a41c76
From 781e82d0330afe60ab1c366e43dfe8292fcf68eb Mon Sep 17 00:00:00 2001
a41c76
Message-Id: <781e82d0330afe60ab1c366e43dfe8292fcf68eb@dist-git>
a41c76
From: Jiri Denemark <jdenemar@redhat.com>
a41c76
Date: Tue, 26 May 2020 10:58:53 +0200
a41c76
Subject: [PATCH] cpu: Honor check='full' for host-passthrough CPUs
a41c76
MIME-Version: 1.0
a41c76
Content-Type: text/plain; charset=UTF-8
a41c76
Content-Transfer-Encoding: 8bit
a41c76
a41c76
The check attribute was completely ignored for host-passthrough CPUs
a41c76
even if they explicitly requested some features to be enabled. For
a41c76
example, a domain with the following CPU definition
a41c76
a41c76
  <cpu mode='host-passthrough' check='full'>
a41c76
    <feature policy='require' name='svm'/>
a41c76
  </cpu>
a41c76
a41c76
would happily start even when 'svm' cannot be enabled.
a41c76
a41c76
Let's call virCPUArchUpdateLive for host-passthrough CPUs with
a41c76
VIR_CPU_CHECK_FULL to make sure the architecture specific code can
a41c76
validate the provided virtual CPU against the desired definition.
a41c76
a41c76
https://bugzilla.redhat.com/show_bug.cgi?id=1515677
a41c76
a41c76
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
a41c76
Reviewed-by: Ján Tomko <jtomko@redhat.com>
a41c76
(cherry picked from commit ac36a824641862dcac057c6403b27ab1e91874f5)
a41c76
a41c76
https://bugzilla.redhat.com/show_bug.cgi?id=1839999
a41c76
a41c76
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
a41c76
Message-Id: <b8d30055a0df31c423d6c1832ca0bfbf3eafd222.1590483392.git.jdenemar@redhat.com>
a41c76
Reviewed-by: Ján Tomko <jtomko@redhat.com>
a41c76
---
a41c76
 src/cpu/cpu.c     |  3 ++-
a41c76
 src/cpu/cpu_x86.c | 10 +++++++++-
a41c76
 2 files changed, 11 insertions(+), 2 deletions(-)
a41c76
a41c76
diff --git a/src/cpu/cpu.c b/src/cpu/cpu.c
a41c76
index 1cb2dd04f4..f2a0f560f6 100644
a41c76
--- a/src/cpu/cpu.c
a41c76
+++ b/src/cpu/cpu.c
a41c76
@@ -647,7 +647,8 @@ virCPUUpdateLive(virArch arch,
a41c76
     if (!driver->updateLive)
a41c76
         return 1;
a41c76
 
a41c76
-    if (cpu->mode == VIR_CPU_MODE_CUSTOM) {
a41c76
+    if (cpu->mode == VIR_CPU_MODE_CUSTOM ||
a41c76
+        cpu->check == VIR_CPU_CHECK_FULL) {
a41c76
         if (driver->updateLive(cpu, dataEnabled, dataDisabled) < 0)
a41c76
             return -1;
a41c76
 
a41c76
diff --git a/src/cpu/cpu_x86.c b/src/cpu/cpu_x86.c
a41c76
index 9e686a86d2..8c865bdaa4 100644
a41c76
--- a/src/cpu/cpu_x86.c
a41c76
+++ b/src/cpu/cpu_x86.c
a41c76
@@ -3009,8 +3009,10 @@ virCPUx86UpdateLive(virCPUDefPtr cpu,
a41c76
                     virCPUDataPtr dataEnabled,
a41c76
                     virCPUDataPtr dataDisabled)
a41c76
 {
a41c76
+    bool hostPassthrough = cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH;
a41c76
     virCPUx86MapPtr map;
a41c76
     virCPUx86ModelPtr model = NULL;
a41c76
+    virCPUx86ModelPtr modelDisabled = NULL;
a41c76
     virCPUx86Data enabled = VIR_CPU_X86_DATA_INIT;
a41c76
     virCPUx86Data disabled = VIR_CPU_X86_DATA_INIT;
a41c76
     virBuffer bufAdded = VIR_BUFFER_INITIALIZER;
a41c76
@@ -3026,6 +3028,10 @@ virCPUx86UpdateLive(virCPUDefPtr cpu,
a41c76
     if (!(model = x86ModelFromCPU(cpu, map, -1)))
a41c76
         goto cleanup;
a41c76
 
a41c76
+    if (hostPassthrough &&
a41c76
+        !(modelDisabled = x86ModelFromCPU(cpu, map, VIR_CPU_FEATURE_DISABLE)))
a41c76
+        goto cleanup;
a41c76
+
a41c76
     if (dataEnabled &&
a41c76
         x86DataCopy(&enabled, &dataEnabled->data.x86) < 0)
a41c76
         goto cleanup;
a41c76
@@ -3040,7 +3046,8 @@ virCPUx86UpdateLive(virCPUDefPtr cpu,
a41c76
 
a41c76
         if (x86DataIsSubset(&model->data, &feature->data))
a41c76
             expected = VIR_CPU_FEATURE_REQUIRE;
a41c76
-        else
a41c76
+        else if (!hostPassthrough ||
a41c76
+                 x86DataIsSubset(&modelDisabled->data, &feature->data))
a41c76
             expected = VIR_CPU_FEATURE_DISABLE;
a41c76
 
a41c76
         if (expected == VIR_CPU_FEATURE_DISABLE &&
a41c76
@@ -3101,6 +3108,7 @@ virCPUx86UpdateLive(virCPUDefPtr cpu,
a41c76
 
a41c76
  cleanup:
a41c76
     x86ModelFree(model);
a41c76
+    x86ModelFree(modelDisabled);
a41c76
     virCPUx86DataClear(&enabled);
a41c76
     virCPUx86DataClear(&disabled);
a41c76
     VIR_FREE(added);
a41c76
-- 
a41c76
2.26.2
a41c76