of them to users
in GUI.  Let's switch to domain capabilities where we have more details
about these CPUs such as whether each model is usable with current QEMU
binary.  If libvirt can detect the usability we will offer only CPU
models that QEMU can actually run.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-03-19 13:41:53 +01:00
Pavel Hrdina
8183ba279c domcapabilities: fix CPUModel usable attribute
It is not True/False attribute, it can contain 'unknown' value as well
which means libvirt cannot figure out whether the CPU model is usable
with that specific QEMU binary.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-03-19 13:41:51 +01:00
Pavel Hrdina
f7bdebc0de tests: capabilities: remove testCPUAPI
This test case is pointless, get_cpu_values() calls only libvirt API
which will return list of CPUs known to libvirt and we check whether
that list is correct.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-03-19 13:41:49 +01:00
Pavel Hrdina
8f870c3fca tests: xmlparse: use set_special_mode function
CPU mode is never set directly using mode attribute, instead we use
setter function with some extra logic that needs to be done.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Cole Robinson <crobinso@redhat.com>
2019-03-19 13:41:46 +01:00