[pve-devel] [PATCH container 1/1] fix #3748 changed regex-pattern to accept escape sequences on Comma
old-pattern: '\w+=[^,]+(,\s*\w+=[^,]+)*'
the old pattern didn't allow LDAP base domain name to be like: dc=first\,
second, dc=com
new-pattern: qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
---
src/PVE/Auth/LDAP.pm | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/PVE/Auth/LDAP.pm b/src/PVE/Auth/LDAP.pm
index 97d0778..ad23cb2 100755
--- a/src/PVE/Auth/LDAP.pm
+++ b/src/PVE/Auth/LDAP.pm
@@ -19,7 +19,7 @@ sub properties {
base_dn => {
description => "LDAP base domain name",
type => 'string',
- pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
+ pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
optional => 1,
maxLength => 256,
},
@@ -33,7 +33,7 @@ sub properties {
bind_dn => {
description => "LDAP bind domain name",
type => 'string',
- pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
+ pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
optional => 1,
maxLength => 256,
},
@@ -91,7 +91,7 @@ sub properties {
description => "LDAP base domain name for group sync. If not set,
the"
." base_dn will be used.",
type => 'string',
- pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
+ pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
optional => 1,
maxLength => 256,
},
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH access-control 1/1] fix #3748 changed regex-pattern to accept escape sequences on Comma
Correction: Patch for access-control and not for container
> On 19.01.2022 13:04 markus frank wrote:
>
>
> old-pattern: '\w+=[^,]+(,\s*\w+=[^,]+)*'
> the old pattern didn't allow LDAP base domain name to be like: dc=first\,
> second, dc=com
> new-pattern: qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
>
> ---
> src/PVE/Auth/LDAP.pm | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/src/PVE/Auth/LDAP.pm b/src/PVE/Auth/LDAP.pm
> index 97d0778..ad23cb2 100755
> --- a/src/PVE/Auth/LDAP.pm
> +++ b/src/PVE/Auth/LDAP.pm
> @@ -19,7 +19,7 @@ sub properties {
> base_dn => {
> description => "LDAP base domain name",
> type => 'string',
> - pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
> + pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
> optional => 1,
> maxLength => 256,
> },
> @@ -33,7 +33,7 @@ sub properties {
> bind_dn => {
> description => "LDAP bind domain name",
> type => 'string',
> - pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
> + pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
> optional => 1,
> maxLength => 256,
> },
> @@ -91,7 +91,7 @@ sub properties {
> description => "LDAP base domain name for group sync. If not set,
> the"
> ." base_dn will be used.",
> type => 'string',
> - pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
> + pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
> optional => 1,
> maxLength => 256,
> },
> --
> 2.30.2
>
>
>
> ___
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager] fix #3815: influxdb vmname should always be a string
InfluxDB interprets the vmname 66601 as a number and the vmname vm42 as a
String. This leads to problematic metrics, that will be dropped by influxdb.
To change that I added a $quoted hashmap (simular to $excluded) to quote a
value. In this case the value of name.
Signed-off-by: markus frank
---
PVE/Status/InfluxDB.pm | 14 +-
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/PVE/Status/InfluxDB.pm b/PVE/Status/InfluxDB.pm
index def7e2fd..f49feac4 100644
--- a/PVE/Status/InfluxDB.pm
+++ b/PVE/Status/InfluxDB.pm
@@ -116,7 +116,7 @@ sub update_qemu_status {
$object =~ s/\s/\\ /g;
# VMID is already added in base $object above, so exclude it from being
re-added
-build_influxdb_payload($class, $txn, $data, $ctime, $object, { 'vmid' => 1
});
+build_influxdb_payload($class, $txn, $data, $ctime, $object, { 'vmid' => 1
}, { 'name' => 1 });
}
sub update_lxc_status {
@@ -131,7 +131,7 @@ sub update_lxc_status {
$object =~ s/\s/\\ /g;
# VMID is already added in base $object above, so exclude it from being
re-added
-build_influxdb_payload($class, $txn, $data, $ctime, $object, { 'vmid' => 1
});
+build_influxdb_payload($class, $txn, $data, $ctime, $object, { 'vmid' => 1
}, { 'name' => 1 });
}
sub update_storage_status {
@@ -274,7 +274,7 @@ sub test_connection {
}
sub build_influxdb_payload {
-my ($class, $txn, $data, $ctime, $tags, $excluded, $measurement,
$instance) = @_;
+my ($class, $txn, $data, $ctime, $tags, $excluded, $quoted, $measurement,
$instance) = @_;
my @values = ();
@@ -283,6 +283,10 @@ sub build_influxdb_payload {
my $value = $data->{$key};
next if !defined($value);
+ if (defined($quoted) && $quoted->{$key}){
+ $value =~ s/\"/\\\"/g;
+$value = "\"$value\"";
+}
if (!ref($value) && $value ne '') {
# value is scalar
@@ -293,9 +297,9 @@ sub build_influxdb_payload {
# value is a hash
if (!defined($measurement)) {
- build_influxdb_payload($class, $txn, $value, $ctime, $tags,
$excluded, $key);
+ build_influxdb_payload($class, $txn, $value, $ctime, $tags,
$excluded, $quoted, $key);
} elsif(!defined($instance)) {
- build_influxdb_payload($class, $txn, $value, $ctime, $tags,
$excluded, $measurement, $key);
+ build_influxdb_payload($class, $txn, $value, $ctime, $tags,
$excluded, $quoted, $measurement, $key);
} else {
push @values, get_recursive_values($value);
}
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager v2] fix #3815: influxdb vmname should be string
InfluxDB interprets the vmname 66601 as a number and the vmname vm42 as a
String.
This leads to problematic metrics, that will be dropped by influxdb.
Whichever comes first decides how the "schema" is defined.
To change that I added a $quoted hashmap to quote a value.
In this case the value of name.
nodename and host are tags in InfluxDB so the only value they are able
to contain are strings:
https://docs.influxdata.com/influxdb/v2.1/reference/syntax/line-protocol/
Signed-off-by: Markus Frank
---
PVE/Status/InfluxDB.pm | 5 +
1 file changed, 5 insertions(+)
diff --git a/PVE/Status/InfluxDB.pm b/PVE/Status/InfluxDB.pm
index def7e2fd..d63e18ac 100644
--- a/PVE/Status/InfluxDB.pm
+++ b/PVE/Status/InfluxDB.pm
@@ -276,6 +276,7 @@ sub test_connection {
sub build_influxdb_payload {
my ($class, $txn, $data, $ctime, $tags, $excluded, $measurement,
$instance) = @_;
+my $quoted = { name => 1 };
my @values = ();
foreach my $key (sort keys %$data) {
@@ -283,6 +284,10 @@ sub build_influxdb_payload {
my $value = $data->{$key};
next if !defined($value);
+ if (defined($quoted) && $quoted->{$key}) {
+ $value =~ s/\"/\\\"/g;
+ $value = "\"$value\"";
+ }
if (!ref($value) && $value ne '') {
# value is scalar
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH container v3] fix #3815: influxdb vmname should be string
InfluxDB interprets the vmname 66601 as a number and the vmname vm42 as a
String.
This leads to problematic metrics, that will be dropped by influxdb.
Whichever comes first decides how the "schema" is defined.
To change that I added a $to_quote hashmap to define which value
shouldn't get interpreted as number.
In this case the value of name.
Change: Conversion happends in prepare_value.
nodename and host are tags in InfluxDB so the only value they are able
to contain are strings:
https://docs.influxdata.com/influxdb/v2.1/reference/syntax/line-protocol/
Signed-off-by: Markus Frank
---
PVE/Status/InfluxDB.pm | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/PVE/Status/InfluxDB.pm b/PVE/Status/InfluxDB.pm
index def7e2fd..63a865df 100644
--- a/PVE/Status/InfluxDB.pm
+++ b/PVE/Status/InfluxDB.pm
@@ -276,6 +276,8 @@ sub test_connection {
sub build_influxdb_payload {
my ($class, $txn, $data, $ctime, $tags, $excluded, $measurement,
$instance) = @_;
+# 'abc' and '123' are both valid hostnames, that confuses influx's type
detection
+my $to_quote = { name => 1 };
my @values = ();
foreach my $key (sort keys %$data) {
@@ -286,7 +288,7 @@ sub build_influxdb_payload {
if (!ref($value) && $value ne '') {
# value is scalar
- if (defined(my $v = prepare_value($value))) {
+ if (defined(my $v = prepare_value($value, $to_quote->{$key}))) {
push @values, "$key=$v";
}
} elsif (ref($value) eq 'HASH') {
@@ -331,9 +333,10 @@ sub get_recursive_values {
}
sub prepare_value {
-my ($value) = @_;
+my ($value, $quote) = @_;
-if (looks_like_number($value)) {
+# don't treat value like a number if quote is 1
+if (looks_like_number($value) && !$quote) {
if (isnan($value) || isinf($value)) {
# we cannot send influxdb NaN or Inf
return undef;
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH manager v3] fix #3815: influxdb vmname should be string
manager not container
On 1/28/22 11:03, Markus Frank wrote:
InfluxDB interprets the vmname 66601 as a number and the vmname vm42 as a
String.
This leads to problematic metrics, that will be dropped by influxdb.
Whichever comes first decides how the "schema" is defined.
To change that I added a $to_quote hashmap to define which value
shouldn't get interpreted as number.
In this case the value of name.
Change: Conversion happends in prepare_value.
nodename and host are tags in InfluxDB so the only value they are able
to contain are strings:
https://docs.influxdata.com/influxdb/v2.1/reference/syntax/line-protocol/
Signed-off-by: Markus Frank
---
PVE/Status/InfluxDB.pm | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/PVE/Status/InfluxDB.pm b/PVE/Status/InfluxDB.pm
index def7e2fd..63a865df 100644
--- a/PVE/Status/InfluxDB.pm
+++ b/PVE/Status/InfluxDB.pm
@@ -276,6 +276,8 @@ sub test_connection {
sub build_influxdb_payload {
my ($class, $txn, $data, $ctime, $tags, $excluded, $measurement,
$instance) = @_;
+# 'abc' and '123' are both valid hostnames, that confuses influx's type detection
+my $to_quote = { name => 1 };
my @values = ();
foreach my $key (sort keys %$data) {
@@ -286,7 +288,7 @@ sub build_influxdb_payload {
if (!ref($value) && $value ne '') {
# value is scalar
- if (defined(my $v = prepare_value($value))) {
+ if (defined(my $v = prepare_value($value, $to_quote->{$key}))) {
push @values, "$key=$v";
}
} elsif (ref($value) eq 'HASH') {
@@ -331,9 +333,10 @@ sub get_recursive_values {
}
sub prepare_value {
-my ($value) = @_;
+my ($value, $quote) = @_;
-if (looks_like_number($value)) {
+# don't treat value like a number if quote is 1
+if (looks_like_number($value) && !$quote) {
if (isnan($value) || isinf($value)) {
# we cannot send influxdb NaN or Inf
return undef;
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH qemu-server] fix 3674: QEMU restore: verify storage allows images before writing
With this patch restoring a backup on a disabled storage results in an
error and just creates a VM with the configuration from the backup
without any virtual disk instead of forcing the creation of the disk(s).
Works as intended.
Tested-by: Markus Frank
On 2/17/22 15:12, Matthias Heiserer wrote:
When restoring a backup and the storage the disks would be created on
doesn't allow 'images', the process errors without cleanup.
This is the same behaviour we currently have when the storage is
disabled.
Signed-off-by: Matthias Heiserer
---
PVE/QemuServer.pm | 4
1 file changed, 4 insertions(+)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index a99f1a5..2a1ec48 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -6299,6 +6299,10 @@ my $restore_allocate_devices = sub {
my $supported = grep { $_ eq $d->{format} } @$validFormats;
$d->{format} = $defFormat if !$supported;
+ # check if images can be stored on the requested storage
+ die "Content type 'images' is not available on storage '$storeid'\n"
+ if !$scfg->{content}->{images};
+
my $name;
if ($d->{is_cloudinit}) {
$name = "vm-$vmid-cloudinit";
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server] fix #3784: Parameter for guest vIOMMU
added a Parameter for vIOMMU so nobody has to use a github-script
or change the kvm command on every vm boot.
The args parameter doesn't work because the -device parameter(kvm)
with intel-iommu has to be placed before the other arguments.
Signed-off-by: Markus Frank
---
PVE/QemuServer.pm | 11 +++
1 file changed, 11 insertions(+)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 42f0fbd..a09dd2e 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -647,6 +647,12 @@ EODESCR
." remove disk operations.",
default => 0,
},
+viommu => {
+ optional => 1,
+ type => 'boolean',
+ description => "enable guest vIOMMU",
+ default => 0,
+},
bios => {
optional => 1,
type => 'string',
@@ -3427,6 +3433,9 @@ sub config_to_command {
my $winversion = windows_version($ostype);
my $kvm = $conf->{kvm};
my $nodename = nodename();
+my $viommu = $conf->{viommu};
+
+push @$devices, '-device', 'intel-iommu,intremap=on,caching-mode=on' if
$viommu;
my $arch = get_vm_arch($conf);
my $kvm_binary = get_command_for_arch($arch);
@@ -4021,6 +4030,8 @@ sub config_to_command {
}
push @$machineFlags, "type=${machine_type_min}";
+push @$machineFlags, 'accel=kvm,kernel-irqchip=split' if $viommu;
+
push @$cmd, @$devices;
push @$cmd, '-rtc', join(',', @$rtcFlags) if scalar(@$rtcFlags);
push @$cmd, '-machine', join(',', @$machineFlags) if
scalar(@$machineFlags);
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH container] fix #3917: Ignore fstrim failure in pct fstrim
With "noerr => 1" the function does not abort, when one of the
mountpoints is not fstrim compatible like zfs (has its own trim).
I do not think it is necessary to warn or error, because fstrim
tells when something is not trimmable and aborts.
Signed-off-by: Markus Frank
---
src/PVE/CLI/pct.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/CLI/pct.pm b/src/PVE/CLI/pct.pm
index 462917b..23793ee 100755
--- a/src/PVE/CLI/pct.pm
+++ b/src/PVE/CLI/pct.pm
@@ -792,7 +792,7 @@ __PACKAGE__->register_method ({
$path = $mp->{mp};
return if $param->{'ignore-mountpoints'} && $name =~ /^mp\d+/;
my $cmd = ["fstrim", "-v", "$rootdir$path"];
- PVE::Tools::run_command($cmd);
+ PVE::Tools::run_command($cmd, noerr => 1);
});
};
warn $@ if $@;
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v2] fix #3784: Parameter for guest vIOMMU
added a Parameter for vIOMMU so nobody has to use a github-script
or change the kvm command on every vm boot.
The args parameter doesn't work because the -device parameter(kvm)
with intel-iommu has to be placed before the other arguments.
vIOMMU enables the option to pass through pci devices to guest-vms
in guest-vms for nested Virtualisation.
Signed-off-by: Markus Frank
---
v2:
* moved viommu-parameter inside of machine_fmt and added it the new
parameter machine_properties
new Config -> machine_properties: viommu=1,etc
* check if kvm and q35 are set
PVE/QemuServer.pm | 31 +++
1 file changed, 31 insertions(+)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 6a9f6b3..5878dfc 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -134,6 +134,15 @@ sub nodename {
return $nodename_cache;
}
+my $machine_fmt = {
+viommu => {
+ type => 'boolean',
+ description => "enable guest vIOMMU (needs kvm to be enabled and q35 to
be set as machine)",
+ default => 0,
+ optional => 1,
+},
+};
+
my $watchdog_fmt = {
model => {
default_key => 1,
@@ -647,6 +656,12 @@ EODESCR
." remove disk operations.",
default => 0,
},
+machine_properties => {
+ optional => 1,
+ type => 'string',
+ format => $machine_fmt,
+ description => "Sets machine parameters for viommu for Example",
+},
bios => {
optional => 1,
type => 'string',
@@ -3433,6 +3448,10 @@ sub config_to_command {
my $winversion = windows_version($ostype);
my $kvm = $conf->{kvm};
my $nodename = nodename();
+my $machine_properties_str = $conf->{machine_properties} // '';
+
+my $machine_properties = parse_property_string($machine_fmt,
$machine_properties_str);
+
my $arch = get_vm_arch($conf);
my $kvm_binary = get_command_for_arch($arch);
@@ -3487,6 +3506,14 @@ sub config_to_command {
my $use_old_bios_files = undef;
($use_old_bios_files, $machine_type) =
qemu_use_old_bios_files($machine_type);
+if ($machine_properties->{viommu} && (!$kvm || !$q35)) {
+ die "to use vIOMMU please enable kvm and set the machine type to q35";
+}
+
+if ($machine_properties->{viommu}) {
+ push @$devices, '-device', 'intel-iommu,intremap=on,caching-mode=on';
+}
+
push @$cmd, $kvm_binary;
push @$cmd, '-id', $vmid;
@@ -4027,6 +4054,10 @@ sub config_to_command {
}
push @$machineFlags, "type=${machine_type_min}";
+if ($machine_properties->{viommu}) {
+ push @$machineFlags, 'kernel-irqchip=split';
+}
+
push @$cmd, @$devices;
push @$cmd, '-rtc', join(',', @$rtcFlags) if scalar(@$rtcFlags);
push @$cmd, '-machine', join(',', @$machineFlags) if
scalar(@$machineFlags);
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH v3 manager 0/4] BackupView as TreePanel
Works as intended except of the search filter. Here I don't get results if i search for CT/VM-Names or Format-Names. This search-filter works for CT/VM-ID or a backupname like "ct/101/2022-04-01T09:38:59Z" Tested-by: Markus Frank On 3/31/22 12:47, Matthias Heiserer wrote: Depends on https://lists.proxmox.com/pipermail/pve-devel/2022-March/052322.html Matthias Heiserer (4): ui: Utils: Helpers for backup type and icon ui: storage: Rewrite backup content view as TreePanel. ui: delete BackupView and replace it with the new Tree BackupView ui: content view: remove dead code www/manager6/Makefile | 1 - www/manager6/Utils.js | 20 + www/manager6/grid/BackupView.js | 388 -- www/manager6/lxc/Config.js | 2 +- www/manager6/qemu/Config.js | 2 +- www/manager6/storage/BackupView.js | 798 +--- www/manager6/storage/ContentView.js | 43 +- 7 files changed, 638 insertions(+), 616 deletions(-) delete mode 100644 www/manager6/grid/BackupView.js ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH pve-qemu v3] fix #3865: backup restore human readable output
Works as intended. This patch works on local storage only.
When using pbs as backupstorage, it is still printing the old
output. I think this can be easily fixed in a future patch.
Tested-by: Markus Frank
On 3/29/22 12:47, Daniel Tschlatscher wrote:
The backup restore dialogue now displays human readable output.
The output is adapted to match the output of the backup create
dialogue where possible.
For this, 2 helper methods for printing human readable byte count
and human readable time were added. The "main" progress output
was rewritten in its own function and the way how time is
measured was changed from seconds to nanoseconds.
Example of the output before:
...
progress 16% (read 2061631488 bytes, duration 37 sec)
progress 17% (read 2190475264 bytes, duration 38 sec)
progress 18% (read 2319319040 bytes, duration 39 sec)
...
total bytes read 12884901888, sparse bytes 8659161088 (67.2%)
Example of the output now:
...
Progress 27% (3.30 GiB of 12.00 GiB) in 1 m 15 s - 36.79 MiB/s
Progress 28% (3.39 GiB of 12.00 GiB) in 1 m 17 s - 42.45 MiB/s
Progress 29% (3.50 GiB of 12.00 GiB) in 1 m 19 s - 53.78 MiB/s
...
Finished restoring 12.00 GiB bytes in 2 m 21 s with 8.06 GiB of
sparse data. (67.2%)
Signed-off-by: Daniel Tschlatscher
---
Changes from v2:
* Changed the granularity of time measurements from seconds to nano-
seconds (mostly because the function used gives out ns already)
* Human readable time function does no longer use modulo
* Human readable byte count does no longer use log() in its cal-
culations
* Minor fixes to formatting and changed signed value types to un-
signed ones where applicable and useful.
* The "main" progress print was sourced in its own function, here I
had to decide whether this function implemented the logic of
whether a print should be issued or whether it should be a "pure"
printing function. I chose the former option because it keeps the
invoking function shorter and more clear.
> keeping track of the "last_X" variables for time and byte count
have posed a problem which I could not solve very satisfactorily.
For now, the function checks whether enough time for the next
print has elapsed, therefore also I kept the 100% check. Other-
wise the variables for "last_X" would have to be stored e.g. in
the VMAReader struct and every invoking of print_restore_progress
would mean quite a lot of redundant code / calculations.
The current implementation means the function isn't as concise
as it could be, but it needs to be called only once in one
"central" location and is easier to read where it is invoked.
Though I am open to input in this regard.
vma-reader.c | 118 +++
vma.c| 7 +++
vma.h| 8
3 files changed, 115 insertions(+), 18 deletions(-)
diff --git a/vma-reader.c b/vma-reader.c
index 2b1d1cdab3..27d8e5e404 100644
--- a/vma-reader.c
+++ b/vma-reader.c
@@ -14,6 +14,7 @@
#include "qemu/osdep.h"
#include
#include
+#include
#include "qemu-common.h"
#include "qemu/timer.h"
@@ -42,7 +43,7 @@ struct VmaReader {
guint8 vmstate_stream;
uint32_t vmstate_clusters;
/* to show restore percentage if run with -v */
-time_t start_time;
+uint64_t start_time;
int64_t cluster_count;
int64_t clusters_read;
int64_t zero_cluster_data;
@@ -585,15 +586,11 @@ static int restore_extent(VmaReader *vmar, unsigned char
*buf,
vmar->clusters_read++;
if (verbose) {
-time_t duration = time(NULL) - vmar->start_time;
-int percent = (vmar->clusters_read*100)/vmar->cluster_count;
-if (percent != vmar->clusters_read_per) {
-printf("progress %d%% (read %zd bytes, duration %zd sec)\n",
- percent, vmar->clusters_read*VMA_CLUSTER_SIZE,
- duration);
-fflush(stdout);
-vmar->clusters_read_per = percent;
-}
+vmar->clusters_read_per = (vmar->clusters_read * 100) /
vmar->cluster_count;
+
+print_restore_progress(vmar->devinfo[dev_id].size,
+ vmar->clusters_read * VMA_CLUSTER_SIZE,
+ get_timestamp_ns() - vmar->start_time);
}
/* try to write whole clusters to speedup restore */
@@ -713,7 +710,7 @@ static int vma_reader_restore_full(VmaReader *vmar, int
vmstate_fd,
unsigned char md5sum[16];
VmaHeader *h = (VmaHeader *)vmar->head_data;
-vmar->start_time = time(NULL);
+vmar->start_time = get_timestamp_ns();
while (1) {
int bytes = full_read(vmar->fd, buf + buf_pos, sizeof(buf) - buf_pos);
@@ -818,13 +815,19 @@ static int vma_reader_resto
Re: [pve-devel] [PATCH pve-qemu v3] fix #3865: backup restore human readable output
Sorry, I meant that this patch works on every storage other than
pbs, not only on local storage like I wrote.
I tested it with lvm, zfs, nfs and pbs.
Only pbs prints out the old output, because of its own implementation.
On 4/6/22 14:05, Markus Frank wrote:
Works as intended. This patch works on local storage only.
When using pbs as backupstorage, it is still printing the old
output. I think this can be easily fixed in a future patch.
Tested-by: Markus Frank
On 3/29/22 12:47, Daniel Tschlatscher wrote:
The backup restore dialogue now displays human readable output.
The output is adapted to match the output of the backup create
dialogue where possible.
For this, 2 helper methods for printing human readable byte count
and human readable time were added. The "main" progress output
was rewritten in its own function and the way how time is
measured was changed from seconds to nanoseconds.
Example of the output before:
...
progress 16% (read 2061631488 bytes, duration 37 sec)
progress 17% (read 2190475264 bytes, duration 38 sec)
progress 18% (read 2319319040 bytes, duration 39 sec)
...
total bytes read 12884901888, sparse bytes 8659161088 (67.2%)
Example of the output now:
...
Progress 27% (3.30 GiB of 12.00 GiB) in 1 m 15 s - 36.79 MiB/s
Progress 28% (3.39 GiB of 12.00 GiB) in 1 m 17 s - 42.45 MiB/s
Progress 29% (3.50 GiB of 12.00 GiB) in 1 m 19 s - 53.78 MiB/s
...
Finished restoring 12.00 GiB bytes in 2 m 21 s with 8.06 GiB of
sparse data. (67.2%)
Signed-off-by: Daniel Tschlatscher
---
Changes from v2:
* Changed the granularity of time measurements from seconds to nano-
seconds (mostly because the function used gives out ns already)
* Human readable time function does no longer use modulo
* Human readable byte count does no longer use log() in its cal-
culations
* Minor fixes to formatting and changed signed value types to un-
signed ones where applicable and useful.
* The "main" progress print was sourced in its own function, here I
had to decide whether this function implemented the logic of
whether a print should be issued or whether it should be a "pure"
printing function. I chose the former option because it keeps the
invoking function shorter and more clear.
> keeping track of the "last_X" variables for time and byte count
have posed a problem which I could not solve very satisfactorily.
For now, the function checks whether enough time for the next
print has elapsed, therefore also I kept the 100% check. Other-
wise the variables for "last_X" would have to be stored e.g. in
the VMAReader struct and every invoking of print_restore_progress
would mean quite a lot of redundant code / calculations.
The current implementation means the function isn't as concise
as it could be, but it needs to be called only once in one
"central" location and is easier to read where it is invoked.
Though I am open to input in this regard.
vma-reader.c | 118 +++
vma.c | 7 +++
vma.h | 8
3 files changed, 115 insertions(+), 18 deletions(-)
diff --git a/vma-reader.c b/vma-reader.c
index 2b1d1cdab3..27d8e5e404 100644
--- a/vma-reader.c
+++ b/vma-reader.c
@@ -14,6 +14,7 @@
#include "qemu/osdep.h"
#include
#include
+#include
#include "qemu-common.h"
#include "qemu/timer.h"
@@ -42,7 +43,7 @@ struct VmaReader {
guint8 vmstate_stream;
uint32_t vmstate_clusters;
/* to show restore percentage if run with -v */
- time_t start_time;
+ uint64_t start_time;
int64_t cluster_count;
int64_t clusters_read;
int64_t zero_cluster_data;
@@ -585,15 +586,11 @@ static int restore_extent(VmaReader *vmar,
unsigned char *buf,
vmar->clusters_read++;
if (verbose) {
- time_t duration = time(NULL) - vmar->start_time;
- int percent = (vmar->clusters_read*100)/vmar->cluster_count;
- if (percent != vmar->clusters_read_per) {
- printf("progress %d%% (read %zd bytes, duration %zd
sec)\n",
- percent, vmar->clusters_read*VMA_CLUSTER_SIZE,
- duration);
- fflush(stdout);
- vmar->clusters_read_per = percent;
- }
+ vmar->clusters_read_per = (vmar->clusters_read * 100) /
vmar->cluster_count;
+
+ print_restore_progress(vmar->devinfo[dev_id].size,
+ vmar->clusters_read *
VMA_CLUSTER_SIZE,
+ get_timestamp_ns() -
vmar->start_time);
}
/* try to write whole clusters to speedup restore */
@@ -713,7 +710,7 @@ static int vma_reader_restore_full(VmaReader
*vmar, int vmstate_fd,
unsigned char md5sum[16];
VmaHeader *h = (VmaHeader *)vmar->
[pve-devel] [PATCH qemu-server] fix #3784: Parameter for guest vIOMMU & machine as property-string
Changed the machine parameter to allow multiple machine-specific
parameters via property_string, but also allow old configs (via
default_key)
possible-configurations-example:
machine: q35
machine: pc
machine: q35,viommu=1
machine: type=q35,viommu=1
Also added a Parameter for vIOMMU so nobody has to use a github-script
or change the kvm command on every vm boot.
The args parameter doesn't work because the -device parameter(kvm)
with intel-iommu has to be placed before the other arguments.
vIOMMU enables the option to pass through pci devices to guest-vms
inside guest-vms for nested Virtualisation.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 7 ++---
PVE/QemuConfig.pm | 3 ++-
PVE/QemuServer.pm | 56 ---
PVE/QemuServer/Machine.pm | 6 +++--
4 files changed, 63 insertions(+), 9 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 71db264..661227f 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -945,12 +945,13 @@ __PACKAGE__->register_method({
if ((!defined($conf->{vmgenid}) || $conf->{vmgenid} eq '1')
&& $arch ne 'aarch64') {
$conf->{vmgenid} = PVE::QemuServer::generate_uuid();
}
-
- my $machine = $conf->{machine};
+ my $machine_conf =
PVE::QemuServer::parse_machine($conf->{machine});
+ my $machine = $machine_conf->{type};
if (!$machine || $machine =~ m/^(?:pc|q35|virt)$/) {
# always pin Windows' machine version on create, they
get to easily confused
if (PVE::QemuServer::windows_version($conf->{ostype})) {
- $conf->{machine} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $machine_conf->{type} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $conf->{machine} =
print_property_string($machine_conf);
}
}
diff --git a/PVE/QemuConfig.pm b/PVE/QemuConfig.pm
index cfef8d3..b82076f 100644
--- a/PVE/QemuConfig.pm
+++ b/PVE/QemuConfig.pm
@@ -430,7 +430,8 @@ sub __snapshot_rollback_hook {
} else {
# Note: old code did not store 'machine', so we try to be smart
# and guess the snapshot was generated with kvm 1.4 (pc-i440fx-1.4).
- $data->{forcemachine} = $conf->{machine} || 'pc-i440fx-1.4';
+ my $machine_conf = PVE::QemuServer::parse_machine($conf->{machine});
+ $data->{forcemachine} = $machine_conf->{type} || 'pc-i440fx-1.4';
# we remove the 'machine' configuration if not explicitly specified
# in the original config.
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 5db10fe..fa2e449 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -111,6 +111,25 @@
PVE::JSONSchema::register_standard_option('pve-qm-stateuri', {
optional => 1,
});
+my $machine_fmt = {
+type => {
+ default_key => 1,
+ type => 'string',
+ description => "Specifies the Qemu machine type.",
+ pattern =>
'(pc|pc(-i440fx)?-\d+(\.\d+)+(\+pve\d+)?(\.pxe)?|q35|pc-q35-\d+(\.\d+)+(\+pve\d+)?(\.pxe)?|virt(?:-\d+(\.\d+)+)?(\+pve\d+)?)',
+ format_description => "qemu-machine-type",
+ maxLength => 40,
+ optional => 1,
+},
+viommu => {
+ type => 'boolean',
+ description => "enable guest vIOMMU (needs kvm to be enabled and q35 to
be set as machine)",
+ default => 0,
+ optional => 1,
+},
+};
+PVE::JSONSchema::register_format('pve-qemu-machine-fmt', $machine_fmt);
+
PVE::JSONSchema::register_standard_option('pve-qemu-machine', {
description => "Specifies the Qemu machine type.",
type => 'string',
@@ -627,7 +646,12 @@ EODESCR
pattern => $PVE::QemuServer::CPUConfig::qemu_cmdline_cpu_re,
format_description => 'QEMU -cpu parameter'
},
-machine => get_standard_option('pve-qemu-machine'),
+machine => {
+ description => "Specifies the Qemu machine type.",
+ type => 'string',
+ optional => 1,
+ format => 'pve-qemu-machine-fmt',
+},
arch => {
description => "Virtual processor architecture. Defaults to the host.",
optional => 1,
@@ -2085,6 +2109,16 @@ sub parse_watchdog {
return $res;
}
+sub parse_machine {
+my ($value) = @_;
+
+return if !$value;
+
+my $res = eval { parse_property_string($machine_fmt, $value) };
+warn $@ if $@;
+return $res;
+}
+
sub
pve-devel@lists.proxmox.com
Needed for new machine parameter, because parse_property_string checks the parameter with the regex-pattern and therefore the test-cases with somemachine & someothermachine always fail. Since they do not have a special meaning, I changed somemachine & someothermachine to q35 & pc with sed sed -i 's/somemachine/q35/g' sed -i 's/someothermachine/pc/g' Signed-off-by: Markus Frank --- test/snapshot-expected/commit/qemu-server/101.conf | 2 +- test/snapshot-expected/commit/qemu-server/102.conf | 2 +- test/snapshot-expected/commit/qemu-server/201.conf | 2 +- test/snapshot-expected/commit/qemu-server/202.conf | 2 +- test/snapshot-expected/commit/qemu-server/203.conf | 2 +- test/snapshot-expected/create/qemu-server/102.conf | 2 +- test/snapshot-expected/create/qemu-server/104.conf | 4 ++-- test/snapshot-expected/create/qemu-server/106.conf | 2 +- test/snapshot-expected/create/qemu-server/301.conf | 2 +- test/snapshot-expected/create/qemu-server/302.conf | 2 +- test/snapshot-expected/delete/qemu-server/203.conf | 2 +- test/snapshot-expected/delete/qemu-server/204.conf | 2 +- test/snapshot-expected/prepare/qemu-server/102.conf | 2 +- test/snapshot-expected/prepare/qemu-server/104.conf | 2 +- test/snapshot-expected/rollback/qemu-server/101.conf | 2 +- test/snapshot-expected/rollback/qemu-server/106.conf | 4 ++-- test/snapshot-expected/rollback/qemu-server/201.conf | 2 +- test/snapshot-expected/rollback/qemu-server/202.conf | 2 +- test/snapshot-expected/rollback/qemu-server/203.conf | 2 +- test/snapshot-expected/rollback/qemu-server/204.conf | 2 +- test/snapshot-expected/rollback/qemu-server/205.conf | 2 +- test/snapshot-expected/rollback/qemu-server/301.conf | 2 +- test/snapshot-expected/rollback/qemu-server/302.conf | 2 +- test/snapshot-expected/rollback/qemu-server/303.conf | 2 +- test/snapshot-input/commit/qemu-server/101.conf | 2 +- test/snapshot-input/commit/qemu-server/102.conf | 2 +- test/snapshot-input/commit/qemu-server/201.conf | 2 +- test/snapshot-input/commit/qemu-server/202.conf | 2 +- test/snapshot-input/commit/qemu-server/203.conf | 2 +- test/snapshot-input/create/qemu-server/104.conf | 2 +- test/snapshot-input/delete/qemu-server/101.conf | 2 +- test/snapshot-input/delete/qemu-server/203.conf | 2 +- test/snapshot-input/delete/qemu-server/204.conf | 2 +- test/snapshot-input/rollback/qemu-server/101.conf| 2 +- test/snapshot-input/rollback/qemu-server/102.conf| 2 +- test/snapshot-input/rollback/qemu-server/103.conf| 2 +- test/snapshot-input/rollback/qemu-server/104.conf| 2 +- test/snapshot-input/rollback/qemu-server/106.conf| 4 ++-- test/snapshot-input/rollback/qemu-server/201.conf| 2 +- test/snapshot-input/rollback/qemu-server/202.conf| 2 +- test/snapshot-input/rollback/qemu-server/203.conf| 2 +- test/snapshot-input/rollback/qemu-server/204.conf| 2 +- test/snapshot-input/rollback/qemu-server/205.conf| 2 +- test/snapshot-input/rollback/qemu-server/301.conf| 2 +- test/snapshot-input/rollback/qemu-server/302.conf| 2 +- test/snapshot-input/rollback/qemu-server/303.conf| 2 +- 46 files changed, 49 insertions(+), 49 deletions(-) diff --git a/test/snapshot-expected/commit/qemu-server/101.conf b/test/snapshot-expected/commit/qemu-server/101.conf index 060676e..82c9522 100644 --- a/test/snapshot-expected/commit/qemu-server/101.conf +++ b/test/snapshot-expected/commit/qemu-server/101.conf @@ -18,7 +18,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/102.conf b/test/snapshot-expected/commit/qemu-server/102.conf index 13f33a3..01b8531 100644 --- a/test/snapshot-expected/commit/qemu-server/102.conf +++ b/test/snapshot-expected/commit/qemu-server/102.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/201.conf b/test/snapshot-expected/commit/qemu-server/201.conf index 63a6d77..f8e99dd 100644 --- a/test/snapshot-expected/commit/qemu-server/201.conf +++ b/test/snapshot-expected/commit/qemu-server/201.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/202.conf b/test/snapshot-expected/commit/qemu-server/202.conf index 4c6b84d..a221ba0 100644 --- a/test/snapshot-expected/commit/qemu-server/202.conf +++ b/test/snapshot-expe
[pve-devel] [PATCH manager] ui: MachineEdit with viommu checkbox
Added a Checkbox to enable viommu, if q35 is selected.
Otherwise (i440fx) the checkbox is disabled.
The GUI also needs to parse the new machine parameter as PropertyString.
Signed-off-by: Markus Frank
---
www/manager6/qemu/MachineEdit.js | 22 ++
1 file changed, 22 insertions(+)
diff --git a/www/manager6/qemu/MachineEdit.js b/www/manager6/qemu/MachineEdit.js
index f928c80c..41c4dd93 100644
--- a/www/manager6/qemu/MachineEdit.js
+++ b/www/manager6/qemu/MachineEdit.js
@@ -17,6 +17,13 @@ Ext.define('PVE.qemu.MachineInputPanel', {
let type = value === 'q35' ? 'q35' : 'i440fx';
store.clearFilter();
store.addFilter(val => val.data.id === 'latest' || val.data.type
=== type);
+ let viommuButton = me.lookup('viommu');
+ if (type === 'i440fx') {
+ viommuButton.setValue(false);
+ viommuButton.setDisabled(true);
+ } else {
+ viommuButton.setDisabled(false);
+ }
if (!me.getView().isWindows) {
version.setValue('latest');
} else {
@@ -40,12 +47,17 @@ Ext.define('PVE.qemu.MachineInputPanel', {
delete values.delete;
}
delete values.version;
+ if (values.viommu) values.machine += ",viommu=1";
+ delete values.viommu;
return values;
},
setValues: function(values) {
let me = this;
+ let machine_conf = PVE.Parser.parsePropertyString(values.machine,
"type");
+ values.machine = machine_conf.type;
+
me.isWindows = values.isWindows;
if (values.machine === 'pc') {
values.machine = '__default__';
@@ -54,10 +66,14 @@ Ext.define('PVE.qemu.MachineInputPanel', {
if (me.isWindows) {
if (values.machine === '__default__') {
values.version = 'pc-i440fx-5.1';
+ values.viommu = false;
} else if (values.machine === 'q35') {
values.version = 'pc-q35-5.1';
}
}
+
+ values.viommu = machine_conf.viommu === "1";
+
if (values.machine !== '__default__' && values.machine !== 'q35') {
values.version = values.machine;
values.machine = values.version.match(/q35/) ? 'q35' :
'__default__';
@@ -108,6 +124,12 @@ Ext.define('PVE.qemu.MachineInputPanel', {
},
},
},
+ {
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('vIOMMU'),
+ name: 'viommu',
+ reference: 'viommu',
+ },
{
xtype: 'displayfield',
fieldLabel: gettext('Note'),
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server] added test-cases for new machine-syntax & viommu
added a few test-cases to test the new machine parameter with viommu
Signed-off-by: Markus Frank
---
test/restore-config-expected/401.conf | 14 +
test/restore-config-expected/402.conf | 14 +
test/restore-config-input/401.conf| 14 +
test/restore-config-input/402.conf| 14 +
test/run_qemu_restore_config_tests.pl | 2 +-
.../create/qemu-server/401.conf | 32 +++
.../create/qemu-server/402.conf | 53 +++
.../create/qemu-server/401.conf | 14 +
.../create/qemu-server/402.conf | 33
test/snapshot-test.pm | 8 ++-
10 files changed, 196 insertions(+), 2 deletions(-)
create mode 100644 test/restore-config-expected/401.conf
create mode 100644 test/restore-config-expected/402.conf
create mode 100644 test/restore-config-input/401.conf
create mode 100644 test/restore-config-input/402.conf
create mode 100644 test/snapshot-expected/create/qemu-server/401.conf
create mode 100644 test/snapshot-expected/create/qemu-server/402.conf
create mode 100644 test/snapshot-input/create/qemu-server/401.conf
create mode 100644 test/snapshot-input/create/qemu-server/402.conf
diff --git a/test/restore-config-expected/401.conf
b/test/restore-config-expected/401.conf
new file mode 100644
index 000..9400351
--- /dev/null
+++ b/test/restore-config-expected/401.conf
@@ -0,0 +1,14 @@
+bootdisk: scsi0
+cores: 1
+ide2: none,media=cdrom
+memory: 512
+machine: q35,viommu=1
+name: apache
+net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1
+numa: 0
+ostype: l26
+scsi0: target:401/vm-401-disk-0.qcow2,size=4G
+scsihw: virtio-scsi-pci
+smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd
+sockets: 1
+vmgenid: 0
diff --git a/test/restore-config-expected/402.conf
b/test/restore-config-expected/402.conf
new file mode 100644
index 000..73f69cb
--- /dev/null
+++ b/test/restore-config-expected/402.conf
@@ -0,0 +1,14 @@
+bootdisk: scsi0
+cores: 1
+ide2: none,media=cdrom
+memory: 512
+machine: type=q35,viommu=1
+name: apache
+net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1
+numa: 0
+ostype: l26
+scsi0: target:401/vm-402-disk-0.qcow2,size=4G
+scsihw: virtio-scsi-pci
+smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd
+sockets: 1
+vmgenid: 0
diff --git a/test/restore-config-input/401.conf
b/test/restore-config-input/401.conf
new file mode 100644
index 000..9400351
--- /dev/null
+++ b/test/restore-config-input/401.conf
@@ -0,0 +1,14 @@
+bootdisk: scsi0
+cores: 1
+ide2: none,media=cdrom
+memory: 512
+machine: q35,viommu=1
+name: apache
+net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1
+numa: 0
+ostype: l26
+scsi0: target:401/vm-401-disk-0.qcow2,size=4G
+scsihw: virtio-scsi-pci
+smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd
+sockets: 1
+vmgenid: 0
diff --git a/test/restore-config-input/402.conf
b/test/restore-config-input/402.conf
new file mode 100644
index 000..73f69cb
--- /dev/null
+++ b/test/restore-config-input/402.conf
@@ -0,0 +1,14 @@
+bootdisk: scsi0
+cores: 1
+ide2: none,media=cdrom
+memory: 512
+machine: type=q35,viommu=1
+name: apache
+net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1
+numa: 0
+ostype: l26
+scsi0: target:401/vm-402-disk-0.qcow2,size=4G
+scsihw: virtio-scsi-pci
+smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd
+sockets: 1
+vmgenid: 0
diff --git a/test/run_qemu_restore_config_tests.pl
b/test/run_qemu_restore_config_tests.pl
index 1e1e807..2221abe 100755
--- a/test/run_qemu_restore_config_tests.pl
+++ b/test/run_qemu_restore_config_tests.pl
@@ -25,7 +25,7 @@ $pve_cluster_module->mock(
);
# NOTE update when you add/remove tests
-plan tests => 4;
+plan tests => 6;
my $cfs_mock = Test::MockModule->new("PVE::Cluster");
$cfs_mock->mock(
diff --git a/test/snapshot-expected/create/qemu-server/401.conf
b/test/snapshot-expected/create/qemu-server/401.conf
new file mode 100644
index 000..56cb71c
--- /dev/null
+++ b/test/snapshot-expected/create/qemu-server/401.conf
@@ -0,0 +1,32 @@
+bootdisk: ide0
+cores: 4
+ide0: local:snapshotable-disk-1,discard=on,size=32G
+ide2: none,media=cdrom
+machine: q35,viommu=1
+memory: 8192
+name: win
+net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1
+numa: 0
+ostype: win7
+parent: test
+smbios1: uuid=01234567-890a-bcde-f012-34567890abcd
+sockets: 1
+vga: qxl
+
+[test]
+#test comment
+bootdisk: ide0
+cores: 4
+ide0: local:snapshotable-disk-1,discard=on,size=32G
+ide2: none,media=cdrom
+machine: q35,viommu=1
+memory: 8192
+name: win
+net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1
+numa: 0
+ostype: win7
+parent: test
+smbios1: uuid=01234567-890a-bcde-f012-34567890abcd
+snaptime: 1234567890
+sockets: 1
+vga: qxl
diff --git a/test/snapshot-expected/create/qemu-server/402.conf
b/test/snapshot-expected/create/qemu-server/402.conf
new file mode 100644
index 000..ac485ce
--- /dev/null
+++ b/test/snapshot-expected/create/qem
pve-devel@lists.proxmox.com
Info because I forgot to write 2/3 and 3/3: These 4 patches belong together. 1: [PATCH qemu-server 1/3] tests: replaced somemachine&someothermachine with q35&pc 2: [PATCH qemu-server] fix #3784: Parameter for guest vIOMMU & machine as property-string 3: [PATCH qemu-server] added test-cases for new machine-syntax & viommu 4: [PATCH manager] ui: MachineEdit with viommu checkbox On 5/3/22 13:18, Markus Frank wrote: Needed for new machine parameter, because parse_property_string checks the parameter with the regex-pattern and therefore the test-cases with somemachine & someothermachine always fail. Since they do not have a special meaning, I changed somemachine & someothermachine to q35 & pc with sed sed -i 's/somemachine/q35/g' sed -i 's/someothermachine/pc/g' Signed-off-by: Markus Frank --- test/snapshot-expected/commit/qemu-server/101.conf | 2 +- test/snapshot-expected/commit/qemu-server/102.conf | 2 +- test/snapshot-expected/commit/qemu-server/201.conf | 2 +- test/snapshot-expected/commit/qemu-server/202.conf | 2 +- test/snapshot-expected/commit/qemu-server/203.conf | 2 +- test/snapshot-expected/create/qemu-server/102.conf | 2 +- test/snapshot-expected/create/qemu-server/104.conf | 4 ++-- test/snapshot-expected/create/qemu-server/106.conf | 2 +- test/snapshot-expected/create/qemu-server/301.conf | 2 +- test/snapshot-expected/create/qemu-server/302.conf | 2 +- test/snapshot-expected/delete/qemu-server/203.conf | 2 +- test/snapshot-expected/delete/qemu-server/204.conf | 2 +- test/snapshot-expected/prepare/qemu-server/102.conf | 2 +- test/snapshot-expected/prepare/qemu-server/104.conf | 2 +- test/snapshot-expected/rollback/qemu-server/101.conf | 2 +- test/snapshot-expected/rollback/qemu-server/106.conf | 4 ++-- test/snapshot-expected/rollback/qemu-server/201.conf | 2 +- test/snapshot-expected/rollback/qemu-server/202.conf | 2 +- test/snapshot-expected/rollback/qemu-server/203.conf | 2 +- test/snapshot-expected/rollback/qemu-server/204.conf | 2 +- test/snapshot-expected/rollback/qemu-server/205.conf | 2 +- test/snapshot-expected/rollback/qemu-server/301.conf | 2 +- test/snapshot-expected/rollback/qemu-server/302.conf | 2 +- test/snapshot-expected/rollback/qemu-server/303.conf | 2 +- test/snapshot-input/commit/qemu-server/101.conf | 2 +- test/snapshot-input/commit/qemu-server/102.conf | 2 +- test/snapshot-input/commit/qemu-server/201.conf | 2 +- test/snapshot-input/commit/qemu-server/202.conf | 2 +- test/snapshot-input/commit/qemu-server/203.conf | 2 +- test/snapshot-input/create/qemu-server/104.conf | 2 +- test/snapshot-input/delete/qemu-server/101.conf | 2 +- test/snapshot-input/delete/qemu-server/203.conf | 2 +- test/snapshot-input/delete/qemu-server/204.conf | 2 +- test/snapshot-input/rollback/qemu-server/101.conf| 2 +- test/snapshot-input/rollback/qemu-server/102.conf| 2 +- test/snapshot-input/rollback/qemu-server/103.conf| 2 +- test/snapshot-input/rollback/qemu-server/104.conf| 2 +- test/snapshot-input/rollback/qemu-server/106.conf| 4 ++-- test/snapshot-input/rollback/qemu-server/201.conf| 2 +- test/snapshot-input/rollback/qemu-server/202.conf| 2 +- test/snapshot-input/rollback/qemu-server/203.conf| 2 +- test/snapshot-input/rollback/qemu-server/204.conf| 2 +- test/snapshot-input/rollback/qemu-server/205.conf| 2 +- test/snapshot-input/rollback/qemu-server/301.conf| 2 +- test/snapshot-input/rollback/qemu-server/302.conf| 2 +- test/snapshot-input/rollback/qemu-server/303.conf| 2 +- 46 files changed, 49 insertions(+), 49 deletions(-) diff --git a/test/snapshot-expected/commit/qemu-server/101.conf b/test/snapshot-expected/commit/qemu-server/101.conf index 060676e..82c9522 100644 --- a/test/snapshot-expected/commit/qemu-server/101.conf +++ b/test/snapshot-expected/commit/qemu-server/101.conf @@ -18,7 +18,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/102.conf b/test/snapshot-expected/commit/qemu-server/102.conf index 13f33a3..01b8531 100644 --- a/test/snapshot-expected/commit/qemu-server/102.conf +++ b/test/snapshot-expected/commit/qemu-server/102.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/201.conf b/test/snapshot-expected/commit/qemu-server/201.conf index 63a6d77..f8e99dd 100644 --- a/test/snapshot-expected/commit/qemu-server/201.conf +++ b/test/snapshot-exp
Re: [pve-devel] [PATCH manager v2] fix #3994: Options menu entry in the System menu
I tested it on a vm-cluster.
GUI works as intended and only allows input which can be handled by the
backend. Node-Config-Files get updated on change in GUI, and vice versa.
I can also verify that startall-on-boot-delay works fine.
Tested-by: Markus Frank
On 5/6/22 14:39, Daniel Tschlatscher wrote:
Add the subentry "Options" in the "System" menu to expose some options
in the GUI which were not exposed before.
Added a new file for displaying and editing the node config options
which were not exposed through the GUI yet. Namely those are the
settings for wakeonlan and startall-on-boot-delay. Edited the Makefile
to include the newly created file.
Signed-off-by: Daniel Tschlatscher
---
Changes from v2:
- Moved the file from the widget-toolkit to the pve-manager repository
because it implements PVE specific functionality.
- I originally rewrote this class to use a ViewController, but then
found out that the ObjectGrid does most of what I wanted already, I
just had to address it correctly.
This means the code is now a bit shorter and a lot more concise.
www/manager6/Makefile| 1 +
www/manager6/node/Config.js | 9
www/manager6/node/NodeOptionsView.js | 67
3 files changed, 77 insertions(+)
create mode 100644 www/manager6/node/NodeOptionsView.js
diff --git a/www/manager6/Makefile b/www/manager6/Makefile
index 2c7b1e70..d16770b1 100644
--- a/www/manager6/Makefile
+++ b/www/manager6/Makefile
@@ -195,6 +195,7 @@ JSSRC=
\
node/Subscription.js\
node/Summary.js \
node/ZFS.js \
+ node/NodeOptionsView.js \
pool/Config.js \
pool/StatusView.js \
pool/Summary.js \
diff --git a/www/manager6/node/Config.js b/www/manager6/node/Config.js
index 52357df8..7e7d45f7 100644
--- a/www/manager6/node/Config.js
+++ b/www/manager6/node/Config.js
@@ -195,6 +195,15 @@ Ext.define('PVE.node.Config', {
nodename: nodename,
onlineHelp: 'sysadmin_network_configuration',
},
+ {
+ xtype: 'proxmoxNodeOptionsView',
+ title: gettext('Options'),
+ iconCls: 'fa fa-gear',
+ groups: ['services'],
+ itemId: 'options',
+ nodename: nodename,
+ onlineHelp: 'proxmox_node_management',
+ },
{
xtype: 'proxmoxNodeHostsView',
title: gettext('Hosts'),
diff --git a/www/manager6/node/NodeOptionsView.js
b/www/manager6/node/NodeOptionsView.js
new file mode 100644
index ..b841b7b0
--- /dev/null
+++ b/www/manager6/node/NodeOptionsView.js
@@ -0,0 +1,67 @@
+Ext.define('Proxmox.node.NodeOptionsView', {
+extend: 'Proxmox.grid.ObjectGrid',
+alias: ['widget.proxmoxNodeOptionsView'],
+mixins: ['Proxmox.Mixin.CBind'],
+
+cbindData: function(_initialconfig) {
+ let me = this;
+
+ let baseUrl = `/nodes/${me.nodename}/config`;
+ me.url = `/api2/json${baseUrl}`;
+ me.editorConfig = {
+ url: `/api2/extjs/${baseUrl}`,
+ };
+
+ return {};
+},
+
+listeners: {
+ itemdblclick: function() { this.run_editor(); },
+ activate: function() { this.rstore.startUpdate(); },
+ destroy: function() { this.rstore.stopUpdate(); },
+ deactivate: function() { this.rstore.stopUpdate(); },
+},
+
+tbar: [
+ {
+ text: gettext('Edit'),
+ xtype: 'proxmoxButton',
+ disabled: true,
+ handler: btn => btn.up('grid').run_editor(),
+ },
+],
+
+gridRows: [
+ {
+ xtype: 'integer',
+ name: 'startall-onboot-delay',
+ text: gettext('Start on boot delay'),
+ minValue: 0,
+ maxValue: 300,
+ labelWidth: 130,
+ deleteEmpty: true,
+ renderer: function(value) {
+ if (value === undefined) {
+ return Proxmox.Utils.defaultText;
+ }
+
+ let secString = value === '1' ? gettext('Second') :
gettext('Seconds');
+ return `${value} ${secString}`;
+ },
+ },
+ {
+ xtype: 'text',
+ name: 'wakeonlan',
+ text: gettext('Wake on LAN'),
+ vtype: 'MacAddress',
+ deleteEmpty: true,
+ r
[pve-devel] [PATCH pve-docs] added Memory Encryption documentation
added AMD SEV documentation for "[PATCH qemu-server] QEMU AMD SEV
enable"
Signed-off-by: Markus Frank
---
qm.adoc | 59 +
1 file changed, 59 insertions(+)
diff --git a/qm.adoc b/qm.adoc
index e666d7d..027d0a1 100644
--- a/qm.adoc
+++ b/qm.adoc
@@ -583,6 +583,65 @@ systems.
When allocating RAM to your VMs, a good rule of thumb is always to leave 1GB
of RAM available to the host.
+[[qm_memory_encryption]]
+Memory Encryption
+~
+
+AMD SEV
+^^^
+
+Memory Encryption using AES-128 Encryption and the AMD Secure Processor.
+See https://developer.amd.com/sev/[AMD SEV]
+
+Requirements:
+
+* AMD EPYC/Ryzen PRO CPU
+* configured SEV BIOS Settings on Host Machine
+* add Kernel Parameters: "mem_encrypt=on kvm_amd.sev=1"
+
+Example Configuration:
+
+
+# qm set -memory_encryption
type=sev,cbitpos=47,policy=0x0005,reduced-phys-bits=1
+
+
+"type" defines the encryption technology ("type=" is not necessary): sev,
sev-snp, mktme
+
+"reduced-phys-bios", "cbitpos" and "policy" correspond to the variables with
the
+same name in qemu.
+
+"reduced-phys-bios" and "cbitpos" are system specific and can be read out
+with QMP. If not set, qm starts a dummy-vm to read QMP
+for these variables out and saves them to config.
+
+"policy" can be calculated with
+https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf[AMD
SEV API Specification Chapter 3]
+
+To use SEV-ES (CPU register encryption) the "policy" should be set
+somewhere between 0x4 and 0x7 or 0xC and 0xF, etc.
+(Bit-2 has to be set 1 (LSB 0 bit numbering))
+
+Limitations:
+
+* Memory usage on host is always wrong and around 82% Usage
+* Snapshots do not work
+* edk2-OVMF required
+* Recommendable: VirtIO RNG for more entropy (VMs sometimes will not
+boot without)
+
+Links:
+
+* https://github.com/AMDESE/AMDSEV
+* https://www.qemu.org/docs/master/system/i386/amd-memory-encryption.html
+* https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf
+
+AMD SEV-SNP
+^^^
+
+* SEV-SNP support is not in the Linux Kernel yet and needs EPYC 7003 "Milan"
+processors.
+* SEV-SNP should be in Kernel 5.19:
https://www.phoronix.com/scan.php?page=news_item&px=AMD-SEV-SNP-Arrives-Linux-5.19
+* patched Kernel: https://github.com/AMDESE/linux/tree/sev-snp-5.18-rc3
[[qm_network_device]]
Network Device
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server] QEMU AMD SEV enable
This Patch is for enabling AMD SEV (Secure Encrypted Virtualization) support in
QEMU and for supporting other memory encryption technologies like INTEL MKTME
(Multi-key Total Memory Encryption) and AMD-SNP in the future.
Config-Example:
memory_encryption: type=sev,cbitpos=47,policy=0x0005,reduced-phys-bits=1
"reduced-phys-bios" and "cbitpos" are system specific and can be read out with
QMP. If not set by the user, a dummy-vm gets started to read QMP for these
variables out and save them to config. Afterwards, the dummy-vm gets stopped.
For a more detailed Explanation plus Requirements & Limitations
see my coherent pve-docs patch and the qemu documentation.
Signed-off-by: Markus Frank
---
I could not test SEV-ES because I get a similar error to
https://www.mail-archive.com/devel@edk2.groups.io/msg38521.html
But I still get the same error on master and mentioned patched versions.
On some older versions I just get "kvm: SEV-ES reset address is zero
kvm: failed to locate and/or save reset vector"
Maybe I will report my error to the edk2 project or find a way to fix
it, when I know more about it.
I also could not test SEV-SNP, because I do not have a EPYC 7003 to test
on and there is also no support in the Linux Kernel yet. SEV-SNP support
should be in Linux 5.19:
https://www.phoronix.com/scan.php?page=news_item&px=AMD-SEV-SNP-Arrives-Linux-5.19
patched kernel-fork: https://github.com/AMDESE/linux/tree/sev-snp-5.18-rc3
PVE/QemuServer.pm | 133 ++
1 file changed, 133 insertions(+)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index e9aa248..abc21d4 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -174,6 +174,55 @@ my $agent_fmt = {
},
};
+my $memory_encryption_fmt = {
+type => {
+ type => 'string',
+ default_key => 1,
+ description => "Memory Encryption Type:"
+ ."for AMD SEV -> 'memory_encryption: type=sev'"
+ ."for AMD SEV-SNP -> 'memory_encryption: type=sev-snp'"
+ ."for AMD SEV-ES -> use 'sev' and change policy to between 0x4 and
0x7"
+ ."(Bit-2 has to be set 1 (LSB 0 bit numbering))"
+ ."(sev requires edk2-ovmf & on guest: up-to-date kernel + sev
support &"
+ ."on host: add kernel-parameters 'mem_encrypt=on kvm_amd.sev=1')"
+ ."see https://github.com/AMDESE/AMDSEV";,
+ format_description => "qemu-memory-encryption-type",
+ #pattern => '(sev|sev-snp|mktme)',
+ pattern => '(sev|sev-snp)',
+ default => "",
+ maxLength => 10,
+},
+'reduced-phys-bits' => {
+ description => "Number of bits the physical address space is reduced
by. System dependent",
+ type => 'integer',
+ default => 1,
+ optional => 1,
+ minium => 0,
+ maximum => 100,
+},
+cbitpos => {
+ description => "C-bit: marks if a memory page is protected. System
dependent",
+ type => 'integer',
+ default => 47,
+ optional => 1,
+ minium => 0,
+ maximum => 100,
+},
+policy => {
+ description => "SEV Guest Policy"
+ ."see Capter 3:"
+
."https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf";
+ ."&
https://www.qemu.org/docs/master/system/i386/amd-memory-encryption.html";,
+ format_description => "qemu-memory-encryption-policy",
+ type => 'string',
+ default => '0x',
+ pattern => '0[xX][0-9a-fA-F]{1,4}',
+ optional => 1,
+ maxLength => 6,
+},
+};
+PVE::JSONSchema::register_format('pve-qemu-memory-encryption-fmt',
$memory_encryption_fmt);
+
my $vga_fmt = {
type => {
description => "Select the VGA type.",
@@ -348,6 +397,12 @@ my $confdesc = {
minimum => 16,
default => 512,
},
+memory_encryption => {
+ description => "Memory Encryption",
+ optional => 1,
+ format => 'pve-qemu-memory-encryption-fmt',
+ type => 'string',
+},
balloon => {
optional => 1,
type => 'integer',
@@ -2107,6 +2162,16 @@ sub parse_guest_agent {
return $res;
}
+sub parse_memory_encryption {
+my ($value) = @_;
+
+return if !$value;
+
+my $res = eval { parse_property_string($memory_encryption_fmt, $value) };
+warn $@ if $@;
+return $res;
+}
+
sub get_qga_key {
my ($conf, $key) = @_;
return undef if !defined($conf->{age
Re: [pve-devel] [PATCH pve-docs] added Memory Encryption documentation
Not really. All i could find are these patches: https://marc.info/?l=kvm&m=156278967226011&w=2 https://lore.kernel.org/all/20190809185434.GH2840@work-vm/T/#m902085a219bdad35007dd7fffa0ed0765fd2322a In the documentation of qemu snapshots&live migration is still a TODO: https://www.qemu.org/docs/master/system/i386/amd-memory-encryption.html Current Limitations Section in the suse documentation: https://documentation.suse.com/sles/15-SP3/html/SLES-amd-sev/article-amd-sev.html Also interesting "Migration Attack" when using these patches: https://github.com/PSPReverse/amd-sev-migration-attack On 6/10/22 06:37, Dietmar Maurer wrote: Live migration works? +Limitations: + +* Memory usage on host is always wrong and around 82% Usage +* Snapshots do not work +* edk2-OVMF required +* Recommendable: VirtIO RNG for more entropy (VMs sometimes will not ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH pve-docs v2] added Memory Encryption documentation
added AMD SEV documentation for "[PATCH qemu-server] QEMU AMD SEV
enable"
Signed-off-by: Markus Frank
---
v2:
* added check if sev is enabled
* added more limitations
* added suse doc link
qm.adoc | 89 +
1 file changed, 89 insertions(+)
diff --git a/qm.adoc b/qm.adoc
index e666d7d..d60753e 100644
--- a/qm.adoc
+++ b/qm.adoc
@@ -583,6 +583,95 @@ systems.
When allocating RAM to your VMs, a good rule of thumb is always to leave 1GB
of RAM available to the host.
+[[qm_memory_encryption]]
+Memory Encryption
+~
+
+[[qm_memory_encryption_sev]]
+AMD SEV
+^^^
+
+Memory Encryption using AES-128 Encryption and the AMD Secure Processor.
+See https://developer.amd.com/sev/[AMD SEV]
+
+Requirements:
+
+* AMD EPYC/Ryzen PRO CPU
+* configured SEV BIOS Settings on Host Machine
+* add Kernel Parameters: "mem_encrypt=on kvm_amd.sev=1"
+
+Example Configuration:
+
+
+# qm set -memory_encryption
type=sev,cbitpos=47,policy=0x0005,reduced-phys-bits=1
+
+
+*SEV Parameters*
+
+"type" defines the encryption technology ("type=" is not necessary): sev,
sev-snp, mktme
+
+"reduced-phys-bios", "cbitpos" and "policy" correspond to the variables with
the
+same name in qemu.
+
+"reduced-phys-bios" and "cbitpos" are system specific and can be read out
+with QMP. If not set, qm starts a dummy-vm to read QMP
+for these variables out and saves them to config.
+
+"policy" can be calculated with
+https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf[AMD
SEV API Specification Chapter 3]
+
+To use SEV-ES (CPU register encryption) the "policy" should be set
+somewhere between 0x4 and 0x7 or 0xC and 0xF, etc.
+(Bit-2 has to be set 1 (LSB 0 bit numbering))
+
+*Check if SEV is working*
+
+Method 1 - dmesg:
+
+Output should look like this.
+
+
+# dmesg | grep -i sev
+AMD Memory Encryption Features active: SEV
+
+
+Method 2 - MSR 0xc0010131 (MSR_AMD64_SEV):
+
+Output should be 1.
+
+
+# apt install msr-tools
+# modprobe msr
+# rdmsr -a 0xc0010131
+1
+
+
+Limitations:
+
+* Because the memory is encrypted the memory usage on host is always wrong
+and around 82% usage
+* Operations that involve saving or restoring memory like snapshots
+& live migration do not work yet
+* edk2-OVMF required
+* The guest operating system inside a VM must contain SEV-support
+* Recommendable: VirtIO RNG for more entropy (VMs sometimes will not
+boot without)
+
+Links:
+
+* https://github.com/AMDESE/AMDSEV
+* https://www.qemu.org/docs/master/system/i386/amd-memory-encryption.html
+* https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf
+* https://documentation.suse.com/sles/15-SP1/html/SLES-amd-sev/index.html
+
+// Commented because not supported by kernel yet
+//AMD SEV-SNP
+//^^^
+
+//* SEV-SNP support is not in the Linux Kernel yet and needs EPYC 7003 "Milan"
+//processors.
+//* SEV-SNP should be in Kernel 5.19:
https://www.phoronix.com/scan.php?page=news_item&px=AMD-SEV-SNP-Arrives-Linux-5.19
+//* patched Kernel: https://github.com/AMDESE/linux/tree/sev-snp-5.18-rc3
[[qm_network_device]]
Network Device
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH qemu-server] fix #3784: Parameter for guest vIOMMU & machine as property-string
Ping
viommu-Patches:
1: [PATCH qemu-server 1/3] tests: replaced somemachine&someothermachine
with q35&pc
2: [PATCH qemu-server] fix #3784: Parameter for guest vIOMMU & machine
as property-string
3: [PATCH qemu-server] added test-cases for new machine-syntax & viommu
4: [PATCH manager] ui: MachineEdit with viommu checkbox
On 5/3/22 13:18, Markus Frank wrote:
Changed the machine parameter to allow multiple machine-specific
parameters via property_string, but also allow old configs (via
default_key)
possible-configurations-example:
machine: q35
machine: pc
machine: q35,viommu=1
machine: type=q35,viommu=1
Also added a Parameter for vIOMMU so nobody has to use a github-script
or change the kvm command on every vm boot.
The args parameter doesn't work because the -device parameter(kvm)
with intel-iommu has to be placed before the other arguments.
vIOMMU enables the option to pass through pci devices to guest-vms
inside guest-vms for nested Virtualisation.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 7 ++---
PVE/QemuConfig.pm | 3 ++-
PVE/QemuServer.pm | 56 ---
PVE/QemuServer/Machine.pm | 6 +++--
4 files changed, 63 insertions(+), 9 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 71db264..661227f 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -945,12 +945,13 @@ __PACKAGE__->register_method({
if ((!defined($conf->{vmgenid}) || $conf->{vmgenid} eq '1')
&& $arch ne 'aarch64') {
$conf->{vmgenid} = PVE::QemuServer::generate_uuid();
}
-
- my $machine = $conf->{machine};
+ my $machine_conf =
PVE::QemuServer::parse_machine($conf->{machine});
+ my $machine = $machine_conf->{type};
if (!$machine || $machine =~ m/^(?:pc|q35|virt)$/) {
# always pin Windows' machine version on create, they
get to easily confused
if (PVE::QemuServer::windows_version($conf->{ostype})) {
- $conf->{machine} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $machine_conf->{type} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $conf->{machine} =
print_property_string($machine_conf);
}
}
diff --git a/PVE/QemuConfig.pm b/PVE/QemuConfig.pm
index cfef8d3..b82076f 100644
--- a/PVE/QemuConfig.pm
+++ b/PVE/QemuConfig.pm
@@ -430,7 +430,8 @@ sub __snapshot_rollback_hook {
} else {
# Note: old code did not store 'machine', so we try to be smart
# and guess the snapshot was generated with kvm 1.4 (pc-i440fx-1.4).
- $data->{forcemachine} = $conf->{machine} || 'pc-i440fx-1.4';
+ my $machine_conf = PVE::QemuServer::parse_machine($conf->{machine});
+ $data->{forcemachine} = $machine_conf->{type} || 'pc-i440fx-1.4';
# we remove the 'machine' configuration if not explicitly specified
# in the original config.
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 5db10fe..fa2e449 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -111,6 +111,25 @@
PVE::JSONSchema::register_standard_option('pve-qm-stateuri', {
optional => 1,
});
+my $machine_fmt = {
+type => {
+ default_key => 1,
+ type => 'string',
+ description => "Specifies the Qemu machine type.",
+ pattern =>
'(pc|pc(-i440fx)?-\d+(\.\d+)+(\+pve\d+)?(\.pxe)?|q35|pc-q35-\d+(\.\d+)+(\+pve\d+)?(\.pxe)?|virt(?:-\d+(\.\d+)+)?(\+pve\d+)?)',
+ format_description => "qemu-machine-type",
+ maxLength => 40,
+ optional => 1,
+},
+viommu => {
+ type => 'boolean',
+ description => "enable guest vIOMMU (needs kvm to be enabled and q35 to be
set as machine)",
+ default => 0,
+ optional => 1,
+},
+};
+PVE::JSONSchema::register_format('pve-qemu-machine-fmt', $machine_fmt);
+
PVE::JSONSchema::register_standard_option('pve-qemu-machine', {
description => "Specifies the Qemu machine type.",
type => 'string',
@@ -627,7 +646,12 @@ EODESCR
pattern => $PVE::QemuServer::CPUConfig::qemu_cmdline_cpu_re,
format_description => 'QEMU -cpu parameter'
},
-machine => get_standard_option('pve-qemu-machine'),
+machine => {
+ description => "Specifies the Qemu machine type.",
+ type => 'string',
+ optional => 1,
+ format => 'pve-qemu-machine-fmt',
+
Re: [pve-devel] [PATCH v2 manager] fix #3248: GUI: storage: upload multiple files
I tested this patch in a pve vm with multiple different iso files.
Upload, Cancel, Remove and Exit work as intended.
Tested-by: Markus Frank
On 7/20/22 14:26, Matthias Heiserer wrote:
Queue multiple files for upload to the storage.
The upload itself happens in a separate window.
When closing the window, files with an error (i.e. wrong hash)
are retained in the upload window.
Signed-off-by: Matthias Heiserer
---
Depends on https://lists.proxmox.com/pipermail/pbs-devel/2022-July/005365.html
Without that, trashcan icons are invisible.
Changes from v1:
* separate into file selection window and upload window
* prohibit upload of files with invalid name or missing hash
* rename abort button to cancel
* prohibit upload of duplicate files (checked by name)
* move event handlers and initcomponet code to controller
* abort XHR when window is closed
* general code cleanup
* show tasklog only when pressing button
* display uploaded/total files and the current status at the top
www/manager6/.lint-incremental | 0
www/manager6/window/UploadToStorage.js | 633 +
2 files changed, 446 insertions(+), 187 deletions(-)
create mode 100644 www/manager6/.lint-incremental
diff --git a/www/manager6/.lint-incremental b/www/manager6/.lint-incremental
new file mode 100644
index ..e69de29b
diff --git a/www/manager6/window/UploadToStorage.js
b/www/manager6/window/UploadToStorage.js
index 0de6d89d..67780165 100644
--- a/www/manager6/window/UploadToStorage.js
+++ b/www/manager6/window/UploadToStorage.js
@@ -1,9 +1,25 @@
+Ext.define('pve-multiupload', {
+ extend: 'Ext.data.Model',
+ fields: [
+ 'file', 'filename', 'progressWidget', 'hashsum', 'hashValueWidget',
+ 'xhr', 'mimetype', 'size', 'fileNameWidget', 'hashWidget',
+ {
+ name: 'done', defaultValue: false,
+ },
+ {
+ name: 'hash', defaultValue: '__default__',
+ },
+ ],
+});
Ext.define('PVE.window.UploadToStorage', {
extend: 'Ext.window.Window',
alias: 'widget.pveStorageUpload',
mixins: ['Proxmox.Mixin.CBind'],
+height: 400,
+width: 800,
-resizable: false,
+resizable: true,
+scrollable: true,
modal: true,
title: gettext('Upload'),
@@ -27,93 +43,405 @@ Ext.define('PVE.window.UploadToStorage', {
viewModel: {
data: {
- size: '-',
- mimetype: '-',
- filename: '',
+ validFiles: 0,
+ numFiles: 0,
+ invalidHash: 0,
},
},
-
controller: {
- submit: function(button) {
- const view = this.getView();
- const form = this.lookup('formPanel').getForm();
- const abortBtn = this.lookup('abortBtn');
- const pbar = this.lookup('progressBar');
-
- const updateProgress = function(per, bytes) {
- let text = (per * 100).toFixed(2) + '%';
- if (bytes) {
- text += " (" + Proxmox.Utils.format_size(bytes) + ')';
+ init: function(view) {
+ const me = this;
+ me.lookup('grid').store.viewModel = me.getViewModel();
+ },
+
+ addFile: function(input) {
+ const me = this;
+ const grid = me.lookup('grid');
+ for (const file of input.fileInputEl.dom.files) {
+ if (grid.store.findBy(
+ record => record.get('file').name === file.name) >= 0
+ ) {
+ continue;
+ }
+ grid.store.add({
+ file: file,
+ filename: file.name,
+ size: Proxmox.Utils.format_size(file.size),
+ mimetype: file.type,
+ });
+ }
+ },
+
+ removeFileHandler: function(view, rowIndex, colIndex, item, event,
record) {
+ const me = this;
+ me.removeFile(record);
+ },
+
+ removeFile: function(record) {
+ const me = this;
+ const widget = record.get('fileNameWidget');
+ // set filename to invalid value, so when adding a new file with
valid name,
+ // the validityChange listener is called
+ widget.setValue("");
+ me.lookup('grid').store.remove(record);
+ },
+
+ openUploadWindow: function() {
+ const me = this;
+ const view = me.getView();
+ Ext.create('PVE.window.UploadProgress', {
+ store: Ext.create('Ext.data.ChainedStore', {
+
[pve-devel] [PATCH manager 4/5] added clipboard checkbox to DisplayEdit
Signed-off-by: Markus Frank
---
www/manager6/qemu/DisplayEdit.js | 9 +
1 file changed, 9 insertions(+)
diff --git a/www/manager6/qemu/DisplayEdit.js b/www/manager6/qemu/DisplayEdit.js
index 9bb1763e..77434b7e 100644
--- a/www/manager6/qemu/DisplayEdit.js
+++ b/www/manager6/qemu/DisplayEdit.js
@@ -33,7 +33,9 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
return;
}
let memoryfield = this.up('panel').down('field[name=memory]');
+ let clipboardbox =
this.up('panel').down('field[name=clipboard]');
let disableMemoryField = false;
+ let disableClipboardBox = false;
if (val === "cirrus") {
memoryfield.setEmptyText("4");
@@ -44,11 +46,13 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
} else if (val.match(/^(serial\d|none)$/)) {
memoryfield.setEmptyText("N/A");
disableMemoryField = true;
+ disableClipboardBox = true;
} else {
console.debug("unexpected display type", val);
memoryfield.setEmptyText(Proxmox.Utils.defaultText);
}
memoryfield.setDisabled(disableMemoryField);
+ clipboardbox.setDisabled(disableClipboardBox);
},
},
},
@@ -60,6 +64,11 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
maxValue: 512,
step: 4,
name: 'memory',
+},
+{
+xtype: 'proxmoxcheckbox',
+fieldLabel: gettext('noVNC clipboard'),
+name: 'clipboard',
}],
});
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs 5/5] added noVNC clipboard documentation
Signed-off-by: Markus Frank --- qm.adoc | 8 1 file changed, 8 insertions(+) diff --git a/qm.adoc b/qm.adoc index 4d0c7c4..38bc788 100644 --- a/qm.adoc +++ b/qm.adoc @@ -693,6 +693,14 @@ Selecting `serialX` as display 'type' disables the VGA output, and redirects the Web Console to the selected serial port. A configured display 'memory' setting will be ignored in that case. +You can enable the noVNC clipboard by setting 'clipboard' to 1. +To use this, you need to install and enable spice-vdagent on the VM Guest. +Doing this will give you the ability to use the clipboard button on the left +side of the noVNC console. However, when using SPICE, the default SPICE clipboard +implementation will be replaced by the qemu-vdagent implementation, which means +you cannot simply copy and paste in a SPICE session and instead need to use the +noVNC Button. + [[qm_usb_passthrough]] USB Passthrough ~~~ -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH novnc 3/5] added show clipboard button patch to series
Signed-off-by: Markus Frank
---
.../patches/0019-show-clipboard-button.patch | 31 +++
debian/patches/series | 1 +
2 files changed, 32 insertions(+)
create mode 100644 debian/patches/0019-show-clipboard-button.patch
diff --git a/debian/patches/0019-show-clipboard-button.patch
b/debian/patches/0019-show-clipboard-button.patch
new file mode 100644
index 000..fec35e2
--- /dev/null
+++ b/debian/patches/0019-show-clipboard-button.patch
@@ -0,0 +1,31 @@
+From 3808828104af3383e6d20e90ea47983c5cd70c28 Mon Sep 17 00:00:00 2001
+From: Markus Frank
+Date: Fri, 2 Sep 2022 14:35:34 +0200
+Subject: [PATCH] show clipboard button
+
+show button when clipboard at status/current is true
+
+Signed-off-by: Markus Frank
+---
+ app/pve.js | 5 +
+ 1 file changed, 5 insertions(+)
+
+diff --git a/app/pve.js b/app/pve.js
+index 3eeaa47..697d059 100644
+--- a/app/pve.js
b/app/pve.js
+@@ -411,6 +411,11 @@ PVEUI.prototype = {
+ document.getElementById('pve_start_dlg')
+ .classList.add("noVNC_open");
+ }
++ let clipboard = result.data.clipboard;
++ if (clipboard) {
++ document.getElementById('noVNC_clipboard_button')
++ .classList.remove('pve_hidden');
++ }
+ },
+ failure: function(msg) {
+ me.UI.showStatus(msg, 'error');
+--
+2.30.2
+
diff --git a/debian/patches/series b/debian/patches/series
index ef9e9df..1eb50db 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,3 +17,4 @@ extra/0001-Ignore-ResizeObserver-errors.patch
0016-hide-fullscreen-button-on-isFullscreen-get-variable.patch
0017-make-error-hideable.patch
0018-show-start-button-on-not-running-vm-ct.patch
+0019-show-clipboard-button.patch
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server 1/5] enable clipboard parameter in vga_fmt
added Options to use the qemu vdagent implementation to enable the noVNC
clipboard.
When enabled with SPICE the spice-vdagent gets replaced with the qemu
implementation.
This patch does not solve #1406, but does allow copy and paste with
a running X-session, when spice-vdagent is installed.
Signed-off-by: Markus Frank
---
The alternative to replacing spicevmc would be to only allow noVNC
clipboard if no SPICE is running, because qemu cannot use the same
virtserialport twice. This alternative would also disable the ability
to use the noVNC clipboard with VirtIO/VirGL.
PVE/QemuServer.pm | 18 +-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index c706653..636de2f 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -190,6 +190,12 @@ my $vga_fmt = {
minimum => 4,
maximum => 512,
},
+clipboard => {
+ description => "enable clipboard (requires spice-vdagent)",
+ type => 'boolean',
+ optional => 1,
+ default => 0
+}
};
my $ivshmem_fmt = {
@@ -3836,6 +3842,12 @@ sub config_to_command {
}
}
+if ($vga->{clipboard} && $vga->{type} =~ /^std|^cirrus|^vmware/) {
+ push @$devices, '-chardev',
'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on';
+ push @$devices, '-device', 'virtio-serial-pci';
+ push @$devices, '-device',
'virtserialport,chardev=vdagent,name=com.redhat.spice.0';
+}
+
my $rng = $conf->{rng0} ? parse_rng($conf->{rng0}) : undef;
if ($rng && $version_guard->(4, 1, 2)) {
check_rng_source($rng->{source});
@@ -3880,7 +3892,11 @@ sub config_to_command {
die "failed to get an ip address of type $pfamily for 'localhost'\n" if
!@nodeaddrs;
push @$devices, '-device', "virtio-serial,id=spice$pciaddr";
- push @$devices, '-chardev', "spicevmc,id=vdagent,name=vdagent";
+ if ($vga->{clipboard}) {
+ push @$devices, '-chardev',
'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on';
+ } else {
+ push @$devices, '-chardev', "spicevmc,id=vdagent,name=vdagent";
+ }
push @$devices, '-device',
"virtserialport,chardev=vdagent,name=com.redhat.spice.0";
my $localhost = PVE::Network::addr_to_ip($nodeaddrs[0]->{addr});
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server 2/5] added clipboard variable to return at status/current
By that noVNC is able to check if clipboard is active.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 6 ++
1 file changed, 6 insertions(+)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 99b426e..25f3a1d 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -2428,6 +2428,11 @@ __PACKAGE__->register_method({
type => 'boolean',
optional => 1,
},
+ clipboard => {
+ description => "Qemu clipboard enabled in config.",
+ type => 'boolean',
+ optional => 1,
+ },
},
},
code => sub {
@@ -2446,6 +2451,7 @@ __PACKAGE__->register_method({
my $spice = defined($vga->{type}) && $vga->{type} =~ /^virtio/;
$spice ||= PVE::QemuServer::vga_conf_has_spice($conf->{vga});
$status->{spice} = 1 if $spice;
+ $status->{clipboard} = $vga->{clipboard};
}
$status->{agent} = 1 if PVE::QemuServer::get_qga_key($conf, 'enabled');
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
pve-devel@lists.proxmox.com
needed for new machine parameter parse_property_string checks for the regex, therefore the test-cases with somemachine & someothermachine always fail. So I changed somemachine & someothermachine to q35 & pc with sed sed -i 's/somemachine/q35/g' sed -i 's/someothermachine/pc/g' Signed-off-by: Markus Frank --- test/snapshot-expected/commit/qemu-server/101.conf | 2 +- test/snapshot-expected/commit/qemu-server/102.conf | 2 +- test/snapshot-expected/commit/qemu-server/201.conf | 2 +- test/snapshot-expected/commit/qemu-server/202.conf | 2 +- test/snapshot-expected/commit/qemu-server/203.conf | 2 +- test/snapshot-expected/create/qemu-server/102.conf | 2 +- test/snapshot-expected/create/qemu-server/104.conf | 4 ++-- test/snapshot-expected/create/qemu-server/106.conf | 2 +- test/snapshot-expected/create/qemu-server/301.conf | 2 +- test/snapshot-expected/create/qemu-server/302.conf | 2 +- test/snapshot-expected/delete/qemu-server/203.conf | 2 +- test/snapshot-expected/delete/qemu-server/204.conf | 2 +- test/snapshot-expected/prepare/qemu-server/102.conf | 2 +- test/snapshot-expected/prepare/qemu-server/104.conf | 2 +- test/snapshot-expected/rollback/qemu-server/101.conf | 2 +- test/snapshot-expected/rollback/qemu-server/106.conf | 4 ++-- test/snapshot-expected/rollback/qemu-server/201.conf | 2 +- test/snapshot-expected/rollback/qemu-server/202.conf | 2 +- test/snapshot-expected/rollback/qemu-server/203.conf | 2 +- test/snapshot-expected/rollback/qemu-server/204.conf | 2 +- test/snapshot-expected/rollback/qemu-server/205.conf | 2 +- test/snapshot-expected/rollback/qemu-server/301.conf | 2 +- test/snapshot-expected/rollback/qemu-server/302.conf | 2 +- test/snapshot-expected/rollback/qemu-server/303.conf | 2 +- test/snapshot-input/commit/qemu-server/101.conf | 2 +- test/snapshot-input/commit/qemu-server/102.conf | 2 +- test/snapshot-input/commit/qemu-server/201.conf | 2 +- test/snapshot-input/commit/qemu-server/202.conf | 2 +- test/snapshot-input/commit/qemu-server/203.conf | 2 +- test/snapshot-input/create/qemu-server/104.conf | 2 +- test/snapshot-input/delete/qemu-server/101.conf | 2 +- test/snapshot-input/delete/qemu-server/203.conf | 2 +- test/snapshot-input/delete/qemu-server/204.conf | 2 +- test/snapshot-input/rollback/qemu-server/101.conf| 2 +- test/snapshot-input/rollback/qemu-server/102.conf| 2 +- test/snapshot-input/rollback/qemu-server/103.conf| 2 +- test/snapshot-input/rollback/qemu-server/104.conf| 2 +- test/snapshot-input/rollback/qemu-server/106.conf| 4 ++-- test/snapshot-input/rollback/qemu-server/201.conf| 2 +- test/snapshot-input/rollback/qemu-server/202.conf| 2 +- test/snapshot-input/rollback/qemu-server/203.conf| 2 +- test/snapshot-input/rollback/qemu-server/204.conf| 2 +- test/snapshot-input/rollback/qemu-server/205.conf| 2 +- test/snapshot-input/rollback/qemu-server/301.conf| 2 +- test/snapshot-input/rollback/qemu-server/302.conf| 2 +- test/snapshot-input/rollback/qemu-server/303.conf| 2 +- 46 files changed, 49 insertions(+), 49 deletions(-) diff --git a/test/snapshot-expected/commit/qemu-server/101.conf b/test/snapshot-expected/commit/qemu-server/101.conf index 060676e..82c9522 100644 --- a/test/snapshot-expected/commit/qemu-server/101.conf +++ b/test/snapshot-expected/commit/qemu-server/101.conf @@ -18,7 +18,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/102.conf b/test/snapshot-expected/commit/qemu-server/102.conf index 13f33a3..01b8531 100644 --- a/test/snapshot-expected/commit/qemu-server/102.conf +++ b/test/snapshot-expected/commit/qemu-server/102.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/201.conf b/test/snapshot-expected/commit/qemu-server/201.conf index 63a6d77..f8e99dd 100644 --- a/test/snapshot-expected/commit/qemu-server/201.conf +++ b/test/snapshot-expected/commit/qemu-server/201.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/202.conf b/test/snapshot-expected/commit/qemu-server/202.conf index 4c6b84d..a221ba0 100644 --- a/test/snapshot-expected/commit/qemu-server/202.conf +++ b/test/snapshot-expected/commit/qemu-server/202.conf @@ -35,7 +35,7 @@ bootdisk: ide0 cores: 4
[pve-devel] [PATCH qemu-server 0/3] vIOMMU-Feature
Patches for enabling virtual IOMMU inside guests for nested pci passthrough. possible-configurations-example: machine: q35 machine: pc machine: q35,viommu=1 machine: type=q35,viommu=1 https://wiki.qemu.org/Features/VT-d Markus Frank (3): tests: replaced somemachine&someothermachine with q35&pc fix #3784: Parameter for guest vIOMMU & machine as property-string added test-cases for new machine-syntax & viommu PVE/API2/Qemu.pm | 7 ++- PVE/QemuConfig.pm | 3 +- PVE/QemuServer.pm | 55 ++- PVE/QemuServer/Machine.pm | 6 +- test/restore-config-expected/401.conf | 14 + test/restore-config-expected/402.conf | 14 + test/restore-config-input/401.conf| 14 + test/restore-config-input/402.conf| 14 + test/run_qemu_restore_config_tests.pl | 2 +- .../commit/qemu-server/101.conf | 2 +- .../commit/qemu-server/102.conf | 2 +- .../commit/qemu-server/201.conf | 2 +- .../commit/qemu-server/202.conf | 2 +- .../commit/qemu-server/203.conf | 2 +- .../create/qemu-server/102.conf | 2 +- .../create/qemu-server/104.conf | 4 +- .../create/qemu-server/106.conf | 2 +- .../create/qemu-server/301.conf | 2 +- .../create/qemu-server/302.conf | 2 +- .../create/qemu-server/401.conf | 32 +++ .../create/qemu-server/402.conf | 53 ++ .../delete/qemu-server/203.conf | 2 +- .../delete/qemu-server/204.conf | 2 +- .../prepare/qemu-server/102.conf | 2 +- .../prepare/qemu-server/104.conf | 2 +- .../rollback/qemu-server/101.conf | 2 +- .../rollback/qemu-server/106.conf | 4 +- .../rollback/qemu-server/201.conf | 2 +- .../rollback/qemu-server/202.conf | 2 +- .../rollback/qemu-server/203.conf | 2 +- .../rollback/qemu-server/204.conf | 2 +- .../rollback/qemu-server/205.conf | 2 +- .../rollback/qemu-server/301.conf | 2 +- .../rollback/qemu-server/302.conf | 2 +- .../rollback/qemu-server/303.conf | 2 +- .../commit/qemu-server/101.conf | 2 +- .../commit/qemu-server/102.conf | 2 +- .../commit/qemu-server/201.conf | 2 +- .../commit/qemu-server/202.conf | 2 +- .../commit/qemu-server/203.conf | 2 +- .../create/qemu-server/104.conf | 2 +- .../create/qemu-server/401.conf | 14 + .../create/qemu-server/402.conf | 33 +++ .../delete/qemu-server/101.conf | 2 +- .../delete/qemu-server/203.conf | 2 +- .../delete/qemu-server/204.conf | 2 +- .../rollback/qemu-server/101.conf | 2 +- .../rollback/qemu-server/102.conf | 2 +- .../rollback/qemu-server/103.conf | 2 +- .../rollback/qemu-server/104.conf | 2 +- .../rollback/qemu-server/106.conf | 4 +- .../rollback/qemu-server/201.conf | 2 +- .../rollback/qemu-server/202.conf | 2 +- .../rollback/qemu-server/203.conf | 2 +- .../rollback/qemu-server/204.conf | 2 +- .../rollback/qemu-server/205.conf | 2 +- .../rollback/qemu-server/301.conf | 2 +- .../rollback/qemu-server/302.conf | 2 +- .../rollback/qemu-server/303.conf | 2 +- test/snapshot-test.pm | 8 ++- 60 files changed, 307 insertions(+), 60 deletions(-) create mode 100644 test/restore-config-expected/401.conf create mode 100644 test/restore-config-expected/402.conf create mode 100644 test/restore-config-input/401.conf create mode 100644 test/restore-config-input/402.conf create mode 100644 test/snapshot-expected/create/qemu-server/401.conf create mode 100644 test/snapshot-expected/create/qemu-server/402.conf create mode 100644 test/snapshot-input/create/qemu-server/401.conf create mode 100644 test/snapshot-input/create/qemu-server/402.conf -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager] ui: MachineEdit with viommu checkbox
Added a Checkbox to enable viommu, if q35 is selected.
Otherwise (i440fx) the checkbox is disabled.
The UI also needs to parse the new machine parameter as PropertyString.
Signed-off-by: Markus Frank
---
www/manager6/qemu/MachineEdit.js | 21 +
1 file changed, 21 insertions(+)
diff --git a/www/manager6/qemu/MachineEdit.js b/www/manager6/qemu/MachineEdit.js
index f928c80c..25661106 100644
--- a/www/manager6/qemu/MachineEdit.js
+++ b/www/manager6/qemu/MachineEdit.js
@@ -17,6 +17,12 @@ Ext.define('PVE.qemu.MachineInputPanel', {
let type = value === 'q35' ? 'q35' : 'i440fx';
store.clearFilter();
store.addFilter(val => val.data.id === 'latest' || val.data.type
=== type);
+ if (type === 'i440fx') {
+ me.lookup('viommu').setValue(false);
+ me.lookup('viommu').setDisabled(true);
+ } else {
+ me.lookup('viommu').setDisabled(false);
+ }
if (!me.getView().isWindows) {
version.setValue('latest');
} else {
@@ -40,12 +46,17 @@ Ext.define('PVE.qemu.MachineInputPanel', {
delete values.delete;
}
delete values.version;
+ if (values.viommu) values.machine += ",viommu=1";
+ delete values.viommu;
return values;
},
setValues: function(values) {
let me = this;
+ let machine_conf = PVE.Parser.parsePropertyString(values.machine,
"type");
+ values.machine = machine_conf.type;
+
me.isWindows = values.isWindows;
if (values.machine === 'pc') {
values.machine = '__default__';
@@ -54,10 +65,14 @@ Ext.define('PVE.qemu.MachineInputPanel', {
if (me.isWindows) {
if (values.machine === '__default__') {
values.version = 'pc-i440fx-5.1';
+ values.viommu = false;
} else if (values.machine === 'q35') {
values.version = 'pc-q35-5.1';
}
}
+
+ values.viommu = machine_conf.viommu === "1";
+
if (values.machine !== '__default__' && values.machine !== 'q35') {
values.version = values.machine;
values.machine = values.version.match(/q35/) ? 'q35' :
'__default__';
@@ -108,6 +123,12 @@ Ext.define('PVE.qemu.MachineInputPanel', {
},
},
},
+ {
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('vIOMMU'),
+ name: 'viommu',
+ reference: 'viommu',
+ },
{
xtype: 'displayfield',
fieldLabel: gettext('Note'),
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server 2/3] fix #3784: Parameter for guest vIOMMU & machine as property-string
vIOMMU enables the option to passthrough pci devices to guest-vms
in guest-vms for nested Virtualisation.
Signed-off-by: Markus Frank
---
Changed the machine parameter to allow multiple machine-specific
parameters via property_string, but also allow old configs (via
default_key)
PVE/API2/Qemu.pm | 7 ++---
PVE/QemuConfig.pm | 3 ++-
PVE/QemuServer.pm | 55 ---
PVE/QemuServer/Machine.pm | 6 +++--
4 files changed, 62 insertions(+), 9 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 3ec31c2..fe94c74 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -970,12 +970,13 @@ __PACKAGE__->register_method({
if ((!defined($conf->{vmgenid}) || $conf->{vmgenid} eq '1')
&& $arch ne 'aarch64') {
$conf->{vmgenid} = PVE::QemuServer::generate_uuid();
}
-
- my $machine = $conf->{machine};
+ my $machine_conf =
PVE::QemuServer::parse_machine($conf->{machine});
+ my $machine = $machine_conf->{type};
if (!$machine || $machine =~ m/^(?:pc|q35|virt)$/) {
# always pin Windows' machine version on create, they
get to easily confused
if (PVE::QemuServer::windows_version($conf->{ostype})) {
- $conf->{machine} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $machine_conf->{type} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $conf->{machine} =
print_property_string($machine_conf);
}
}
diff --git a/PVE/QemuConfig.pm b/PVE/QemuConfig.pm
index 482c7ab..f8155c4 100644
--- a/PVE/QemuConfig.pm
+++ b/PVE/QemuConfig.pm
@@ -433,7 +433,8 @@ sub __snapshot_rollback_hook {
} else {
# Note: old code did not store 'machine', so we try to be smart
# and guess the snapshot was generated with kvm 1.4 (pc-i440fx-1.4).
- $data->{forcemachine} = $conf->{machine} || 'pc-i440fx-1.4';
+ my $machine_conf = PVE::QemuServer::parse_machine($conf->{machine});
+ $data->{forcemachine} = $machine_conf->{type} || 'pc-i440fx-1.4';
# we remove the 'machine' configuration if not explicitly specified
# in the original config.
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index c706653..b9f74dd 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -111,6 +111,24 @@
PVE::JSONSchema::register_standard_option('pve-qm-stateuri', {
optional => 1,
});
+my $machine_fmt = {
+type => {
+ default_key => 1,
+ type => 'string',
+ description => "Specifies the Qemu machine type.",
+ pattern =>
'(pc|pc(-i440fx)?-\d+(\.\d+)+(\+pve\d+)?(\.pxe)?|q35|pc-q35-\d+(\.\d+)+(\+pve\d+)?(\.pxe)?|virt(?:-\d+(\.\d+)+)?(\+pve\d+)?)',
+ format_description => "type",
+ maxLength => 40,
+ optional => 1,
+},
+viommu => {
+ type => 'boolean',
+ description => "enable guest vIOMMU (needs kvm to be enabled and q35 to
be set as machine)",
+ default => 0,
+ optional => 1,
+},
+};
+
PVE::JSONSchema::register_standard_option('pve-qemu-machine', {
description => "Specifies the Qemu machine type.",
type => 'string',
@@ -627,7 +645,12 @@ EODESCR
pattern => $PVE::QemuServer::CPUConfig::qemu_cmdline_cpu_re,
format_description => 'QEMU -cpu parameter'
},
-machine => get_standard_option('pve-qemu-machine'),
+machine => {
+ description => "Specifies the Qemu machine type.",
+ type => 'string',
+ optional => 1,
+ format => $machine_fmt,
+},
arch => {
description => "Virtual processor architecture. Defaults to the host.",
optional => 1,
@@ -2095,6 +2118,16 @@ sub parse_watchdog {
return $res;
}
+sub parse_machine {
+my ($value) = @_;
+
+return if !$value;
+
+my $res = eval { parse_property_string($machine_fmt, $value) };
+warn $@ if $@;
+return $res;
+}
+
sub parse_guest_agent {
my ($conf) = @_;
@@ -2166,8 +2199,9 @@ sub qemu_created_version_fixups {
# check if we need to apply some handling for VMs that always use the
latest machine version but
# had a machine version transition happen that affected HW such that,
e.g., an OS config change
# would be required (we do not want to pin machine version for non-windows
OS type)
+my $machine_conf = parse_machine($conf->{machine});
if (
- (!
[pve-devel] [PATCH qemu-server 3/3] added test-cases for new machine-syntax & viommu
added a few test-cases to test the new machine parameter with viommu
Signed-off-by: Markus Frank
---
test/restore-config-expected/401.conf | 14 +
test/restore-config-expected/402.conf | 14 +
test/restore-config-input/401.conf| 14 +
test/restore-config-input/402.conf| 14 +
test/run_qemu_restore_config_tests.pl | 2 +-
.../create/qemu-server/401.conf | 32 +++
.../create/qemu-server/402.conf | 53 +++
.../create/qemu-server/401.conf | 14 +
.../create/qemu-server/402.conf | 33
test/snapshot-test.pm | 8 ++-
10 files changed, 196 insertions(+), 2 deletions(-)
create mode 100644 test/restore-config-expected/401.conf
create mode 100644 test/restore-config-expected/402.conf
create mode 100644 test/restore-config-input/401.conf
create mode 100644 test/restore-config-input/402.conf
create mode 100644 test/snapshot-expected/create/qemu-server/401.conf
create mode 100644 test/snapshot-expected/create/qemu-server/402.conf
create mode 100644 test/snapshot-input/create/qemu-server/401.conf
create mode 100644 test/snapshot-input/create/qemu-server/402.conf
diff --git a/test/restore-config-expected/401.conf
b/test/restore-config-expected/401.conf
new file mode 100644
index 000..9400351
--- /dev/null
+++ b/test/restore-config-expected/401.conf
@@ -0,0 +1,14 @@
+bootdisk: scsi0
+cores: 1
+ide2: none,media=cdrom
+memory: 512
+machine: q35,viommu=1
+name: apache
+net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1
+numa: 0
+ostype: l26
+scsi0: target:401/vm-401-disk-0.qcow2,size=4G
+scsihw: virtio-scsi-pci
+smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd
+sockets: 1
+vmgenid: 0
diff --git a/test/restore-config-expected/402.conf
b/test/restore-config-expected/402.conf
new file mode 100644
index 000..73f69cb
--- /dev/null
+++ b/test/restore-config-expected/402.conf
@@ -0,0 +1,14 @@
+bootdisk: scsi0
+cores: 1
+ide2: none,media=cdrom
+memory: 512
+machine: type=q35,viommu=1
+name: apache
+net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1
+numa: 0
+ostype: l26
+scsi0: target:401/vm-402-disk-0.qcow2,size=4G
+scsihw: virtio-scsi-pci
+smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd
+sockets: 1
+vmgenid: 0
diff --git a/test/restore-config-input/401.conf
b/test/restore-config-input/401.conf
new file mode 100644
index 000..9400351
--- /dev/null
+++ b/test/restore-config-input/401.conf
@@ -0,0 +1,14 @@
+bootdisk: scsi0
+cores: 1
+ide2: none,media=cdrom
+memory: 512
+machine: q35,viommu=1
+name: apache
+net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1
+numa: 0
+ostype: l26
+scsi0: target:401/vm-401-disk-0.qcow2,size=4G
+scsihw: virtio-scsi-pci
+smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd
+sockets: 1
+vmgenid: 0
diff --git a/test/restore-config-input/402.conf
b/test/restore-config-input/402.conf
new file mode 100644
index 000..73f69cb
--- /dev/null
+++ b/test/restore-config-input/402.conf
@@ -0,0 +1,14 @@
+bootdisk: scsi0
+cores: 1
+ide2: none,media=cdrom
+memory: 512
+machine: type=q35,viommu=1
+name: apache
+net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1
+numa: 0
+ostype: l26
+scsi0: target:401/vm-402-disk-0.qcow2,size=4G
+scsihw: virtio-scsi-pci
+smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd
+sockets: 1
+vmgenid: 0
diff --git a/test/run_qemu_restore_config_tests.pl
b/test/run_qemu_restore_config_tests.pl
index 1e1e807..2221abe 100755
--- a/test/run_qemu_restore_config_tests.pl
+++ b/test/run_qemu_restore_config_tests.pl
@@ -25,7 +25,7 @@ $pve_cluster_module->mock(
);
# NOTE update when you add/remove tests
-plan tests => 4;
+plan tests => 6;
my $cfs_mock = Test::MockModule->new("PVE::Cluster");
$cfs_mock->mock(
diff --git a/test/snapshot-expected/create/qemu-server/401.conf
b/test/snapshot-expected/create/qemu-server/401.conf
new file mode 100644
index 000..56cb71c
--- /dev/null
+++ b/test/snapshot-expected/create/qemu-server/401.conf
@@ -0,0 +1,32 @@
+bootdisk: ide0
+cores: 4
+ide0: local:snapshotable-disk-1,discard=on,size=32G
+ide2: none,media=cdrom
+machine: q35,viommu=1
+memory: 8192
+name: win
+net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1
+numa: 0
+ostype: win7
+parent: test
+smbios1: uuid=01234567-890a-bcde-f012-34567890abcd
+sockets: 1
+vga: qxl
+
+[test]
+#test comment
+bootdisk: ide0
+cores: 4
+ide0: local:snapshotable-disk-1,discard=on,size=32G
+ide2: none,media=cdrom
+machine: q35,viommu=1
+memory: 8192
+name: win
+net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1
+numa: 0
+ostype: win7
+parent: test
+smbios1: uuid=01234567-890a-bcde-f012-34567890abcd
+snaptime: 1234567890
+sockets: 1
+vga: qxl
diff --git a/test/snapshot-expected/create/qemu-server/402.conf
b/test/snapshot-expected/create/qemu-server/402.conf
new file mode 100644
index 000..ac485ce
--- /dev/null
+++ b/test/snapshot-expected/create/qem
[pve-devel] [PATCH pve-manager] added options to add virtio-9p & virtio-fs fileshare to the config
Signed-off-by: Markus Frank
---
www/manager6/Makefile| 1 +
www/manager6/Utils.js| 12 ++-
www/manager6/qemu/HardwareView.js| 18 +
www/manager6/qemu/SharedfilesEdit.js | 106 +++
4 files changed, 136 insertions(+), 1 deletion(-)
create mode 100644 www/manager6/qemu/SharedfilesEdit.js
diff --git a/www/manager6/Makefile b/www/manager6/Makefile
index d16770b1..dd907d36 100644
--- a/www/manager6/Makefile
+++ b/www/manager6/Makefile
@@ -209,6 +209,7 @@ JSSRC=
\
qemu/Config.js \
qemu/CreateWizard.js\
qemu/DisplayEdit.js \
+ qemu/SharedfilesEdit.js \
qemu/HDEdit.js \
qemu/HDEfi.js \
qemu/HDTPM.js \
diff --git a/www/manager6/Utils.js b/www/manager6/Utils.js
index 7ca6a271..e3fb40e5 100644
--- a/www/manager6/Utils.js
+++ b/www/manager6/Utils.js
@@ -1569,7 +1569,17 @@ Ext.define('PVE.Utils', {
}
},
-hardware_counts: { net: 32, usb: 5, hostpci: 16, audio: 1, efidisk: 1,
serial: 4, rng: 1, tpmstate: 1 },
+hardware_counts: {
+ net: 32,
+ usb: 5,
+ hostpci: 16,
+ audio: 1,
+ efidisk: 1,
+ serial: 4,
+ rng: 1,
+ tpmstate: 1,
+ sharedfiles: 10,
+},
cleanEmptyObjectKeys: function(obj) {
for (const propName of Object.keys(obj)) {
diff --git a/www/manager6/qemu/HardwareView.js
b/www/manager6/qemu/HardwareView.js
index 6e9d03b4..530934ce 100644
--- a/www/manager6/qemu/HardwareView.js
+++ b/www/manager6/qemu/HardwareView.js
@@ -233,6 +233,16 @@ Ext.define('PVE.qemu.HardwareView', {
header: gettext('Network Device') + ' (' + confid +')',
};
}
+ for (let i = 0; i < PVE.Utils.hardware_counts.sharedfiles; i++) {
+ let confid = "sharedfiles" + i.toString();
+ rows[confid] = {
+ group: 18,
+ order: i,
+ iconCls: 'hdd-o',
+ editor: 'PVE.qemu.SharedfilesEdit',
+ header: gettext('Shared FS') + ' (' + confid +')',
+ };
+ }
rows.efidisk0 = {
group: 20,
iconCls: 'hdd-o',
@@ -578,6 +588,7 @@ Ext.define('PVE.qemu.HardwareView', {
me.down('#addRng').setDisabled(noSysConsolePerm ||
isAtLimit('rng'));
efidisk_menuitem.setDisabled(noVMConfigDiskPerm ||
isAtLimit('efidisk'));
me.down('#addTpmState').setDisabled(noSysConsolePerm ||
isAtLimit('tpmstate'));
+ me.down('#addFileshare').setDisabled(noSysConsolePerm ||
isAtLimit('sharedfiles'));
me.down('#addCloudinitDrive').setDisabled(noSysConsolePerm ||
hasCloudInit);
if (!rec) {
@@ -718,6 +729,13 @@ Ext.define('PVE.qemu.HardwareView', {
disabled: !caps.nodes['Sys.Console'],
handler: editorFactory('RNGEdit'),
},
+ {
+ text: gettext("Shared Filesystem"),
+ itemId: 'addFileshare',
+ iconCls: 'fa fa-fw fa-hdd-o black',
+ disabled: !caps.nodes['Sys.Console'],
+ handler: editorFactory('SharedfilesEdit'),
+ },
],
}),
},
diff --git a/www/manager6/qemu/SharedfilesEdit.js
b/www/manager6/qemu/SharedfilesEdit.js
new file mode 100644
index ..7baf90d3
--- /dev/null
+++ b/www/manager6/qemu/SharedfilesEdit.js
@@ -0,0 +1,106 @@
+Ext.define('PVE.qemu.SharedfilesInputPanel', {
+extend: 'Proxmox.panel.InputPanel',
+xtype: 'pveSharedfilesInputPanel',
+onlineHelp: 'qm_sharedfiles',
+
+insideWizard: false,
+
+onGetValues: function(values) {
+ var me = this;
+ var confid = me.confid;
+ var params = {};
+ params[confid] = PVE.Parser.printPropertyString(values, 'type');
+ console.log(params);
+ return params;
+},
+
+setSharedfiles: function(confid, data) {
+ var me = this;
+ me.confid = confid;
+ me.sharedfiles = data;
+ me.setValues(me.sharedfiles);
+},
+items: [
+ {
+ name: 'type',
+ xtype: 'proxmoxKVComboBox',
+
[pve-devel] [PATCH qemu-server 2/5] added clipboard variable to return at status/current
By that noVNC is able to check if clipboard is active.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 6 ++
1 file changed, 6 insertions(+)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 99b426e..25f3a1d 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -2428,6 +2428,11 @@ __PACKAGE__->register_method({
type => 'boolean',
optional => 1,
},
+ clipboard => {
+ description => "Qemu clipboard enabled in config.",
+ type => 'boolean',
+ optional => 1,
+ },
},
},
code => sub {
@@ -2446,6 +2451,7 @@ __PACKAGE__->register_method({
my $spice = defined($vga->{type}) && $vga->{type} =~ /^virtio/;
$spice ||= PVE::QemuServer::vga_conf_has_spice($conf->{vga});
$status->{spice} = 1 if $spice;
+ $status->{clipboard} = $vga->{clipboard};
}
$status->{agent} = 1 if PVE::QemuServer::get_qga_key($conf, 'enabled');
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v2 1/5] enable clipboard parameter in vga_fmt
added Options to use the qemu vdagent implementation to enable the noVNC
clipboard.
When enabled with SPICE the spice-vdagent gets replaced with the qemu
implementation.
This patch does not solve #1406, but does allow copy and paste with
a running X-session, when spice-vdagent is installed.
Signed-off-by: Markus Frank
---
v2: added pci address to virtio-serial-pci
With this Patch you have the ability to choose which
clipboard-implementation to use when using Spice.
The alternative would be to only allow noVNC
clipboard if no SPICE is running, because qemu cannot use the same
virtserialport twice. This alternative would also disable the ability
to use the noVNC clipboard with VirtIO/VirGL.
PVE/QemuServer.pm | 19 ++-
PVE/QemuServer/PCI.pm | 3 ++-
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index c706653..333afc2 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -190,6 +190,12 @@ my $vga_fmt = {
minimum => 4,
maximum => 512,
},
+clipboard => {
+ description => "enable clipboard (requires spice-vdagent)",
+ type => 'boolean',
+ optional => 1,
+ default => 0
+}
};
my $ivshmem_fmt = {
@@ -3836,6 +3842,13 @@ sub config_to_command {
}
}
+if ($vga->{clipboard} && $vga->{type} =~ /^std|^cirrus|^vmware/) {
+ push @$devices, '-chardev',
'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on';
+ my $pciaddr = print_pci_addr("clipboard", $bridges, $arch,
$machine_type);
+ push @$devices, '-device', "virtio-serial-pci$pciaddr";
+ push @$devices, '-device',
'virtserialport,chardev=vdagent,name=com.redhat.spice.0';
+}
+
my $rng = $conf->{rng0} ? parse_rng($conf->{rng0}) : undef;
if ($rng && $version_guard->(4, 1, 2)) {
check_rng_source($rng->{source});
@@ -3880,7 +3893,11 @@ sub config_to_command {
die "failed to get an ip address of type $pfamily for 'localhost'\n" if
!@nodeaddrs;
push @$devices, '-device', "virtio-serial,id=spice$pciaddr";
- push @$devices, '-chardev', "spicevmc,id=vdagent,name=vdagent";
+ if ($vga->{clipboard}) {
+ push @$devices, '-chardev',
'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on';
+ } else {
+ push @$devices, '-chardev', 'spicevmc,id=vdagent,name=vdagent';
+ }
push @$devices, '-device',
"virtserialport,chardev=vdagent,name=com.redhat.spice.0";
my $localhost = PVE::Network::addr_to_ip($nodeaddrs[0]->{addr});
diff --git a/PVE/QemuServer/PCI.pm b/PVE/QemuServer/PCI.pm
index 3d0e70e..7ddabe0 100644
--- a/PVE/QemuServer/PCI.pm
+++ b/PVE/QemuServer/PCI.pm
@@ -138,7 +138,8 @@ sub get_pci_addr_map {
scsihw1 => { bus => 0, addr => 6 },
ahci0 => { bus => 0, addr => 7 },
qga0 => { bus => 0, addr => 8 },
- spice => { bus => 0, addr => 9 },
+ spice => { bus => 0, addr => 9, conflict_ok => qw(clipboard) },
+ clipboard => { bus => 0, addr => 9, conflict_ok => qw(spice) }, #
clipboard is used if spice is not running
virtio0 => { bus => 0, addr => 10 },
virtio1 => { bus => 0, addr => 11 },
virtio2 => { bus => 0, addr => 12 },
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH novnc 3/5] added show clipboard button patch to series
Signed-off-by: Markus Frank
---
.../patches/0019-show-clipboard-button.patch | 31 +++
debian/patches/series | 1 +
2 files changed, 32 insertions(+)
create mode 100644 debian/patches/0019-show-clipboard-button.patch
diff --git a/debian/patches/0019-show-clipboard-button.patch
b/debian/patches/0019-show-clipboard-button.patch
new file mode 100644
index 000..fec35e2
--- /dev/null
+++ b/debian/patches/0019-show-clipboard-button.patch
@@ -0,0 +1,31 @@
+From 3808828104af3383e6d20e90ea47983c5cd70c28 Mon Sep 17 00:00:00 2001
+From: Markus Frank
+Date: Fri, 2 Sep 2022 14:35:34 +0200
+Subject: [PATCH] show clipboard button
+
+show button when clipboard at status/current is true
+
+Signed-off-by: Markus Frank
+---
+ app/pve.js | 5 +
+ 1 file changed, 5 insertions(+)
+
+diff --git a/app/pve.js b/app/pve.js
+index 3eeaa47..697d059 100644
+--- a/app/pve.js
b/app/pve.js
+@@ -411,6 +411,11 @@ PVEUI.prototype = {
+ document.getElementById('pve_start_dlg')
+ .classList.add("noVNC_open");
+ }
++ let clipboard = result.data.clipboard;
++ if (clipboard) {
++ document.getElementById('noVNC_clipboard_button')
++ .classList.remove('pve_hidden');
++ }
+ },
+ failure: function(msg) {
+ me.UI.showStatus(msg, 'error');
+--
+2.30.2
+
diff --git a/debian/patches/series b/debian/patches/series
index ef9e9df..1eb50db 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,3 +17,4 @@ extra/0001-Ignore-ResizeObserver-errors.patch
0016-hide-fullscreen-button-on-isFullscreen-get-variable.patch
0017-make-error-hideable.patch
0018-show-start-button-on-not-running-vm-ct.patch
+0019-show-clipboard-button.patch
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager 4/5] added clipboard checkbox to DisplayEdit
Signed-off-by: Markus Frank
---
www/manager6/qemu/DisplayEdit.js | 9 +
1 file changed, 9 insertions(+)
diff --git a/www/manager6/qemu/DisplayEdit.js b/www/manager6/qemu/DisplayEdit.js
index 9bb1763e..77434b7e 100644
--- a/www/manager6/qemu/DisplayEdit.js
+++ b/www/manager6/qemu/DisplayEdit.js
@@ -33,7 +33,9 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
return;
}
let memoryfield = this.up('panel').down('field[name=memory]');
+ let clipboardbox =
this.up('panel').down('field[name=clipboard]');
let disableMemoryField = false;
+ let disableClipboardBox = false;
if (val === "cirrus") {
memoryfield.setEmptyText("4");
@@ -44,11 +46,13 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
} else if (val.match(/^(serial\d|none)$/)) {
memoryfield.setEmptyText("N/A");
disableMemoryField = true;
+ disableClipboardBox = true;
} else {
console.debug("unexpected display type", val);
memoryfield.setEmptyText(Proxmox.Utils.defaultText);
}
memoryfield.setDisabled(disableMemoryField);
+ clipboardbox.setDisabled(disableClipboardBox);
},
},
},
@@ -60,6 +64,11 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
maxValue: 512,
step: 4,
name: 'memory',
+},
+{
+xtype: 'proxmoxcheckbox',
+fieldLabel: gettext('noVNC clipboard'),
+name: 'clipboard',
}],
});
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs 5/5] added noVNC clipboard documentation
Signed-off-by: Markus Frank --- qm.adoc | 8 1 file changed, 8 insertions(+) diff --git a/qm.adoc b/qm.adoc index 4d0c7c4..38bc788 100644 --- a/qm.adoc +++ b/qm.adoc @@ -693,6 +693,14 @@ Selecting `serialX` as display 'type' disables the VGA output, and redirects the Web Console to the selected serial port. A configured display 'memory' setting will be ignored in that case. +You can enable the noVNC clipboard by setting 'clipboard' to 1. +To use this, you need to install and enable spice-vdagent on the VM Guest. +Doing this will give you the ability to use the clipboard button on the left +side of the noVNC console. However, when using SPICE, the default SPICE clipboard +implementation will be replaced by the qemu-vdagent implementation, which means +you cannot simply copy and paste in a SPICE session and instead need to use the +noVNC Button. + [[qm_usb_passthrough]] USB Passthrough ~~~ -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server/novnc/manager/docs v3 0/6] Feature noVNC-Clipboard
This patch-series adds a parameter to vga_fmt, that enables the noVNC-Clipboard and replaces the default SPICE-Clipboard if SPICE is used. changes v3: * added hint to make clearer that the spice guest tools are required for the noVNC-clipboard * Checkbox changes to ComboBox when a spice device is selected to make clear that only one clipboard can be used at a time. * added 2 test-cases changes v2: * added pci address to virtio-serial-pci proxmox-backup: Markus Frank (3): enable clipboard parameter in vga_fmt added clipboard variable to return at status/current test cases for clipboard spice & std PVE/API2/Qemu.pm| 6 + PVE/QemuServer.pm | 19 ++- PVE/QemuServer/PCI.pm | 3 ++- test/cfg2cmd/noVNC-clipboard-spice.conf | 1 + test/cfg2cmd/noVNC-clipboard-spice.conf.cmd | 27 + test/cfg2cmd/noVNC-clipboard-std.conf | 1 + test/cfg2cmd/noVNC-clipboard-std.conf.cmd | 27 + 7 files changed, 82 insertions(+), 2 deletions(-) create mode 100644 test/cfg2cmd/noVNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/noVNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/noVNC-clipboard-std.conf create mode 100644 test/cfg2cmd/noVNC-clipboard-std.conf.cmd novnc-pve: Markus Frank (1): added show clipboard button patch to series .../patches/0019-show-clipboard-button.patch | 31 +++ debian/patches/series | 1 + 2 files changed, 32 insertions(+) create mode 100644 debian/patches/0019-show-clipboard-button.patch pve-manager: Markus Frank (1): added clipboard checkbox & combobox to DisplayEdit www/manager6/qemu/DisplayEdit.js | 62 +++- 1 file changed, 61 insertions(+), 1 deletion(-) pve-docs: Markus Frank (1): added noVNC clipboard documentation qm.adoc | 11 +++ 1 file changed, 11 insertions(+) -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v3 1/6] enable clipboard parameter in vga_fmt
added option to use the qemu vdagent implementation to enable the noVNC
clipboard. When enabled with SPICE the spice-vdagent gets replaced with the qemu
implementation.
This patch does not solve #1406, but does allow copy and paste with
a running X-session, when spice-vdagent is installed on the guest.
Signed-off-by: Markus Frank
---
PVE/QemuServer.pm | 19 ++-
PVE/QemuServer/PCI.pm | 3 ++-
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index c706653..333afc2 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -190,6 +190,12 @@ my $vga_fmt = {
minimum => 4,
maximum => 512,
},
+clipboard => {
+ description => "enable clipboard (requires spice-vdagent)",
+ type => 'boolean',
+ optional => 1,
+ default => 0
+}
};
my $ivshmem_fmt = {
@@ -3836,6 +3842,13 @@ sub config_to_command {
}
}
+if ($vga->{clipboard} && $vga->{type} =~ /^std|^cirrus|^vmware/) {
+ push @$devices, '-chardev',
'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on';
+ my $pciaddr = print_pci_addr("clipboard", $bridges, $arch,
$machine_type);
+ push @$devices, '-device', "virtio-serial-pci$pciaddr";
+ push @$devices, '-device',
'virtserialport,chardev=vdagent,name=com.redhat.spice.0';
+}
+
my $rng = $conf->{rng0} ? parse_rng($conf->{rng0}) : undef;
if ($rng && $version_guard->(4, 1, 2)) {
check_rng_source($rng->{source});
@@ -3880,7 +3893,11 @@ sub config_to_command {
die "failed to get an ip address of type $pfamily for 'localhost'\n" if
!@nodeaddrs;
push @$devices, '-device', "virtio-serial,id=spice$pciaddr";
- push @$devices, '-chardev', "spicevmc,id=vdagent,name=vdagent";
+ if ($vga->{clipboard}) {
+ push @$devices, '-chardev',
'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on';
+ } else {
+ push @$devices, '-chardev', 'spicevmc,id=vdagent,name=vdagent';
+ }
push @$devices, '-device',
"virtserialport,chardev=vdagent,name=com.redhat.spice.0";
my $localhost = PVE::Network::addr_to_ip($nodeaddrs[0]->{addr});
diff --git a/PVE/QemuServer/PCI.pm b/PVE/QemuServer/PCI.pm
index 3d0e70e..7ddabe0 100644
--- a/PVE/QemuServer/PCI.pm
+++ b/PVE/QemuServer/PCI.pm
@@ -138,7 +138,8 @@ sub get_pci_addr_map {
scsihw1 => { bus => 0, addr => 6 },
ahci0 => { bus => 0, addr => 7 },
qga0 => { bus => 0, addr => 8 },
- spice => { bus => 0, addr => 9 },
+ spice => { bus => 0, addr => 9, conflict_ok => qw(clipboard) },
+ clipboard => { bus => 0, addr => 9, conflict_ok => qw(spice) }, #
clipboard is used if spice is not running
virtio0 => { bus => 0, addr => 10 },
virtio1 => { bus => 0, addr => 11 },
virtio2 => { bus => 0, addr => 12 },
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v3 2/6] added clipboard variable to return at status/current
By that noVNC is able to check if clipboard is active.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 6 ++
1 file changed, 6 insertions(+)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 99b426e..25f3a1d 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -2428,6 +2428,11 @@ __PACKAGE__->register_method({
type => 'boolean',
optional => 1,
},
+ clipboard => {
+ description => "Qemu clipboard enabled in config.",
+ type => 'boolean',
+ optional => 1,
+ },
},
},
code => sub {
@@ -2446,6 +2451,7 @@ __PACKAGE__->register_method({
my $spice = defined($vga->{type}) && $vga->{type} =~ /^virtio/;
$spice ||= PVE::QemuServer::vga_conf_has_spice($conf->{vga});
$status->{spice} = 1 if $spice;
+ $status->{clipboard} = $vga->{clipboard};
}
$status->{agent} = 1 if PVE::QemuServer::get_qga_key($conf, 'enabled');
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH novnc v3 4/6] added show clipboard button patch to series
Signed-off-by: Markus Frank
---
.../patches/0019-show-clipboard-button.patch | 31 +++
debian/patches/series | 1 +
2 files changed, 32 insertions(+)
create mode 100644 debian/patches/0019-show-clipboard-button.patch
diff --git a/debian/patches/0019-show-clipboard-button.patch
b/debian/patches/0019-show-clipboard-button.patch
new file mode 100644
index 000..9075f4b
--- /dev/null
+++ b/debian/patches/0019-show-clipboard-button.patch
@@ -0,0 +1,31 @@
+From 338b94a5d7b3ec65ce3f4b9a91420ee5f155077e Mon Sep 17 00:00:00 2001
+From: Markus Frank
+Date: Fri, 28 Oct 2022 13:57:57 +0200
+Subject: [PATCH] show clipboard button
+
+show button when clipboard at status/current is true
+
+Signed-off-by: Markus Frank
+---
+ app/pve.js | 5 +
+ 1 file changed, 5 insertions(+)
+
+diff --git a/app/pve.js b/app/pve.js
+index 287615f..639e598 100644
+--- a/app/pve.js
b/app/pve.js
+@@ -411,6 +411,11 @@ PVEUI.prototype = {
+ document.getElementById('pve_start_dlg')
+ .classList.add("noVNC_open");
+ }
++ let clipboard = result.data.clipboard;
++ if (clipboard) {
++ document.getElementById('noVNC_clipboard_button')
++ .classList.remove('pve_hidden');
++ }
+ },
+ failure: function(msg, code) {
+ if (code === 403) {
+--
+2.36.1
+
diff --git a/debian/patches/series b/debian/patches/series
index ef9e9df..1eb50db 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -17,3 +17,4 @@ extra/0001-Ignore-ResizeObserver-errors.patch
0016-hide-fullscreen-button-on-isFullscreen-get-variable.patch
0017-make-error-hideable.patch
0018-show-start-button-on-not-running-vm-ct.patch
+0019-show-clipboard-button.patch
--
2.36.1
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager v3 5/6] added clipboard checkbox & combobox to DisplayEdit
If display is set to spice the checkbox gets replaced by a combobox to
show the available clipboard options.
Signed-off-by: Markus Frank
---
www/manager6/qemu/DisplayEdit.js | 62 +++-
1 file changed, 61 insertions(+), 1 deletion(-)
diff --git a/www/manager6/qemu/DisplayEdit.js b/www/manager6/qemu/DisplayEdit.js
index 9bb1763e..2cef5ad2 100644
--- a/www/manager6/qemu/DisplayEdit.js
+++ b/www/manager6/qemu/DisplayEdit.js
@@ -33,22 +33,54 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
return;
}
let memoryfield = this.up('panel').down('field[name=memory]');
+ let clipboardBox =
this.up('panel').down('field[itemId=clipboardBox]');
+ let clipboardDrop =
this.up('panel').down('field[itemId=clipboardDrop]');
+ let vdagentHint =
this.up('panel').down('field[name=vdagentHint]');
let disableMemoryField = false;
+ let spice = false;
+ let showClipboardAndHint = true;
if (val === "cirrus") {
memoryfield.setEmptyText("4");
- } else if (val === "std" || val.match(/^qxl\d?$/) || val ===
"vmware") {
+ } else if (val === "std" || val === "vmware") {
memoryfield.setEmptyText("16");
+ } else if (val.match(/^qxl\d?$/)) {
+ memoryfield.setEmptyText("16");
+ spice = true;
} else if (val.match(/^virtio/)) {
memoryfield.setEmptyText("256");
+ spice = true;
} else if (val.match(/^(serial\d|none)$/)) {
memoryfield.setEmptyText("N/A");
disableMemoryField = true;
+ showClipboardAndHint = false;
} else {
console.debug("unexpected display type", val);
memoryfield.setEmptyText(Proxmox.Utils.defaultText);
}
memoryfield.setDisabled(disableMemoryField);
+ vdagentHint.setVisible(showClipboardAndHint);
+ if (showClipboardAndHint) {
+ // switch from Checkbox to ComboBox and vice versa
+ clipboardBox.setDisabled(spice);
+ clipboardDrop.setDisabled(!spice);
+ clipboardBox.setVisible(!spice);
+ clipboardDrop.setVisible(spice);
+ // reset value when changing to spice,
+ // so that you have to actively change to noVNC Clipboard
+ if (spice) {
+ clipboardDrop.setValue('__default__');
+ }
+ } else {
+ // reset to default
+ clipboardBox.setValue(false);
+ clipboardDrop.setValue('__default__');
+ // show only the disabled Checkbox
+ clipboardBox.setDisabled(true);
+ clipboardDrop.setDisabled(true);
+ clipboardBox.setVisible(true);
+ clipboardDrop.setVisible(false);
+ }
},
},
},
@@ -60,6 +92,34 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
maxValue: 512,
step: 4,
name: 'memory',
+},
+{
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('noVNC Clipboard'),
+ name: 'clipboard',
+ itemId: 'clipboardBox',
+},
+{
+ name: 'clipboard',
+ itemId: 'clipboardDrop',
+ xtype: 'proxmoxKVComboBox',
+ value: '__default__',
+ deleteEmpty: false,
+ fieldLabel: gettext('Clipboard'),
+ comboItems: [
+ ['__default__', 'SPICE-Clipboard'],
+ ['1', 'noVNC-Clipboard'],
+ ],
+ disabled: true,
+ hidden: true,
+},
+{
+ itemId: 'vdagentHint',
+ name: 'vdagentHint',
+ xtype: 'displayfield',
+ userCls: 'pmx-hint',
+ value: 'Clipboard for noVNC requires spice-tools installed and ' +
+ 'enabled in the Guest-VM.',
}],
});
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v3 3/6] test cases for clipboard spice & std
added one test case for a spice display and one for std Signed-off-by: Markus Frank --- test/cfg2cmd/noVNC-clipboard-spice.conf | 1 + test/cfg2cmd/noVNC-clipboard-spice.conf.cmd | 27 + test/cfg2cmd/noVNC-clipboard-std.conf | 1 + test/cfg2cmd/noVNC-clipboard-std.conf.cmd | 27 + 4 files changed, 56 insertions(+) create mode 100644 test/cfg2cmd/noVNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/noVNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/noVNC-clipboard-std.conf create mode 100644 test/cfg2cmd/noVNC-clipboard-std.conf.cmd diff --git a/test/cfg2cmd/noVNC-clipboard-spice.conf b/test/cfg2cmd/noVNC-clipboard-spice.conf new file mode 100644 index 000..d9d933d --- /dev/null +++ b/test/cfg2cmd/noVNC-clipboard-spice.conf @@ -0,0 +1 @@ +vga: qxl,clipboard=1 diff --git a/test/cfg2cmd/noVNC-clipboard-spice.conf.cmd b/test/cfg2cmd/noVNC-clipboard-spice.conf.cmd new file mode 100644 index 000..f24cc7f --- /dev/null +++ b/test/cfg2cmd/noVNC-clipboard-spice.conf.cmd @@ -0,0 +1,27 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \ + -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \ + -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \ + -device 'qxl-vga,id=vga,max_outputs=4,bus=pci.0,addr=0x2' \ + -device 'virtio-serial,id=spice,bus=pci.0,addr=0x9' \ + -chardev 'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on' \ + -device 'virtserialport,chardev=vdagent,name=com.redhat.spice.0' \ + -spice 'tls-port=61000,addr=127.0.0.1,tls-ciphers=HIGH,seamless-migration=on' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=pc+pve0' diff --git a/test/cfg2cmd/noVNC-clipboard-std.conf b/test/cfg2cmd/noVNC-clipboard-std.conf new file mode 100644 index 000..ec84637 --- /dev/null +++ b/test/cfg2cmd/noVNC-clipboard-std.conf @@ -0,0 +1 @@ +vga: std,clipboard=1 diff --git a/test/cfg2cmd/noVNC-clipboard-std.conf.cmd b/test/cfg2cmd/noVNC-clipboard-std.conf.cmd new file mode 100644 index 000..2a7e3f4 --- /dev/null +++ b/test/cfg2cmd/noVNC-clipboard-std.conf.cmd @@ -0,0 +1,27 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \ + -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \ + -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \ + -device 'usb-tablet,id=tablet,bus=uhci.0,port=1' \ + -device 'VGA,id=vga,bus=pci.0,addr=0x2' \ + -chardev 'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on' \ + -device 'virtio-serial-pci,bus=pci.0,addr=0x9' \ + -device 'virtserialport,chardev=vdagent,name=com.redhat.spice.0' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=pc+pve0' -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs v3 6/6] added noVNC clipboard documentation
Signed-off-by: Markus Frank --- qm.adoc | 11 +++ 1 file changed, 11 insertions(+) diff --git a/qm.adoc b/qm.adoc index 4d0c7c4..3a575bc 100644 --- a/qm.adoc +++ b/qm.adoc @@ -693,6 +693,17 @@ Selecting `serialX` as display 'type' disables the VGA output, and redirects the Web Console to the selected serial port. A configured display 'memory' setting will be ignored in that case. +You can enable the noVNC clipboard by setting 'clipboard' to 1. +To use this, you need to install and enable spice-vdagent on the VM Guest: +`apt install spice-vdagent` + +Doing this will give you the ability to use the clipboard button of the novnc +console. However, when using SPICE, you have to decide which clipboard you want +to use, because the default SPICE clipboard implementation will be replaced by +the qemu-vdagent implementation, which is used by noVNC. +This means you cannot simply copy and paste into a SPICE session and instead +need to use the noVNC button, when using SPICE with noVNC-clipboard. + [[qm_usb_passthrough]] USB Passthrough ~~~ -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs v2 2/2] added Memory Encryption documentation
added AMD SEV documentation for "[PATCH qemu-server] QEMU AMD SEV
enable"
Signed-off-by: Markus Frank
---
qm.adoc | 113
1 file changed, 113 insertions(+)
diff --git a/qm.adoc b/qm.adoc
index e7d0c07..5ba43a2 100644
--- a/qm.adoc
+++ b/qm.adoc
@@ -598,6 +598,119 @@ systems.
When allocating RAM to your VMs, a good rule of thumb is always to leave 1GB
of RAM available to the host.
+[[qm_memory_encryption]]
+Memory Encryption
+~
+
+[[qm_memory_encryption_sev]]
+AMD SEV
+^^^
+
+Memory Encryption per VM using AES-128 Encryption and the AMD Secure Processor.
+See https://developer.amd.com/sev/[AMD SEV]
+
+*Host-Requirements:*
+
+* AMD EPYC/Ryzen PRO CPU
+* configured SEV BIOS settings on Host Machine
+* add "kvm_amd.sev=1" to kernel parameters if not enabled by default
+* add "mem_encrypt=on" to kernel parameters if you want encrypt memory on the
+host (SME)
+see https://www.kernel.org/doc/Documentation/x86/amd-memory-encryption.txt
+* maybe increase SWIOTLB see https://github.com/AMDESE/AMDSEV#faq-4
+
+To check if SEV is enabled on Host-Machine search for `sev` in dmesg
+and print out the sev kernel parameter of kvm_amd:
+
+
+# dmesg | grep -i sev
+[...] ccp :45:00.1: sev enabled
+[...] ccp :45:00.1: SEV API:
+[...] SEV supported: ASIDs
+[...] SEV-ES supported: ASIDs
+# cat /sys/module/kvm_amd/parameters/sev
+Y
+
+
+*Guest-VM-Requirements:*
+
+* edk2-OVMF
+* advisable to use Q35
+* The guest operating system inside the VM must contain SEV-support
+* if there are problems while booting (stops at blank/splash screen or "Guest
has not
+initialized the display (yet)") try to add virtio-rng and/or set "freeze: 1"
+so that you wait a few seconds before you click on *Resume* to boot.
+
+*Limitations:*
+
+* Because the memory is encrypted the memory usage on host is always wrong
+* Operations that involve saving or restoring memory like snapshots
+& live migration do not work yet or are attackable
+https://github.com/PSPReverse/amd-sev-migration-attack
+* KVM is unsupported when running as an SEV guest
+* PCI passthrough is not supported
+
+Example Configuration:
+
+
+# qm set -memory_encryption
type=sev,cbitpos=47,policy=0x0001,reduced-phys-bits=1
+
+
+*SEV Parameters*
+
+*type* defines the encryption technology ("type=" is not necessary):
+currently-supported: *sev*
+and in the future: sev-snp, mktme
+
+*reduced-phys-bios*, *cbitpos* and *policy* correspond to the variables with
the
+same name in qemu.
+
+*reduced-phys-bios* and *cbitpos* are system specific and can be read out
+with QMP. If not set, qm starts a dummy-vm to read QMP
+for these variables out and saves them to config.
+
+*policy* can be calculated with
+https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf[AMD
SEV API Specification Chapter 3]
+
+To use SEV-ES (CPU register encryption) the *policy* should be set
+somewhere between 0x4 and 0x7 or 0xC and 0xF, etc.
+(Bit-2 has to be set 1 (LSB 0 bit numbering))
+
+*Check if SEV is working on the Guest*
+
+Method 1 - dmesg:
+
+Output should look like this.
+
+
+# dmesg | grep -i sev
+AMD Memory Encryption Features active: SEV
+
+
+Method 2 - MSR 0xc0010131 (MSR_AMD64_SEV):
+
+Output should be 1.
+
+
+# apt install msr-tools
+# modprobe msr
+# rdmsr -a 0xc0010131
+1
+
+
+Links:
+
+* https://github.com/AMDESE/AMDSEV
+* https://www.qemu.org/docs/master/system/i386/amd-memory-encryption.html
+* https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf
+* https://documentation.suse.com/sles/15-SP1/html/SLES-amd-sev/index.html
+
+// Commented because cannot be tested without new EPYC-CPU
+// AMD SEV-SNP
+// ^^^
+// * SEV-SNP needs EPYC 7003 "Milan" processors.
+// * SEV-SNP should in Kernel 5.19:
+//
https://www.phoronix.com/scan.php?page=news_item&px=AMD-SEV-SNP-Arrives-Linux-5.19
[[qm_network_device]]
Network Device
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v2 1/2] QEMU AMD SEV enable
This Patch is for enabling AMD SEV (Secure Encrypted
Virtualization) support in QEMU and enabling future
memory encryption technologies like INTEL MKTME
(Multi-key Total Memory Encryption) and SEV-SNP.
Config-Example:
memory_encryption: type=sev,cbitpos=47,policy=0x0001,reduced-phys-bits=1
reduced-phys-bios, cbitpos and policy correspond to the varibles with the
same name in qemu.
reduced-phys-bios and cbitpos are system specific and can be read out
with QMP. If not set by the user, a dummy-vm gets started to read QMP
for these variables out and save them to config. Afterwards the dummy-vm gets
stopped.
policy can be calculated with the links in comments & description.
To test SEV-ES (CPU register encryption) the policy should be set
somewhere between 0x4 and 0x7 or 0xC and 0xF, etc.
(Bit-2 has to be set 1 (LSB 0 bit numbering))
SEV needs edk2-OVMF to work.
Signed-off-by: Markus Frank
---
PVE/QemuServer.pm | 133 ++
1 file changed, 133 insertions(+)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 513a248..2ea8abd 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -175,6 +175,58 @@ my $agent_fmt = {
},
};
+my $memory_encryption_fmt = {
+type => {
+ type => 'string',
+ default_key => 1,
+ description => "Memory Encryption Type:"
+ ." for AMD SEV -> 'memory_encryption: type=sev';"
+ ." for AMD SEV-ES -> use 'sev' and change policy to between 0x4 and
0x7;"
+ ." (Bit-2 has to be set 1 (LSB 0 bit numbering))"
+ #. "for AMD SEV-SNP -> 'memory_encryption: type=sev-snp'"
+ ." (sev requires edk2-ovmf & sev kernel support by guest operating
system &"
+ ." on host: add kernel-parameters 'mem_encrypt=on kvm_amd.sev=1')"
+ ." see https://github.com/AMDESE/AMDSEV &"
+ ."
https://documentation.suse.com/sles/15-SP1/html/SLES-amd-sev/index.html";,
+ format_description => "qemu-memory-encryption-type",
+ # TODO enable sev-snp option when feature can be tested on 3rd-gen EPYC
+ # https://www.phoronix.com/news/AMD-SEV-SNP-Arrives-Linux-5.19
+ # enum => ['sev','sev-snp','mktme'],
+ enum => ['sev'],
+ maxLength => 10,
+},
+'reduced-phys-bits' => {
+ description => "Number of bits the physical address space is reduced
by. System dependent",
+ type => 'integer',
+ default => 1,
+ optional => 1,
+ minimum => 0,
+ maximum => 100,
+},
+cbitpos => {
+ description => "C-bit: marks if a memory page is protected. System
dependent",
+ type => 'integer',
+ default => 47,
+ optional => 1,
+ minimum => 0,
+ maximum => 100,
+},
+policy => {
+ description => "SEV Guest Policy"
+ . "see Capter 3:"
+ .
"https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf";
+ . "&
https://www.qemu.org/docs/master/system/i386/amd-memory-encryption.html";,
+
+ format_description => "qemu-memory-encryption-policy",
+ type => 'string',
+ default => '0x',
+ pattern => '0[xX][0-9a-fA-F]{1,4}',
+ optional => 1,
+ maxLength => 6,
+},
+};
+PVE::JSONSchema::register_format('pve-qemu-memory-encryption-fmt',
$memory_encryption_fmt);
+
my $vga_fmt = {
type => {
description => "Select the VGA type.",
@@ -349,6 +401,12 @@ my $confdesc = {
minimum => 16,
default => 512,
},
+memory_encryption => {
+ description => "Memory Encryption",
+ optional => 1,
+ format => 'pve-qemu-memory-encryption-fmt',
+ type => 'string',
+},
balloon => {
optional => 1,
type => 'integer',
@@ -2113,6 +2171,17 @@ sub parse_guest_agent {
return $res;
}
+sub parse_memory_encryption {
+my ($value) = @_;
+
+return if !$value;
+
+my $res = eval { parse_property_string($memory_encryption_fmt, $value) };
+warn $@ if $@;
+return $res;
+}
+
+
sub get_qga_key {
my ($conf, $key) = @_;
return undef if !defined($conf->{agent});
@@ -4085,6 +4154,70 @@ sub config_to_command {
}
push @$machineFlags, "type=${machine_type_min}";
+# Memory Encryption
+my $memory_encryption =
parse_memory_encryption($conf->{'memory_encryption'});
+
+# Die if bios is not ovmf
+if (
+ $memory_encryption->{'ty
[pve-devel] [PATCH qemu-server/docs v2 0/2] AMD SEV
qemu-server:
v2:
* spelling of minimum
* !$conf->{bios} eq 'ovmf' changed to $conf->{bios} ne 'ovmf'
Markus Frank (1):
QEMU AMD SEV enable
PVE/QemuServer.pm | 133 ++
1 file changed, 133 insertions(+)
docs:
v2:
* added more details for host & clients
* moved things from Limitations to Requirements
* changed order of text
Markus Frank (1):
added Memory Encryption documentation
qm.adoc | 113
1 file changed, 113 insertions(+)
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH qemu-server v2 1/2] QEMU AMD SEV enable
Thanks for the feedback. I will send v3 when I was able to test it on an EPYC
CPU.
On 11/14/22 14:06, Fiona Ebner wrote:
Am 11.11.22 um 15:27 schrieb Markus Frank:
This Patch is for enabling AMD SEV (Secure Encrypted
Virtualization) support in QEMU and enabling future
memory encryption technologies like INTEL MKTME
(Multi-key Total Memory Encryption) and SEV-SNP.
Config-Example:
memory_encryption: type=sev,cbitpos=47,policy=0x0001,reduced-phys-bits=1
reduced-phys-bios, cbitpos and policy correspond to the varibles with the
same name in qemu.
reduced-phys-bios and cbitpos are system specific and can be read out
with QMP. If not set by the user, a dummy-vm gets started to read QMP
for these variables out and save them to config. Afterwards the dummy-vm gets
stopped.
Why even allow the user to set them if they are system-specific values?
Or are there multiple possible values on some systems? If not, it should
be a node-specific configuration, rather than a VM-specific one. That
would also only require starting the dummy VM once per node, or we could
require the user to set the values in some node config (of course
mentioning how in the docs :))
I moved the system specific parameters to the node config:
amd_sev: cbitpos=47,reduced-phys-bits=1
policy can be calculated with the links in comments & description.
To test SEV-ES (CPU register encryption) the policy should be set
somewhere between 0x4 and 0x7 or 0xC and 0xF, etc.
(Bit-2 has to be set 1 (LSB 0 bit numbering))
SEV needs edk2-OVMF to work.
Signed-off-by: Markus Frank
---
PVE/QemuServer.pm | 133 ++
1 file changed, 133 insertions(+)
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 513a248..2ea8abd 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -175,6 +175,58 @@ my $agent_fmt = {
},
};
+my $memory_encryption_fmt = {
+type => {
+ type => 'string',
+ default_key => 1,
+ description => "Memory Encryption Type:"
Nit: I'd rather have the description be a sentence or two, what it's all
about and add a verbose_description to describe the individual variants.
+ ." for AMD SEV -> 'memory_encryption: type=sev';"
+ ." for AMD SEV-ES -> use 'sev' and change policy to between 0x4 and
0x7;"
+ ." (Bit-2 has to be set 1 (LSB 0 bit numbering))"
Nit: better to use 0x0004 and 0x0007, because 0x4 and 0x7 are not valid
values for 'policy' below.
+ #. "for AMD SEV-SNP -> 'memory_encryption: type=sev-snp'"
+ ." (sev requires edk2-ovmf & sev kernel support by guest operating system
&"
+ ." on host: add kernel-parameters 'mem_encrypt=on kvm_amd.sev=1')"
+ ." see https://github.com/AMDESE/AMDSEV &"
+ ."
https://documentation.suse.com/sles/15-SP1/html/SLES-amd-sev/index.html";,
+ format_description => "qemu-memory-encryption-type",
+ # TODO enable sev-snp option when feature can be tested on 3rd-gen EPYC
+ # https://www.phoronix.com/news/AMD-SEV-SNP-Arrives-Linux-5.19
+ # enum => ['sev','sev-snp','mktme'],
Nit: I feel like these comments don't really belong in the patch. Maybe
just add a single high-level TODO comment? The rest should be done by
the patch actually adding sev-snp ;)
removed
Also, the many links might be better left to the documentation patch.
Is the rest of the format even compatible with Intel's MKTME? I.e.
does/will that also have reduced-phys-bits, 4 policy bits and cbitpos?
If there is some overlap or if we expect to be easily able to translate
certain settings, we can still keep a general memory_encryption_fmt, but
otherwise, it might be better to have completely distinct formats for
Intel and AMD?
Yes. Let's separate Intel and AMD.
+ enum => ['sev'],
+ maxLength => 10,
+},
+'reduced-phys-bits' => {
+ description => "Number of bits the physical address space is reduced by.
System dependent",
+ type => 'integer',
+ default => 1,
The default is system-dependent and automatically figured out by the
dummy VM. Also the kvm man pages states
On EPYC, the value should be 5.
so why 1?
On the EPYC CPUs I have used, the value was 1.
And on https://www.qemu.org/docs/master/system/i386/amd-memory-encryption.html
they also use reduced-phys-bits=1
+ optional => 1,
+ minimum => 0,
+ maximum => 100,
+},
+cbitpos => {
+ description => "C-bit: marks if a memory page is protected. System
dependent",
+ type => 'integer',
+ default => 47,
Same here with regards to auto-magic.
+
[pve-devel] [PATCH docs v4 4/5] added vIOMMU documentation
Signed-off-by: Markus Frank
---
qm-pci-passthrough.adoc | 25 +
1 file changed, 25 insertions(+)
diff --git a/qm-pci-passthrough.adoc b/qm-pci-passthrough.adoc
index fa6ba35..7ed4d49 100644
--- a/qm-pci-passthrough.adoc
+++ b/qm-pci-passthrough.adoc
@@ -389,6 +389,31 @@ Example configuration with an `Intel GVT-g vGPU` (`Intel
Skylake 6700k`):
With this set, {pve} automatically creates such a device on VM start, and
cleans it up again when the VM stops.
+[[qm_pci_viommu]]
+vIOMMU
+~~
+
+vIOMMU enables the option to passthrough pci devices to Level-2 VMs
+in Level-1 VMs via Nested Virtualisation.
+
+Host-Requirement: Set `intel_iommu=on` or `amd_iommu=on` depending on your
+CPU.
+
+VM-Requirement: For both Intel and AMD CPUs you will have to set
+`intel_iommu=on` as a Linux boot parameter in the vIOMMU-enabled-VM, because
+Qemu implements the Intel variant.
+
+To enable vIOMMU you have to add `viommu=1` to the machine-parameter in the
+VM-Configuration, of the VM that you want to be able to passthrough pci
devices.
+
+
+# qm set VMID -machine q35,viommu=1
+
+
+Guest vIOMMU only works with the *q35* machine type and with *kvm* enabled.
+
+https://wiki.qemu.org/Features/VT-d
+
ifdef::wiki[]
See Also
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v4 2/5] fix #3784: Parameter for guest vIOMMU & machine as property-string
vIOMMU enables the option to passthrough pci devices to L2 VMs
in L1 VMs via Nested Virtualisation.
QEMU-Parameters:
https://www.qemu.org/docs/master/system/qemu-manpage.html
https://wiki.qemu.org/Features/VT-d
-machine ...,kernel-irqchip=split:
"split" because of intremap see below.
-device intel-iommu:
* caching-mode=on:
"It is required for -device vfio-pci to work with the VT-d device, because host
assigned devices requires to setup the DMA mapping on the host before guest DMA
starts."
* intremap=on:
"This enables interrupt remapping feature. It's required to enable complete
x2apic. Currently it only supports kvm kernel-irqchip modes off or split, while
full kernel-irqchip is not yet supported."
Signed-off-by: Markus Frank
---
for dmar on virtio-devices:
* device-iotlb
"This enables device-iotlb capability for the emulated VT-d device. So far
virtio/vhost should be the only real user for this parameter, paired with
ats=on configured for the device."
* disable-legacy=on,disable-modern=off,iommu_platform=on,ats=on:
I did not find any good documentation.
Maybe someone can explain these parameters and how to use them right.
As I tried them with virtio-net-pci I got about 4-9 times less transfer-speed
when sending then without them.
However these Parameters seem not to be necessary for passthroughing
Assigned Devices, so I would say "dmar for virtio" would be its own
separate feature.
v4:
* added kvm/q35 checks in API
* reused pve-qemu-machine
v3:
* replaced old machine type with property-string with viommu-parameter
v2:
* moved viommu-parameter inside of machine_fmt and added it the new
parameter machine_properties
new Config -> machine_properties: viommu=1,etc
* check if kvm and q35 are set
PVE/API2/Qemu.pm | 21 ---
PVE/QemuConfig.pm | 3 ++-
PVE/QemuServer.pm | 55 ---
PVE/QemuServer/Machine.pm | 6 +++--
4 files changed, 75 insertions(+), 10 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index badfc37..5268e56 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -979,13 +979,19 @@ __PACKAGE__->register_method({
$conf->{vmgenid} = PVE::QemuServer::generate_uuid();
}
- my $machine = $conf->{machine};
+ my $machine_conf =
PVE::QemuServer::parse_machine($conf->{machine});
+ my $machine = $machine_conf->{type};
if (!$machine || $machine =~ m/^(?:pc|q35|virt)$/) {
# always pin Windows' machine version on create, they
get to easily confused
- if
(PVE::QemuServer::Helpers::windows_version($conf->{ostype})) {
- $conf->{machine} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ if (PVE::QemuServer::windows_version($conf->{ostype})) {
+ $machine_conf->{type} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $conf->{machine} =
PVE::QemuServer::print_machine($machine_conf);
}
}
+ my $q35 = $machine_conf->{type} && ($machine_conf->{type}
=~ m/q35/) ? 1 : 0;
+ if ((!$conf->{kvm} || !$q35) && $machine_conf->{viommu}) {
+ die "to use vIOMMU please enable kvm and set the
machine type to q35\n"
+ }
PVE::QemuConfig->write_config($vmid, $conf);
@@ -1770,7 +1776,14 @@ my $update_vm_api = sub {
} elsif ($opt eq 'tags') {
assert_tag_permissions($vmid, $conf->{$opt},
$param->{$opt}, $rpcenv, $authuser);
$conf->{pending}->{$opt} =
PVE::GuestHelpers::get_unique_tags($param->{$opt});
- } else {
+ } elsif ($opt eq 'machine') {
+ my $machine_conf =
PVE::QemuServer::parse_machine($param->{$opt});
+ my $q35 = $machine_conf->{type} && ($machine_conf->{type}
=~ m/q35/) ? 1 : 0;
+ if ((!$conf->{kvm} || !$q35) && $machine_conf->{viommu}) {
+ die "to use vIOMMU please enable kvm and set the
machine type to q35\n"
+ }
+ $conf->{pending}->{$opt} = $param->{$opt};
+ }else {
$conf->{pending}->{$opt} = $param->{$opt};
if ($opt eq 'boot') {
diff --git a/PVE/QemuConfig.pm b/PVE/QemuConfig.pm
index 051382c..7c998ef 100644
--- a/PVE/QemuConfig.pm
+++ b/PVE/QemuConfig.pm
@@ -433,7 +433,8 @@ sub __snapshot_rollback_hook {
} else {
# Note: old code did not store 'machine&#x
[pve-devel] [PATCH manager v4 5/5] ui: MachineEdit with viommu checkbox
Added a Checkbox to enable viommu, if q35 is selected.
Otherwise (i440fx & !kvm) the checkbox is disabled, if not ticked on
before. If ticked on before, the user is able to uncheck the checkbox.
If kvm is deactivated or i440fx is selected, a Hint tells that q35 and
kvm are required for vIOMMU.
The UI also needs to parse the new machine parameter as PropertyString.
Signed-off-by: Markus Frank
---
www/manager6/qemu/MachineEdit.js | 56
1 file changed, 56 insertions(+)
diff --git a/www/manager6/qemu/MachineEdit.js b/www/manager6/qemu/MachineEdit.js
index f928c80c..03fcf36d 100644
--- a/www/manager6/qemu/MachineEdit.js
+++ b/www/manager6/qemu/MachineEdit.js
@@ -1,6 +1,7 @@
Ext.define('PVE.qemu.MachineInputPanel', {
extend: 'Proxmox.panel.InputPanel',
xtype: 'pveMachineInputPanel',
+onlineHelp: 'qm_pci_viommu',
controller: {
xclass: 'Ext.app.ViewController',
@@ -12,11 +13,26 @@ Ext.define('PVE.qemu.MachineInputPanel', {
onMachineChange: function(field, value) {
let me = this;
let version = me.lookup('version');
+ let kvm = me.lookup('kvm');
+ let viommu = me.lookup('viommu');
+ let kvmHint = me.lookup('kvmQ35Hint');
let store = version.getStore();
let oldRec = store.findRecord('id', version.getValue(), 0, false,
false, true);
let type = value === 'q35' ? 'q35' : 'i440fx';
store.clearFilter();
store.addFilter(val => val.data.id === 'latest' || val.data.type
=== type);
+ if ((type === 'q35' && kvm.getValue()) || viommu.getValue()) {
+ viommu.setDisabled(false);
+ kvmHint.setVisible(false);
+ } else {
+ // disable checkbox if vIOMMU is not possible and checkbox was
not
+ // ticked on before
+ viommu.setDisabled(true);
+ }
+ if (type === 'i440fx' || !kvm.getValue()) {
+ // show hint when vIOMMU cannot be used
+ kvmHint.setVisible(true);
+ }
if (!me.getView().isWindows) {
version.setValue('latest');
} else {
@@ -35,17 +51,31 @@ Ext.define('PVE.qemu.MachineInputPanel', {
},
onGetValues: function(values) {
+ console.log(values);
if (values.version && values.version !== 'latest') {
values.machine = values.version;
delete values.delete;
+ } else if ((typeof values.machine === 'undefined') && values.viommu) {
+ // set machine to pc to raise the viommu + i440fx error from backend
+ // instead of regex error
+ values.machine = "pc";
+ delete values.delete;
}
delete values.version;
+ if (values.viommu) {
+ values.machine += ",viommu=1";
+ }
+ delete values.viommu;
+ delete values.kvm;
return values;
},
setValues: function(values) {
let me = this;
+ let machineConf = PVE.Parser.parsePropertyString(values.machine,
"type");
+ values.machine = machineConf.type;
+
me.isWindows = values.isWindows;
if (values.machine === 'pc') {
values.machine = '__default__';
@@ -58,6 +88,11 @@ Ext.define('PVE.qemu.MachineInputPanel', {
values.version = 'pc-q35-5.1';
}
}
+
+ me.lookup('kvm').setValue(values.kvm);
+ values.viommu = machineConf.viommu === "1";
+ me.lookup('viommu').setValue(values.viommu);
+
if (values.machine !== '__default__' && values.machine !== 'q35') {
values.version = values.machine;
values.machine = values.version.match(/q35/) ? 'q35' :
'__default__';
@@ -113,6 +148,26 @@ Ext.define('PVE.qemu.MachineInputPanel', {
fieldLabel: gettext('Note'),
value: gettext('Machine version change may affect hardware layout
and settings in the guest OS.'),
},
+ {
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('vIOMMU'),
+ name: 'viommu',
+ reference: 'viommu',
+ },
+ {
+ xtype: 'proxmoxcheckbox',
+ name: 'kvm',
+ reference: 'kvm',
+ hidden: true,
+ },
+ {
+ xtype: 'displayfield',
+ name: 'kvmQ35Hint',
+ reference: 'kvmQ35Hint',
+
[pve-devel] [PATCH qemu-server v4 0/5] vIOMMU-Feature
qemu-server: v4: * added kvm/q35 checks in API * reused pve-qemu-machine v3: * replaced old machine type with property-string with viommu-parameter v2: * moved viommu-parameter inside of machine_fmt and added it the new parameter machine_properties new Config -> machine_properties: viommu=1,etc * check if kvm and q35 are set Markus Frank (3): tests: replaced somemachine&someothermachine with q35&pc fix #3784: Parameter for guest vIOMMU & machine as property-string added test-cases for new machine-syntax & viommu PVE/API2/Qemu.pm | 21 +-- PVE/QemuConfig.pm | 3 +- PVE/QemuServer.pm | 55 ++- PVE/QemuServer/Machine.pm | 6 +- test/cfg2cmd/viommu.conf | 1 + test/cfg2cmd/viommu.conf.cmd | 23 test/restore-config-expected/401.conf | 14 + test/restore-config-expected/402.conf | 14 + test/restore-config-input/401.conf| 14 + test/restore-config-input/402.conf| 14 + test/run_qemu_restore_config_tests.pl | 2 +- .../commit/qemu-server/101.conf | 2 +- .../commit/qemu-server/102.conf | 2 +- .../commit/qemu-server/201.conf | 2 +- .../commit/qemu-server/202.conf | 2 +- .../commit/qemu-server/203.conf | 2 +- .../create/qemu-server/102.conf | 2 +- .../create/qemu-server/104.conf | 4 +- .../create/qemu-server/106.conf | 2 +- .../create/qemu-server/301.conf | 2 +- .../create/qemu-server/302.conf | 2 +- .../create/qemu-server/401.conf | 32 +++ .../create/qemu-server/402.conf | 53 ++ .../delete/qemu-server/203.conf | 2 +- .../delete/qemu-server/204.conf | 2 +- .../prepare/qemu-server/102.conf | 2 +- .../prepare/qemu-server/104.conf | 2 +- .../rollback/qemu-server/101.conf | 2 +- .../rollback/qemu-server/106.conf | 4 +- .../rollback/qemu-server/201.conf | 2 +- .../rollback/qemu-server/202.conf | 2 +- .../rollback/qemu-server/203.conf | 2 +- .../rollback/qemu-server/204.conf | 2 +- .../rollback/qemu-server/205.conf | 2 +- .../rollback/qemu-server/301.conf | 2 +- .../rollback/qemu-server/302.conf | 2 +- .../rollback/qemu-server/303.conf | 2 +- .../commit/qemu-server/101.conf | 2 +- .../commit/qemu-server/102.conf | 2 +- .../commit/qemu-server/201.conf | 2 +- .../commit/qemu-server/202.conf | 2 +- .../commit/qemu-server/203.conf | 2 +- .../create/qemu-server/104.conf | 2 +- .../create/qemu-server/401.conf | 14 + .../create/qemu-server/402.conf | 33 +++ .../delete/qemu-server/101.conf | 2 +- .../delete/qemu-server/203.conf | 2 +- .../delete/qemu-server/204.conf | 2 +- .../rollback/qemu-server/101.conf | 2 +- .../rollback/qemu-server/102.conf | 2 +- .../rollback/qemu-server/103.conf | 2 +- .../rollback/qemu-server/104.conf | 2 +- .../rollback/qemu-server/106.conf | 4 +- .../rollback/qemu-server/201.conf | 2 +- .../rollback/qemu-server/202.conf | 2 +- .../rollback/qemu-server/203.conf | 2 +- .../rollback/qemu-server/204.conf | 2 +- .../rollback/qemu-server/205.conf | 2 +- .../rollback/qemu-server/301.conf | 2 +- .../rollback/qemu-server/302.conf | 2 +- .../rollback/qemu-server/303.conf | 2 +- test/snapshot-test.pm | 8 ++- 62 files changed, 344 insertions(+), 61 deletions(-) create mode 100644 test/cfg2cmd/viommu.conf create mode 100644 test/cfg2cmd/viommu.conf.cmd create mode 100644 test/restore-config-expected/401.conf create mode 100644 test/restore-config-expected/402.conf create mode 100644 test/restore-config-input/401.conf create mode 100644 test/restore-config-input/402.conf create mode 100644 test/snapshot-expected/create/qemu-server/401.conf create mode 100644 test/snapshot-expected/create/qemu-server/402.conf create mode 100644 test/snapshot-input/create/qemu-server/401.conf create mode 100644 test/snapshot-input/create/qemu-server/402.conf docs: Markus Frank (1): added vIOMMU documentation qm-pci-passthrough.adoc | 25 + 1 file changed, 25 insertions(+) manager: v4: * check if kvm is enabled * added kvm+q35 hint Markus Frank (1): ui: MachineEdit with viommu checkbox www/manager6/qemu/
[pve-devel] [PATCH qemu-server v4 3/5] added test-cases for new machine-syntax & viommu
added a few test-cases to test the new machine parameter with viommu Signed-off-by: Markus Frank --- test/cfg2cmd/viommu.conf | 1 + test/cfg2cmd/viommu.conf.cmd | 23 test/restore-config-expected/401.conf | 14 + test/restore-config-expected/402.conf | 14 + test/restore-config-input/401.conf| 14 + test/restore-config-input/402.conf| 14 + test/run_qemu_restore_config_tests.pl | 2 +- .../create/qemu-server/401.conf | 32 +++ .../create/qemu-server/402.conf | 53 +++ .../create/qemu-server/401.conf | 14 + .../create/qemu-server/402.conf | 33 test/snapshot-test.pm | 6 +++ 12 files changed, 219 insertions(+), 1 deletion(-) create mode 100644 test/cfg2cmd/viommu.conf create mode 100644 test/cfg2cmd/viommu.conf.cmd create mode 100644 test/restore-config-expected/401.conf create mode 100644 test/restore-config-expected/402.conf create mode 100644 test/restore-config-input/401.conf create mode 100644 test/restore-config-input/402.conf create mode 100644 test/snapshot-expected/create/qemu-server/401.conf create mode 100644 test/snapshot-expected/create/qemu-server/402.conf create mode 100644 test/snapshot-input/create/qemu-server/401.conf create mode 100644 test/snapshot-input/create/qemu-server/402.conf diff --git a/test/cfg2cmd/viommu.conf b/test/cfg2cmd/viommu.conf new file mode 100644 index 000..6925a74 --- /dev/null +++ b/test/cfg2cmd/viommu.conf @@ -0,0 +1 @@ +machine: type=q35,viommu=1 diff --git a/test/cfg2cmd/viommu.conf.cmd b/test/cfg2cmd/viommu.conf.cmd new file mode 100644 index 000..24e873d --- /dev/null +++ b/test/cfg2cmd/viommu.conf.cmd @@ -0,0 +1,23 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'intel-iommu,intremap=on,caching-mode=on' \ + -readconfig /usr/share/qemu-server/pve-q35-4.0.cfg \ + -device 'usb-tablet,id=tablet,bus=ehci.0,port=1' \ + -device 'VGA,id=vga,bus=pcie.0,addr=0x1' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=q35+pve0,kernel-irqchip=split' diff --git a/test/restore-config-expected/401.conf b/test/restore-config-expected/401.conf new file mode 100644 index 000..9400351 --- /dev/null +++ b/test/restore-config-expected/401.conf @@ -0,0 +1,14 @@ +bootdisk: scsi0 +cores: 1 +ide2: none,media=cdrom +memory: 512 +machine: q35,viommu=1 +name: apache +net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1 +numa: 0 +ostype: l26 +scsi0: target:401/vm-401-disk-0.qcow2,size=4G +scsihw: virtio-scsi-pci +smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd +sockets: 1 +vmgenid: 0 diff --git a/test/restore-config-expected/402.conf b/test/restore-config-expected/402.conf new file mode 100644 index 000..73f69cb --- /dev/null +++ b/test/restore-config-expected/402.conf @@ -0,0 +1,14 @@ +bootdisk: scsi0 +cores: 1 +ide2: none,media=cdrom +memory: 512 +machine: type=q35,viommu=1 +name: apache +net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1 +numa: 0 +ostype: l26 +scsi0: target:401/vm-402-disk-0.qcow2,size=4G +scsihw: virtio-scsi-pci +smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd +sockets: 1 +vmgenid: 0 diff --git a/test/restore-config-input/401.conf b/test/restore-config-input/401.conf new file mode 100644 index 000..9400351 --- /dev/null +++ b/test/restore-config-input/401.conf @@ -0,0 +1,14 @@ +bootdisk: scsi0 +cores: 1 +ide2: none,media=cdrom +memory: 512 +machine: q35,viommu=1 +name: apache +net0: virtio=92:38:11:FD:ED:87,bridge=vmbr0,firewall=1 +numa: 0 +ostype: l26 +scsi0: target:401/vm-401-disk-0.qcow2,size=4G +scsihw: virtio-scsi-pci +smbios1: uuid=ddf91b3f-a597-42be-9a7e-fb6421dcd5cd +sockets: 1 +vmgenid: 0 diff --git a/test/restore-config-input/402.conf b/test/restore-config-input/402.conf new file mode 100644 index 000..73f69cb --- /dev/null +++ b/test/restore-config-input/402.conf @@ -0,0 +1,14 @@ +bootdisk: scsi0 +cores: 1 +ide2: none,media=cdrom +memory: 512 +machine: type=q35,viommu=1 +name:
pve-devel@lists.proxmox.com
needed for new machine parameter parse_property_string checks for the regex, therefore the test-cases with somemachine & someothermachine always fail. So I changed somemachine & someothermachine to q35 & pc with sed sed -i 's/somemachine/q35/g' sed -i 's/someothermachine/pc/g' Signed-off-by: Markus Frank --- test/snapshot-expected/commit/qemu-server/101.conf | 2 +- test/snapshot-expected/commit/qemu-server/102.conf | 2 +- test/snapshot-expected/commit/qemu-server/201.conf | 2 +- test/snapshot-expected/commit/qemu-server/202.conf | 2 +- test/snapshot-expected/commit/qemu-server/203.conf | 2 +- test/snapshot-expected/create/qemu-server/102.conf | 2 +- test/snapshot-expected/create/qemu-server/104.conf | 4 ++-- test/snapshot-expected/create/qemu-server/106.conf | 2 +- test/snapshot-expected/create/qemu-server/301.conf | 2 +- test/snapshot-expected/create/qemu-server/302.conf | 2 +- test/snapshot-expected/delete/qemu-server/203.conf | 2 +- test/snapshot-expected/delete/qemu-server/204.conf | 2 +- test/snapshot-expected/prepare/qemu-server/102.conf | 2 +- test/snapshot-expected/prepare/qemu-server/104.conf | 2 +- test/snapshot-expected/rollback/qemu-server/101.conf | 2 +- test/snapshot-expected/rollback/qemu-server/106.conf | 4 ++-- test/snapshot-expected/rollback/qemu-server/201.conf | 2 +- test/snapshot-expected/rollback/qemu-server/202.conf | 2 +- test/snapshot-expected/rollback/qemu-server/203.conf | 2 +- test/snapshot-expected/rollback/qemu-server/204.conf | 2 +- test/snapshot-expected/rollback/qemu-server/205.conf | 2 +- test/snapshot-expected/rollback/qemu-server/301.conf | 2 +- test/snapshot-expected/rollback/qemu-server/302.conf | 2 +- test/snapshot-expected/rollback/qemu-server/303.conf | 2 +- test/snapshot-input/commit/qemu-server/101.conf | 2 +- test/snapshot-input/commit/qemu-server/102.conf | 2 +- test/snapshot-input/commit/qemu-server/201.conf | 2 +- test/snapshot-input/commit/qemu-server/202.conf | 2 +- test/snapshot-input/commit/qemu-server/203.conf | 2 +- test/snapshot-input/create/qemu-server/104.conf | 2 +- test/snapshot-input/delete/qemu-server/101.conf | 2 +- test/snapshot-input/delete/qemu-server/203.conf | 2 +- test/snapshot-input/delete/qemu-server/204.conf | 2 +- test/snapshot-input/rollback/qemu-server/101.conf| 2 +- test/snapshot-input/rollback/qemu-server/102.conf| 2 +- test/snapshot-input/rollback/qemu-server/103.conf| 2 +- test/snapshot-input/rollback/qemu-server/104.conf| 2 +- test/snapshot-input/rollback/qemu-server/106.conf| 4 ++-- test/snapshot-input/rollback/qemu-server/201.conf| 2 +- test/snapshot-input/rollback/qemu-server/202.conf| 2 +- test/snapshot-input/rollback/qemu-server/203.conf| 2 +- test/snapshot-input/rollback/qemu-server/204.conf| 2 +- test/snapshot-input/rollback/qemu-server/205.conf| 2 +- test/snapshot-input/rollback/qemu-server/301.conf| 2 +- test/snapshot-input/rollback/qemu-server/302.conf| 2 +- test/snapshot-input/rollback/qemu-server/303.conf| 2 +- test/snapshot-test.pm| 2 +- 47 files changed, 50 insertions(+), 50 deletions(-) diff --git a/test/snapshot-expected/commit/qemu-server/101.conf b/test/snapshot-expected/commit/qemu-server/101.conf index 060676e..82c9522 100644 --- a/test/snapshot-expected/commit/qemu-server/101.conf +++ b/test/snapshot-expected/commit/qemu-server/101.conf @@ -18,7 +18,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/102.conf b/test/snapshot-expected/commit/qemu-server/102.conf index 13f33a3..01b8531 100644 --- a/test/snapshot-expected/commit/qemu-server/102.conf +++ b/test/snapshot-expected/commit/qemu-server/102.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/201.conf b/test/snapshot-expected/commit/qemu-server/201.conf index 63a6d77..f8e99dd 100644 --- a/test/snapshot-expected/commit/qemu-server/201.conf +++ b/test/snapshot-expected/commit/qemu-server/201.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/202.conf b/test/snapshot-expected/commit/qemu-server/202.conf index 4c6b84d..a221ba0 100644 --- a/test/snapshot-expected/commit/qemu-server/202.conf +++ b/test/snapshot-expected/commit/qem
[pve-devel] [PATCH qemu-server v3] QEMU AMD SEV enable
This Patch is for enabling AMD SEV (Secure Encrypted
Virtualization) support in QEMU
VM-Config-Examples:
amd_sev: type=std,nodbg=1,noks=1
amd_sev: es,nodbg=1,kernel-hashes=1
Node-Config-Example (gets generated automatically):
amd_sev: cbitpos=47,reduced-phys-bios=1
kernel-hashes, reduced-phys-bios & cbitpos correspond to the varibles
with the same name in qemu.
kernel-hashes=1 adds kernel-hashes to enable measured linux kernel
launch since it is per default off for backward compatibility.
reduced-phys-bios and cbitpos are system specific and can be read out
with QMP. If not set by the user, a dummy-vm gets started to read QMP
for these variables out and save them to the node config.
Afterwards the dummy-vm gets stopped.
type=std stands for standard sev to differentiate it from sev-es (es)
or sev-snp (snp) when support is upstream.
Qemu's sev-guest policy gets calculated with the parameters nodbg & noks
These parameters correspond to policy-bits 0 & 1.
If type=es than policy-bit 2 gets set to 1 to activate SEV-ES.
Policy bit 3 (nosend) is always set to 1, because migration
features for sev are not upstream yet and are attackable.
see coherent doc patch
Signed-off-by: Markus Frank
---
I still could not get SEV-ES to work.
After a firmware update I got the same error like Daniel in his testing:
kvm: ../softmmu/vl.c:2568: qemu_machine_creation_done: Assertion
`machine->cgs->ready' failed.
v3:
* moved parameters to node config
* created get_sev_parameters_from_node function
* added policy calculation
v2:
* spelling of minimum
* !$conf->{bios} eq 'ovmf' changed to $conf->{bios} ne 'ovmf'
PVE/API2/Qemu.pm | 9 +++
PVE/QemuServer.pm | 140 ++
2 files changed, 149 insertions(+)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index badfc37..82b53d0 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -4358,6 +4358,10 @@ __PACKAGE__->register_method({
# test if VM exists
my $conf = PVE::QemuConfig->load_config($vmid);
+ my $amd_sev_conf = PVE::QemuServer::parse_amd_sev($conf->{amd_sev});
+ die "AMD SEV does not support migration\n"
+ if ($amd_sev_conf->{type} eq 'std');
+
# try to detect errors early
PVE::QemuConfig->check_lock($conf);
@@ -4909,6 +4913,11 @@ __PACKAGE__->register_method({
die "unable to use snapshot name 'pending' (reserved name)\n"
if lc($snapname) eq 'pending';
+ my $conf = PVE::QemuConfig->load_config($vmid);
+ my $amd_sev_conf = PVE::QemuServer::parse_amd_sev($conf->{amd_sev});
+ die "AMD SEV does not support snapshots\n"
+ if ($amd_sev_conf->{type} eq 'std');
+
my $realcmd = sub {
PVE::Cluster::log_msg('info', $authuser, "snapshot VM $vmid:
$snapname");
PVE::QemuConfig->snapshot_create($vmid, $snapname,
$param->{vmstate},
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index a52a883..9e1267d 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -56,6 +56,7 @@ use PVE::QemuServer::Memory;
use PVE::QemuServer::Monitor qw(mon_cmd);
use PVE::QemuServer::PCI qw(print_pci_addr print_pcie_addr
print_pcie_root_port parse_hostpci);
use PVE::QemuServer::USB qw(parse_usb_device);
+use PVE::NodeConfig;
my $have_sdn;
eval {
@@ -170,6 +171,59 @@ my $agent_fmt = {
},
};
+my $sev_fmt = {
+type => {
+ description => "Enable standard SEV with type='std' or enable SEV-ES"
+ ." with the 'es' option.",
+ type => 'string',
+ default_key => 1,
+ format_description => "qemu-sev-type",
+ enum => ['std', 'es'],
+ maxLength => 3,
+},
+nodbg => {
+ description => "Sets policy bit 0 to 1 to disallow debugging of guest",
+ type => 'boolean',
+ format_description => "qemu-sev-nodbg",
+ default => 0,
+ optional => 1,
+},
+noks => {
+ description => "Sets policy bit 1 to 1 to disallow key sharing with
other guests",
+ type => 'boolean',
+ format_description => "qemu-sev-noks",
+ default => 0,
+ optional => 1,
+},
+"kernel-hashes" => {
+ description => "Add kernel hashes to guest firmware for measured linux
kernel launch",
+ type => 'boolean',
+ format_description => "qemu-sev-kernel-hashes",
+ default => 0,
+ optional => 1,
+},
+};
+PVE::JSONSchema::register_format('pve-qemu-sev-fmt', $sev_fmt);
+
+my $sev_node_fmt = {
+cbitpos => {
+ description => "C-bit: marks if a memory pa
[pve-devel] [PATCH docs v3] added Memory Encryption documentation
added AMD SEV documentation for "[PATCH qemu-server] QEMU AMD SEV
enable"
Signed-off-by: Markus Frank
---
v3:
* added more information
* removed some grammar errors
v2:
* added more details for host & guests
* moved things from Limitations to Requirements
* changed order of text
qm.adoc | 118
1 file changed, 118 insertions(+)
diff --git a/qm.adoc b/qm.adoc
index e7d0c07..6f79289 100644
--- a/qm.adoc
+++ b/qm.adoc
@@ -598,6 +598,124 @@ systems.
When allocating RAM to your VMs, a good rule of thumb is always to leave 1GB
of RAM available to the host.
+[[qm_memory_encryption]]
+Memory Encryption
+~
+
+[[qm_memory_encryption_sev]]
+AMD SEV
+^^^
+
+SEV (Secure Encrypted Virtualization) enables Memory Encryption per VM using
+AES-128 Encryption and the AMD Secure Processor.
+
+SEV-ES (Secure Encrypted Virtualization-Encrypted State) in addition encrypts
+all CPU register contents when a VM stops running, to prevent leakage of
+information to the hypervisor.
+
+*Host Requirements:*
+
+* AMD EPYC/Ryzen PRO
+* SEV-ES is only supported on AMD EPYC 7xx2 and newer
+* configured SEV BIOS settings on Host Machine
+* add "kvm_amd.sev=1" to kernel parameters if not enabled by default
+* add "mem_encrypt=on" to kernel parameters if you want to encrypt memory on
the
+host (SME)
+see https://www.kernel.org/doc/Documentation/x86/amd-memory-encryption.txt
+* maybe increase SWIOTLB see https://github.com/AMDESE/AMDSEV#faq-4
+
+To check if SEV is enabled on the host search for `sev` in dmesg
+and print out the SEV kernel parameter of kvm_amd:
+
+
+# dmesg | grep -i sev
+[...] ccp :45:00.1: sev enabled
+[...] ccp :45:00.1: SEV API:
+[...] SEV supported: ASIDs
+[...] SEV-ES supported: ASIDs
+# cat /sys/module/kvm_amd/parameters/sev
+Y
+
+
+Node Configuration (/etc/pve/nodes/mona/config):
+
+
+amd_sev: cbitpos=47,reduced-phys-bits=1
+
+
+*reduced-phys-bios* and *cbitpos* correspond to the variables with the
+same name in qemu. They are system specific and can be read out
+with QMP. If not set, qm starts a dummy-vm to read QMP
+for these variables out and saves them to config.
+
+*Guest Requirements:*
+
+* edk2-OVMF
+* advisable to use Q35
+* The guest operating system must contain SEV-support.
+* If there are problems while booting (stops at blank/splash screen)
+try to add virtio-rng.
+
+*Limitations:*
+
+* Because the memory is encrypted the memory usage on host is always wrong.
+* Operations that involve saving or restoring memory like snapshots
+& live migration do not work yet or are attackable.
+https://github.com/PSPReverse/amd-sev-migration-attack
+* PCI passthrough is not supported.
+* Qemu & AMD-SEV documentation is very limited.
+* Nested virtualization and kvm is not supported under SEV-ES.
+
+Example Configuration:
+
+
+# qm set -amd_sev type=std,nodbg=1,noks=1,kernel-hashes=1
+
+
+*type* defines the encryption technology ("type=" is not necessary).
+Available options: std, es
+
+The Qemu *policy* parameter gets calculated with the *nodbg* and *noks*
+parameters.
+These parameters correspond to policy-bit 0 and 1.
+If *type* is *es* the policy-bit 2 is set to 1 so that SEV-ES is enabled.
+Policy-bit 3 (nosend) is always set to 1 to prevent migration-attacks.
+For more information on how to calculate the policy see:
+https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf[AMD
SEV API Specification Chapter 3]
+
+The *kernel-hashes* is per default off for backward compatibility with older
OVMF images
+and guests that do not measure the kernel/initrd.
+See https://lists.gnu.org/archive/html/qemu-devel/2021-11/msg02598.html
+
+*Check if SEV is working on the guest*
+
+Method 1 - dmesg:
+
+Output should look like this.
+
+
+# dmesg | grep -i sev
+AMD Memory Encryption Features active: SEV
+
+
+Method 2 - MSR 0xc0010131 (MSR_AMD64_SEV):
+
+Output should be 1.
+
+
+# apt install msr-tools
+# modprobe msr
+# rdmsr -a 0xc0010131
+1
+
+
+Links:
+
+* https://developer.amd.com/sev/
+* https://github.com/AMDESE/AMDSEV
+* https://www.qemu.org/docs/master/system/i386/amd-memory-encryption.html
+* https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf
+* https://documentation.suse.com/sles/15-SP1/html/SLES-amd-sev/index.html
[[qm_network_device]]
Network Device
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server/manager/access-control/docs v2 0/6] feature #1027 virtio-9p/virtio-fs
v2: replaced sharedfiles_fmt path in qemu-server with dirid: - admin defines dirs on the host that are eligibly for mounting into guests (: /path/tp/share) - admin gives access via an ACL (/dirs/) - user can then use the dirid to specify the directory without requiring root access pve-docs: Markus Frank (1): added shared filesystem doc for virtio-fs & virtio-9p qm.adoc | 61 + 1 file changed, 61 insertions(+) pve-access-control: Markus Frank (1): added acls for Shared Files Directories src/PVE/AccessControl.pm | 2 ++ src/PVE/RPCEnvironment.pm | 12 +++- 2 files changed, 13 insertions(+), 1 deletion(-) pve-manager: Markus Frank (3): added Config for Shared Files Directories added Shared Files tab in Node Settings added options to add virtio-9p & virtio-fs fileshare to qemu config PVE/API2/DirConfig.pm| 129 +++ PVE/API2/Makefile| 1 + PVE/API2/Nodes.pm| 6 + PVE/DirConfig.pm | 139 + PVE/Makefile | 1 + www/manager6/Makefile| 2 + www/manager6/Utils.js| 1 + www/manager6/data/PermPathStore.js | 3 + www/manager6/node/Config.js | 12 ++ www/manager6/node/SharedFiles.js | 177 +++ www/manager6/qemu/HardwareView.js| 19 +++ www/manager6/qemu/SharedfilesEdit.js | 101 +++ 12 files changed, 591 insertions(+) create mode 100644 PVE/API2/DirConfig.pm create mode 100644 PVE/DirConfig.pm create mode 100644 www/manager6/node/SharedFiles.js create mode 100644 www/manager6/qemu/SharedfilesEdit.js qemu-server: Markus Frank (1): feature #1027: virtio-9p & virtio-fs support PVE/API2/Qemu.pm | 20 ++- PVE/QemuServer.pm | 135 ++ 2 files changed, 154 insertions(+), 1 deletion(-) -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH access-control v2 2/6] added acls for Shared Filesystem Directories
Signed-off-by: Markus Frank
---
src/PVE/AccessControl.pm | 2 ++
src/PVE/RPCEnvironment.pm | 12 +++-
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index a95d072..742304c 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1221,6 +1221,8 @@ sub check_path {
|/storage/[[:alnum:]\.\-\_]+
|/vms
|/vms/[1-9][0-9]{2,}
+ |/dirs
+ |/dirs/[[:alnum:]\.\-\_]+
)$!xs;
}
diff --git a/src/PVE/RPCEnvironment.pm b/src/PVE/RPCEnvironment.pm
index 0ee2346..f8bbc56 100644
--- a/src/PVE/RPCEnvironment.pm
+++ b/src/PVE/RPCEnvironment.pm
@@ -187,10 +187,11 @@ sub compute_api_permission {
nodes => qr/Sys\.|Permissions\.Modify/,
sdn => qr/SDN\.|Permissions\.Modify/,
dc => qr/Sys\.Audit|SDN\./,
+ dirs => qr/Sys\.|Permissions\.Modify/,
};
map { $res->{$_} = {} } keys %$priv_re_map;
-my $required_paths = ['/', '/nodes', '/access/groups', '/vms', '/storage',
'/sdn'];
+my $required_paths = ['/', '/nodes', '/access/groups', '/vms', '/storage',
'/sdn', '/dirs'];
my $checked_paths = {};
foreach my $path (@$required_paths, keys %{$usercfg->{acl}}) {
@@ -240,6 +241,7 @@ sub get_effective_permissions {
'/sdn' => 1,
'/storage' => 1,
'/vms' => 1,
+ '/dirs' => 1,
};
my $cfg = $self->{user_cfg};
@@ -355,6 +357,14 @@ sub check_vm_perm {
return $self->check_full($user, "/vms/$vmid", $privs, $any, $noerr);
};
+sub check_dir_perm {
+my ($self, $user, $dirid, $privs, $any, $noerr) = @_;
+
+my $cfg = $self->{user_cfg};
+
+return $self->check_full($user, "/dirs/$dirid", $privs, $any, $noerr);
+};
+
sub is_group_member {
my ($self, $group, $user) = @_;
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs v2 1/6] added shared filesystem doc for virtio-fs & virtio-9p
Signed-off-by: Markus Frank --- qm.adoc | 61 + 1 file changed, 61 insertions(+) diff --git a/qm.adoc b/qm.adoc index 45ec17f..9a687f8 100644 --- a/qm.adoc +++ b/qm.adoc @@ -932,6 +932,67 @@ recommended to always use a limiter to avoid guests using too many host resources. If desired, a value of '0' for `max_bytes` can be used to disable all limits. +[[qm_sharedfiles]] +Shared Filesystems +~~ + +add directories for Shared Filesystems +^^ + +To add a directory either add a directory to the "Shared Files" list in the node +config in the WebUI or add it to the /etc/pve/nodes//dirs config file +like this: + + +: /path/to/share + + +9pfs (virtio-9p) + + +QEMU's 9pfs uses the Plan 9 Filesystem Protocol to share a directory on the host +with a guest VM. + +To share a directory with 9p, run the following command: + + +qm set -sharedfiles0 virtio-9p,dirid=,tag= + + +To mount QEMU's 9pfs in a guest VM with the Linux kernel 9p driver, run the +following command: + + +mount -t 9p -o trans=virtio,version=9p2000.L + + +https://www.linux-kvm.org/page/9p_virtio + +https://wiki.qemu.org/Documentation/9psetup + +virtio-fs +^ + +Virtio-fs is a shared file system, that enables sharing between host and +guest VM while taking advantage of the locality of virtual machines and the +hypervisor to get a higher throughput than 9p. +Numa must be disabled to use virtio-fs. + +To share a directory with virtio-fs, run the following command: + + +qm set -sharedfiles0 virtio-fs,dirid=,tag= + + +To mount virtio-fs in a guest VM with the Linux kernel virtiofs driver, run the +following command: + + +mount -t virtiofs + + +https://virtio-fs.gitlab.io/howto-qemu.html + [[qm_bootorder]] Device Boot Order ~ -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v2 6/6] feature #1027: virtio-9p & virtio-fs support
adds support for sharing directorys with a guest vm
virtio-9p can be simply started with qemu.
virtio-fs needs virtiofsd to be started before qemu.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 20 ++-
PVE/QemuServer.pm | 135 ++
2 files changed, 154 insertions(+), 1 deletion(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index badfc37..404778d 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -639,6 +639,8 @@ my $check_vm_modify_config_perm = sub {
# the user needs Disk and PowerMgmt privileges to change the vmstate
# also needs privileges on the storage, that will be checked later
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Disk',
'VM.PowerMgmt' ]);
+ } elsif ($opt =~ m/^sharedfiles\d$/) {
+ # needs $param->{$opt} so checkout $check_vm_dir_perm
} else {
# catches hostpci\d+, args, lock, etc.
# new options will be checked here
@@ -649,6 +651,20 @@ my $check_vm_modify_config_perm = sub {
return 1;
};
+my $check_vm_dir_perm = sub {
+my ($rpcenv, $authuser, $param) = @_;
+
+return 1 if $authuser eq 'root@pam';
+
+foreach my $opt (keys %{$param}) {
+ if ($opt =~ m/^sharedfiles\d$/) {
+ my $sharedfiles =
PVE::QemuServer::parse_sharedfiles($param->{$opt});
+ $rpcenv->check_dir_perm($authuser, $sharedfiles->{dirid},
['VM.Config.Options']);
+ }
+}
+return 1;
+};
+
__PACKAGE__->register_method({
name => 'vmlist',
path => '',
@@ -875,7 +891,7 @@ __PACKAGE__->register_method({
&$check_storage_access($rpcenv, $authuser, $storecfg, $vmid,
$param, $storage);
&$check_vm_modify_config_perm($rpcenv, $authuser, $vmid, $pool, [
keys %$param]);
-
+ &$check_vm_dir_perm($rpcenv, $authuser, $param);
&$check_vm_create_serial_perm($rpcenv, $authuser, $vmid, $pool,
$param);
&$check_vm_create_usb_perm($rpcenv, $authuser, $vmid, $pool,
$param);
@@ -1576,6 +1592,8 @@ my $update_vm_api = sub {
&$check_vm_modify_config_perm($rpcenv, $authuser, $vmid, undef, [keys
%$param]);
+&$check_vm_dir_perm($rpcenv, $authuser, $param);
+
&$check_storage_access($rpcenv, $authuser, $storecfg, $vmid, $param);
my $updatefn = sub {
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index a746b3d..bde514f 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -44,6 +44,7 @@ use PVE::SysFSTools;
use PVE::Systemd;
use PVE::Tools qw(run_command file_read_firstline file_get_contents
dir_glob_foreach get_host_arch $IPV6RE);
+
use PVE::QMPClient;
use PVE::QemuConfig;
use PVE::QemuServer::Helpers qw(min_version config_aware_timeout
windows_version);
@@ -56,6 +57,7 @@ use PVE::QemuServer::Memory;
use PVE::QemuServer::Monitor qw(mon_cmd);
use PVE::QemuServer::PCI qw(print_pci_addr print_pcie_addr
print_pcie_root_port parse_hostpci);
use PVE::QemuServer::USB qw(parse_usb_device);
+use PVE::DirConfig;
my $have_sdn;
eval {
@@ -267,6 +269,31 @@ my $rng_fmt = {
},
};
+my $sharedfiles_fmt = {
+type => {
+ type => 'string',
+ default_key => 1,
+ enum => ['virtio-9p', 'virtio-fs'],
+ description => "sharedfiles via"
+ ." virtio-9p (https://www.linux-kvm.org/page/9p_virtio)"
+ ." or virtio-fs (https://virtio-fs.gitlab.io/howto-qemu.html)",
+ format_description => "virtio-sharedfiles-type",
+ optional => 1,
+},
+dirid => {
+ type => 'string',
+ description => "dirid of directory you want to share with the guest VM",
+ format_description => "virtio-sharedfiles-dirid",
+ optional => 1,
+},
+tag => {
+ type => 'string',
+ description => "tag name for mounting in the guest VM",
+ format_description => "virtio-sharedfiles-tag",
+ optional => 1,
+},
+};
+
my $meta_info_fmt = {
'ctime' => {
type => 'integer',
@@ -828,6 +855,7 @@ while (my ($k, $v) = each %$confdesc) {
my $MAX_USB_DEVICES = 14;
my $MAX_NETS = 32;
+my $MAX_SHAREDFILES = 10;
my $MAX_SERIAL_PORTS = 4;
my $MAX_PARALLEL_PORTS = 3;
my $MAX_NUMA = 8;
@@ -970,6 +998,12 @@ my $netdesc = {
description => "Specify network devices.",
};
+my $sharedfilesdesc = {
+optional => 1,
+type => 'string', format => $sharedfiles_fmt,
+description => "share files between host and guest",
+};
+
PVE::JSONSchema::register_standard_option("pve-qm-net", $netdesc);
my $ipconfig_fmt = {
@@ -1031,6 +1065,10 @@ for (my $i = 0; $i < $MAX_
[pve-devel] [PATCH qemu-server v2 4/6] added Shared Files tab in Node Settings
to add/remove/show directories that are available for shared
filesystems.
and added /dir path to PermPathStore.
Signed-off-by: Markus Frank
---
www/manager6/Makefile | 1 +
www/manager6/data/PermPathStore.js | 3 +
www/manager6/node/Config.js| 12 ++
www/manager6/node/SharedFiles.js | 177 +
4 files changed, 193 insertions(+)
create mode 100644 www/manager6/node/SharedFiles.js
diff --git a/www/manager6/Makefile b/www/manager6/Makefile
index 9786337b..7146fab1 100644
--- a/www/manager6/Makefile
+++ b/www/manager6/Makefile
@@ -195,6 +195,7 @@ JSSRC=
\
node/CmdMenu.js \
node/Config.js \
node/Directory.js \
+ node/SharedFiles.js \
node/LVM.js \
node/LVMThin.js \
node/StatusView.js \
diff --git a/www/manager6/data/PermPathStore.js
b/www/manager6/data/PermPathStore.js
index cf702c03..3ac2e6fb 100644
--- a/www/manager6/data/PermPathStore.js
+++ b/www/manager6/data/PermPathStore.js
@@ -13,6 +13,7 @@ Ext.define('PVE.data.PermPathStore', {
{ 'value': '/sdn/zones' },
{ 'value': '/storage' },
{ 'value': '/vms' },
+ { 'value': '/dirs' },
],
constructor: function(config) {
@@ -39,6 +40,8 @@ Ext.define('PVE.data.PermPathStore', {
break;
case 'pool': path = '/pool/' + record.get('pool');
break;
+ case 'dirs': path = '/dirs/' + record.get('dirs');
+ break;
}
if (path !== undefined && !donePaths[path]) {
me.add({ value: path });
diff --git a/www/manager6/node/Config.js b/www/manager6/node/Config.js
index 7e5b1112..ed2f0fcb 100644
--- a/www/manager6/node/Config.js
+++ b/www/manager6/node/Config.js
@@ -407,6 +407,18 @@ Ext.define('PVE.node.Config', {
});
}
+ if (caps.nodes['Sys.Modify']) {
+ me.items.push(
+ {
+ xtype: 'pveSharedFilesList',
+ title: gettext('Shared Files'),
+ iconCls: 'fa fa-folder',
+ onlineHelp: 'qm_sharedfiles',
+ itemId: 'sharedFiles',
+ },
+ );
+ }
+
me.items.push(
{
title: gettext('Task History'),
diff --git a/www/manager6/node/SharedFiles.js b/www/manager6/node/SharedFiles.js
new file mode 100644
index ..9fa7797e
--- /dev/null
+++ b/www/manager6/node/SharedFiles.js
@@ -0,0 +1,177 @@
+Ext.define('PVE.node.CreateSharedFiles', {
+extend: 'Proxmox.window.Edit',
+xtype: 'pveCreateSharedFiles',
+
+subject: "Shared Directories",
+
+onlineHelp: 'qm_sharedfiles',
+
+initComponent: function() {
+var me = this;
+
+ if (!me.nodename) {
+ throw "no node name specified";
+ }
+
+ me.isCreate = true;
+
+Ext.applyIf(me, {
+ url: "/nodes/" + me.nodename + "/dirs",
+ method: 'POST',
+ items: [
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'dirid',
+ fieldLabel: gettext('Directory ID'),
+ allowBlank: false,
+ },
+ {
+ xtype: 'proxmoxtextfield',
+ name: 'path',
+ fieldLabel: gettext('Directory Path'),
+ allowBlank: false,
+ },
+],
+});
+
+me.callParent();
+},
+});
+
+Ext.define('PVE.node.SharedFilesList', {
+extend: 'Ext.grid.Panel',
+xtype: 'pveSharedFilesList',
+
+viewModel: {
+ data: {
+ path: '',
+ },
+ formulas: {
+ dirid: (get) => get('dirid'),
+ },
+},
+
+controller: {
+ xclass: 'Ext.app.ViewController',
+
+ removeDirectory: function() {
+ let me = this;
+ let vm = me.getViewModel();
+ let view = me.getView();
+
+ const dirid = vm.get('dirid');
+ console.log(dirid);
+ if (!view.nodename) {
+ throw "no node name specified";
+ }
+
+ if (!dirid) {
+ throw "no directory name spe
[pve-devel] [PATCH manager v2 3/6] added Config for Shared Filesystem Directories
and made an API Endpoint for getting, adding and removing
directories to the config.
Signed-off-by: Markus Frank
---
PVE/API2/DirConfig.pm | 129 +++
PVE/API2/Makefile | 1 +
PVE/API2/Nodes.pm | 6 ++
PVE/DirConfig.pm | 139 ++
PVE/Makefile | 1 +
5 files changed, 276 insertions(+)
create mode 100644 PVE/API2/DirConfig.pm
create mode 100644 PVE/DirConfig.pm
diff --git a/PVE/API2/DirConfig.pm b/PVE/API2/DirConfig.pm
new file mode 100644
index ..f551f2d3
--- /dev/null
+++ b/PVE/API2/DirConfig.pm
@@ -0,0 +1,129 @@
+package PVE::API2::DirConfig;
+
+use strict;
+use warnings;
+
+use PVE::JSONSchema qw(get_standard_option);
+use PVE::DirConfig;
+use PVE::Tools qw(extract_param);
+
+use base qw(PVE::RESTHandler);
+
+__PACKAGE__->register_method({
+name => 'get_config',
+path => '',
+method => 'GET',
+description => "Get Directories for Host Directory Sharing.",
+permissions => {
+ check => ['perm', '/', [ 'Sys.Audit' ]],
+},
+proxyto => 'node',
+parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ },
+},
+returns => {
+ type => 'array',
+ items => {
+ type => 'object',
+ properties => {
+ dirid => {
+ type => 'string',
+ description => 'Directory ID',
+ },
+ path => {
+ type => 'string',
+ description => 'Host Directory Path',
+ },
+ },
+ },
+},
+code => sub {
+ my ($param) = @_;
+
+ my $config = PVE::DirConfig::load_config($param->{node});
+ delete $config->{description};
+ my $result = [];
+ foreach my $key (keys %{$config}) {
+ push @$result, {
+ dirid => $key,
+ path => $config->{$key},
+ };
+ }
+
+ return $result;
+}
+});
+
+__PACKAGE__->register_method({
+name => 'add_dir',
+path => '',
+method => 'POST',
+description => "Add Directories for Host Directory Sharing.",
+permissions => {
+ check => ['perm', '/', [ 'Sys.Modify' ]],
+},
+protected => 1,
+proxyto => 'node',
+parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ dirid => {
+ type => 'string',
+ pattern => '[a-zA-Z0-9\-]+',
+ },
+ path => {
+ type => 'string',
+ maxLength => 4096,
+ format => 'pve-storage-path',
+ },
+ },
+},
+returns => { type => "null" },
+code => sub {
+ my ($param) = @_;
+ my $node = extract_param($param, 'node');
+ my $dirid = extract_param($param, 'dirid');
+ my $path = extract_param($param, 'path');
+ PVE::DirConfig::add_dir_config($node, $dirid, $path);
+ return undef;
+},
+});
+
+
+__PACKAGE__->register_method({
+name => 'del_dir',
+path => '',
+method => 'DELETE',
+description => "Remove Directory from Host Directory Sharing.",
+permissions => {
+ check => ['perm', '/', [ 'Sys.Modify' ]],
+},
+protected => 1,
+proxyto => 'node',
+parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ dirid => {
+ type => 'string',
+ pattern => '[a-zA-Z0-9\-]+',
+ },
+ },
+},
+returns => { type => "null" },
+code => sub {
+ my ($param) = @_;
+
+ my $node = extract_param($param, 'node');
+ my $dirid = extract_param($param, 'dirid');
+ PVE::DirConfig::del_dir_config($node, $dirid);
+ return undef;
+},
+});
+
+
+1;
diff --git a/PVE/API2/Makefile b/PVE/API2/Makefile
index 5c08ebe0..1b96223c 100644
--- a/PVE/API2/Makefile
+++ b/PVE/API2/Makefile
@@ -12,6 +12,7 @@ PERLSOURCE = \
Ceph.pm \
Certificates.pm \
Cluster.pm \
+ DirConfig.pm\
HAConfig.pm \
[pve-devel] [PATCH qemu-server v2 5/6] added options to add virtio-9p & virtio-fs Shared Filesystems to qemu config
Signed-off-by: Markus Frank
---
www/manager6/Makefile| 1 +
www/manager6/Utils.js| 1 +
www/manager6/qemu/HardwareView.js| 19 +
www/manager6/qemu/SharedfilesEdit.js | 101 +++
4 files changed, 122 insertions(+)
create mode 100644 www/manager6/qemu/SharedfilesEdit.js
diff --git a/www/manager6/Makefile b/www/manager6/Makefile
index 7146fab1..cb035734 100644
--- a/www/manager6/Makefile
+++ b/www/manager6/Makefile
@@ -237,6 +237,7 @@ JSSRC=
\
qemu/QemuBiosEdit.js\
qemu/RNGEdit.js \
qemu/SSHKey.js \
+ qemu/SharedfilesEdit.js \
qemu/ScsiHwEdit.js \
qemu/SerialEdit.js \
qemu/Smbios1Edit.js \
diff --git a/www/manager6/Utils.js b/www/manager6/Utils.js
index 8c118fa2..5ac830a3 100644
--- a/www/manager6/Utils.js
+++ b/www/manager6/Utils.js
@@ -1579,6 +1579,7 @@ Ext.define('PVE.Utils', {
serial: 4,
rng: 1,
tpmstate: 1,
+ sharedfiles: 10,
},
// we can have usb6 and up only for specific machine/ostypes
diff --git a/www/manager6/qemu/HardwareView.js
b/www/manager6/qemu/HardwareView.js
index af35a980..10091aee 100644
--- a/www/manager6/qemu/HardwareView.js
+++ b/www/manager6/qemu/HardwareView.js
@@ -309,6 +309,16 @@ Ext.define('PVE.qemu.HardwareView', {
never_delete: !caps.nodes['Sys.Console'],
header: gettext("VirtIO RNG"),
};
+ for (let i = 0; i < PVE.Utils.hardware_counts.sharedfiles; i++) {
+ let confid = "sharedfiles" + i.toString();
+ rows[confid] = {
+ group: 50,
+ order: i,
+ iconCls: 'folder',
+ editor: 'PVE.qemu.SharedfilesEdit',
+ header: gettext('Shared FS') + ' (' + confid +')',
+ };
+ }
var sorterFn = function(rec1, rec2) {
var v1 = rec1.data.key;
@@ -582,6 +592,7 @@ Ext.define('PVE.qemu.HardwareView', {
const noVMConfigDiskPerm = !caps.vms['VM.Config.Disk'];
const noVMConfigCDROMPerm = !caps.vms['VM.Config.CDROM'];
const noVMConfigCloudinitPerm = !caps.vms['VM.Config.Cloudinit'];
+ const noVMConfigOptionsPerm = !caps.vms['VM.Config.Options'];
me.down('#addUsb').setDisabled(noSysConsolePerm || isAtUsbLimit());
me.down('#addPci').setDisabled(noSysConsolePerm ||
isAtLimit('hostpci'));
@@ -591,6 +602,7 @@ Ext.define('PVE.qemu.HardwareView', {
me.down('#addRng').setDisabled(noSysConsolePerm ||
isAtLimit('rng'));
efidisk_menuitem.setDisabled(noVMConfigDiskPerm ||
isAtLimit('efidisk'));
me.down('#addTpmState').setDisabled(noSysConsolePerm ||
isAtLimit('tpmstate'));
+ me.down('#addFileshare').setDisabled(noVMConfigOptionsPerm ||
isAtLimit('sharedfiles'));
me.down('#addCloudinitDrive').setDisabled(noVMConfigCDROMPerm ||
noVMConfigCloudinitPerm || hasCloudInit);
if (!rec) {
@@ -735,6 +747,13 @@ Ext.define('PVE.qemu.HardwareView', {
disabled: !caps.nodes['Sys.Console'],
handler: editorFactory('RNGEdit'),
},
+ {
+ text: gettext("Shared Filesystem"),
+ itemId: 'addFileshare',
+ iconCls: 'fa fa-folder',
+ disabled: !caps.nodes['Sys.Console'],
+ handler: editorFactory('SharedfilesEdit'),
+ },
],
}),
},
diff --git a/www/manager6/qemu/SharedfilesEdit.js
b/www/manager6/qemu/SharedfilesEdit.js
new file mode 100644
index ..8ebcef6c
--- /dev/null
+++ b/www/manager6/qemu/SharedfilesEdit.js
@@ -0,0 +1,101 @@
+Ext.define('PVE.qemu.SharedfilesInputPanel', {
+extend: 'Proxmox.panel.InputPanel',
+xtype: 'pveSharedfilesInputPanel',
+onlineHelp: 'qm_sharedfiles',
+
+insideWizard: false,
+
+onGetValues: function(values) {
+ var me = this;
+ var confid = me.confid;
+ var params = {};
+ params[confid] = PVE.Parser.printPropertyString(values, 'type');
+ return params;
+},
+
+setSharedfiles: fun
Re: [pve-devel] [PATCH qemu-server v4 0/5] vIOMMU-Feature
Ping, because of demand from users. On 11/25/22 15:08, Markus Frank wrote: qemu-server: v4: * added kvm/q35 checks in API * reused pve-qemu-machine v3: * replaced old machine type with property-string with viommu-parameter v2: * moved viommu-parameter inside of machine_fmt and added it the new parameter machine_properties new Config -> machine_properties: viommu=1,etc * check if kvm and q35 are set Markus Frank (3): tests: replaced somemachine&someothermachine with q35&pc fix #3784: Parameter for guest vIOMMU & machine as property-string added test-cases for new machine-syntax & viommu PVE/API2/Qemu.pm | 21 +-- PVE/QemuConfig.pm | 3 +- PVE/QemuServer.pm | 55 ++- PVE/QemuServer/Machine.pm | 6 +- test/cfg2cmd/viommu.conf | 1 + test/cfg2cmd/viommu.conf.cmd | 23 test/restore-config-expected/401.conf | 14 + test/restore-config-expected/402.conf | 14 + test/restore-config-input/401.conf| 14 + test/restore-config-input/402.conf| 14 + test/run_qemu_restore_config_tests.pl | 2 +- .../commit/qemu-server/101.conf | 2 +- .../commit/qemu-server/102.conf | 2 +- .../commit/qemu-server/201.conf | 2 +- .../commit/qemu-server/202.conf | 2 +- .../commit/qemu-server/203.conf | 2 +- .../create/qemu-server/102.conf | 2 +- .../create/qemu-server/104.conf | 4 +- .../create/qemu-server/106.conf | 2 +- .../create/qemu-server/301.conf | 2 +- .../create/qemu-server/302.conf | 2 +- .../create/qemu-server/401.conf | 32 +++ .../create/qemu-server/402.conf | 53 ++ .../delete/qemu-server/203.conf | 2 +- .../delete/qemu-server/204.conf | 2 +- .../prepare/qemu-server/102.conf | 2 +- .../prepare/qemu-server/104.conf | 2 +- .../rollback/qemu-server/101.conf | 2 +- .../rollback/qemu-server/106.conf | 4 +- .../rollback/qemu-server/201.conf | 2 +- .../rollback/qemu-server/202.conf | 2 +- .../rollback/qemu-server/203.conf | 2 +- .../rollback/qemu-server/204.conf | 2 +- .../rollback/qemu-server/205.conf | 2 +- .../rollback/qemu-server/301.conf | 2 +- .../rollback/qemu-server/302.conf | 2 +- .../rollback/qemu-server/303.conf | 2 +- .../commit/qemu-server/101.conf | 2 +- .../commit/qemu-server/102.conf | 2 +- .../commit/qemu-server/201.conf | 2 +- .../commit/qemu-server/202.conf | 2 +- .../commit/qemu-server/203.conf | 2 +- .../create/qemu-server/104.conf | 2 +- .../create/qemu-server/401.conf | 14 + .../create/qemu-server/402.conf | 33 +++ .../delete/qemu-server/101.conf | 2 +- .../delete/qemu-server/203.conf | 2 +- .../delete/qemu-server/204.conf | 2 +- .../rollback/qemu-server/101.conf | 2 +- .../rollback/qemu-server/102.conf | 2 +- .../rollback/qemu-server/103.conf | 2 +- .../rollback/qemu-server/104.conf | 2 +- .../rollback/qemu-server/106.conf | 4 +- .../rollback/qemu-server/201.conf | 2 +- .../rollback/qemu-server/202.conf | 2 +- .../rollback/qemu-server/203.conf | 2 +- .../rollback/qemu-server/204.conf | 2 +- .../rollback/qemu-server/205.conf | 2 +- .../rollback/qemu-server/301.conf | 2 +- .../rollback/qemu-server/302.conf | 2 +- .../rollback/qemu-server/303.conf | 2 +- test/snapshot-test.pm | 8 ++- 62 files changed, 344 insertions(+), 61 deletions(-) create mode 100644 test/cfg2cmd/viommu.conf create mode 100644 test/cfg2cmd/viommu.conf.cmd create mode 100644 test/restore-config-expected/401.conf create mode 100644 test/restore-config-expected/402.conf create mode 100644 test/restore-config-input/401.conf create mode 100644 test/restore-config-input/402.conf create mode 100644 test/snapshot-expected/create/qemu-server/401.conf create mode 100644 test/snapshot-expected/create/qemu-server/402.conf create mode 100644 test/snapshot-input/create/qemu-server/401.conf create mode 100644 test/snapshot-input/create/qemu-server/402.conf docs: Markus Frank (1): added vIOMMU documentation qm-pci-passthrough.adoc | 25 + 1 file changed, 25 insertions(+) mana
Re: [pve-devel] [PATCH docs v4 4/5] added vIOMMU documentation
On 1/13/23 11:09, Wolfgang Bumiller wrote:
On Fri, Nov 25, 2022 at 03:08:56PM +0100, Markus Frank wrote:
Signed-off-by: Markus Frank
---
qm-pci-passthrough.adoc | 25 +
1 file changed, 25 insertions(+)
diff --git a/qm-pci-passthrough.adoc b/qm-pci-passthrough.adoc
index fa6ba35..7ed4d49 100644
--- a/qm-pci-passthrough.adoc
+++ b/qm-pci-passthrough.adoc
@@ -389,6 +389,31 @@ Example configuration with an `Intel GVT-g vGPU` (`Intel
Skylake 6700k`):
With this set, {pve} automatically creates such a device on VM start, and
cleans it up again when the VM stops.
+[[qm_pci_viommu]]
+vIOMMU
+~~
+
+vIOMMU enables the option to passthrough pci devices to Level-2 VMs
+in Level-1 VMs via Nested Virtualisation.
+
+Host-Requirement: Set `intel_iommu=on` or `amd_iommu=on` depending on your
+CPU.
And by "CPU" you mean kernel command line? ;-)
Host-Requirement: Add `intel_iommu=on` or `amd_iommu=on`
depending on your CPU to your kernel command line.
like this?
+
+VM-Requirement: For both Intel and AMD CPUs you will have to set
+`intel_iommu=on` as a Linux boot parameter in the vIOMMU-enabled-VM, because
+Qemu implements the Intel variant.
^ As mentioned, there does appear to be an amd_iommu device in the qemu
code, so would the amd variant work?
In my reply to the code patch I mentioned checking the host arch. But if
you say we can use intel_iommu on AMD as well, I'd say, if both work,
give the user a choice, otherwise we can of course just stick to the one
that works ;-)
intel_iommu works better on my AMD CPU than amd_iommu ;)
Moreover it adds an extra AMDVI-PCI device that is using the first pci address.
`kvm: -device VGA,id=vga,bus=pcie.0,addr=0x1: PCI: slot 1 function 0 not
available for VGA, in use by AMDVI-PCI,id=(null)`
I cannot find any good documentation for amd_iommu but it also seems like
it has less features.
$ qemu-system-x86_64 -device 'amd-iommu,help'
amd-iommu options:
device-iotlb=- (default: false)
intremap= - on/off/auto (default: "auto")
pt= - (default: true)
$ qemu-system-x86_64 -device 'intel-iommu,help'
intel-iommu options:
aw-bits=- (default: 39)
caching-mode=- (default: false)
device-iotlb=- (default: false)
dma-drain= - (default: true)
dma-translation= - (default: true)
eim=- on/off/auto (default: "auto")
intremap= - on/off/auto (default: "auto")
pt= - (default: true)
snoop-control= - (default: false)
version= - (default: 0)
x-buggy-eim= - (default: false)
x-pasid-mode=- (default: false)
x-scalable-mode= - (default: false)
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH docs v4 4/5] added vIOMMU documentation
On 1/16/23 11:00, Wolfgang Bumiller wrote:
On Fri, Jan 13, 2023 at 02:31:36PM +0100, Markus Frank wrote:
On 1/13/23 11:09, Wolfgang Bumiller wrote:
On Fri, Nov 25, 2022 at 03:08:56PM +0100, Markus Frank wrote:
Signed-off-by: Markus Frank
---
qm-pci-passthrough.adoc | 25 +
1 file changed, 25 insertions(+)
diff --git a/qm-pci-passthrough.adoc b/qm-pci-passthrough.adoc
index fa6ba35..7ed4d49 100644
--- a/qm-pci-passthrough.adoc
+++ b/qm-pci-passthrough.adoc
@@ -389,6 +389,31 @@ Example configuration with an `Intel GVT-g vGPU` (`Intel
Skylake 6700k`):
With this set, {pve} automatically creates such a device on VM start, and
cleans it up again when the VM stops.
+[[qm_pci_viommu]]
+vIOMMU
+~~
+
+vIOMMU enables the option to passthrough pci devices to Level-2 VMs
+in Level-1 VMs via Nested Virtualisation.
+
+Host-Requirement: Set `intel_iommu=on` or `amd_iommu=on` depending on your
+CPU.
And by "CPU" you mean kernel command line? ;-)
Host-Requirement: Add `intel_iommu=on` or `amd_iommu=on`
depending on your CPU to your kernel command line.
like this?
+
+VM-Requirement: For both Intel and AMD CPUs you will have to set
+`intel_iommu=on` as a Linux boot parameter in the vIOMMU-enabled-VM, because
+Qemu implements the Intel variant.
^ As mentioned, there does appear to be an amd_iommu device in the qemu
code, so would the amd variant work?
In my reply to the code patch I mentioned checking the host arch. But if
you say we can use intel_iommu on AMD as well, I'd say, if both work,
give the user a choice, otherwise we can of course just stick to the one
that works ;-)
intel_iommu works better on my AMD CPU than amd_iommu ;)
Can you define "better"?
My main concern is that if we don't give users the option to choose, the
only data point we have is yours ;-)
If we explicitly mention that you can use one on the other in the docs,
people can try it themselves and maybe we'll see some feedback on the
forums etc.
However, I'm fine with a patch for only the intel version for now as we
can always add an option later.
Moreover it adds an extra AMDVI-PCI device that is using the first pci address.
`kvm: -device VGA,id=vga,bus=pcie.0,addr=0x1: PCI: slot 1 function 0 not
available for VGA, in use by AMDVI-PCI,id=(null)`
For that I'd say, try to add the AMDVI-PCI device manually to an
explicitly chosen slot. We need to avoid automatically added devices
like the plague, because moving them later can break live snapshots (and
windows).
I manually added a AMDVI-PCI device with a explicitly chosen slot but
amd-iommu still adds an extra AMDVI-PCI device.
I do not see any way to prevent this or to change the address
of the additionally added AMDVI-PCI device (from amd-iommu).
I think amd-iommu is very impractical if we cannot set this slot manually.
I cannot find any good documentation for amd_iommu but it also seems like
it has less features.
Less, or just not configurable? ;-)
I mean, if it works it works ;-)
$ qemu-system-x86_64 -device 'amd-iommu,help'
amd-iommu options:
device-iotlb=- (default: false)
intremap= - on/off/auto (default: "auto")
pt= - (default: true)
$ qemu-system-x86_64 -device 'intel-iommu,help'
intel-iommu options:
aw-bits=- (default: 39)
caching-mode=- (default: false)
device-iotlb=- (default: false)
dma-drain= - (default: true)
dma-translation= - (default: true)
eim=- on/off/auto (default: "auto")
intremap= - on/off/auto (default: "auto")
pt= - (default: true)
snoop-control= - (default: false)
version= - (default: 0)
x-buggy-eim= - (default: false)
x-pasid-mode=- (default: false)
x-scalable-mode= - (default: false)
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v5 3/5] added test-cases for new machine-syntax & viommu
added two test-cases to test the new machine parameter with viommu Signed-off-by: Markus Frank --- test/cfg2cmd/q35-viommu-alt.conf | 1 + test/cfg2cmd/q35-viommu-alt.conf.cmd | 23 +++ test/cfg2cmd/q35-viommu.conf | 1 + test/cfg2cmd/q35-viommu.conf.cmd | 23 +++ 4 files changed, 48 insertions(+) create mode 100644 test/cfg2cmd/q35-viommu-alt.conf create mode 100644 test/cfg2cmd/q35-viommu-alt.conf.cmd create mode 100644 test/cfg2cmd/q35-viommu.conf create mode 100644 test/cfg2cmd/q35-viommu.conf.cmd diff --git a/test/cfg2cmd/q35-viommu-alt.conf b/test/cfg2cmd/q35-viommu-alt.conf new file mode 100644 index 000..44d38e2 --- /dev/null +++ b/test/cfg2cmd/q35-viommu-alt.conf @@ -0,0 +1 @@ +machine: q35,viommu=1 diff --git a/test/cfg2cmd/q35-viommu-alt.conf.cmd b/test/cfg2cmd/q35-viommu-alt.conf.cmd new file mode 100644 index 000..24e873d --- /dev/null +++ b/test/cfg2cmd/q35-viommu-alt.conf.cmd @@ -0,0 +1,23 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'intel-iommu,intremap=on,caching-mode=on' \ + -readconfig /usr/share/qemu-server/pve-q35-4.0.cfg \ + -device 'usb-tablet,id=tablet,bus=ehci.0,port=1' \ + -device 'VGA,id=vga,bus=pcie.0,addr=0x1' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=q35+pve0,kernel-irqchip=split' diff --git a/test/cfg2cmd/q35-viommu.conf b/test/cfg2cmd/q35-viommu.conf new file mode 100644 index 000..6925a74 --- /dev/null +++ b/test/cfg2cmd/q35-viommu.conf @@ -0,0 +1 @@ +machine: type=q35,viommu=1 diff --git a/test/cfg2cmd/q35-viommu.conf.cmd b/test/cfg2cmd/q35-viommu.conf.cmd new file mode 100644 index 000..24e873d --- /dev/null +++ b/test/cfg2cmd/q35-viommu.conf.cmd @@ -0,0 +1,23 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'intel-iommu,intremap=on,caching-mode=on' \ + -readconfig /usr/share/qemu-server/pve-q35-4.0.cfg \ + -device 'usb-tablet,id=tablet,bus=ehci.0,port=1' \ + -device 'VGA,id=vga,bus=pcie.0,addr=0x1' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=q35+pve0,kernel-irqchip=split' -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server/manager/docs v5 0/5] vIOMMU-Feature
qemu-server: v5: * set $kvm to 1 if is_native, so that api kvm check works. v4: * added kvm/q35 checks in API * reused pve-qemu-machine v3: * replaced old machine type with property-string with viommu-parameter v2: * moved viommu-parameter inside of machine_fmt and added it the new parameter machine_properties new Config -> machine_properties: viommu=1,etc * check if kvm and q35 are set Markus Frank (3): tests: replaced somemachine&someothermachine with q35&pc fix #3784: Parameter for guest vIOMMU & machine as property-string added test-cases for new machine-syntax & viommu PVE/API2/Qemu.pm | 23 ++-- PVE/QemuConfig.pm | 3 +- PVE/QemuServer.pm | 52 +-- PVE/QemuServer/Machine.pm | 6 ++- test/cfg2cmd/q35-viommu-alt.conf | 1 + test/cfg2cmd/q35-viommu-alt.conf.cmd | 23 test/cfg2cmd/q35-viommu.conf | 1 + test/cfg2cmd/q35-viommu.conf.cmd | 23 .../commit/qemu-server/101.conf | 2 +- .../commit/qemu-server/102.conf | 2 +- .../commit/qemu-server/201.conf | 2 +- .../commit/qemu-server/202.conf | 2 +- .../commit/qemu-server/203.conf | 2 +- .../create/qemu-server/102.conf | 2 +- .../create/qemu-server/104.conf | 4 +- .../create/qemu-server/106.conf | 2 +- .../create/qemu-server/301.conf | 2 +- .../create/qemu-server/302.conf | 2 +- .../delete/qemu-server/203.conf | 2 +- .../delete/qemu-server/204.conf | 2 +- .../prepare/qemu-server/102.conf | 2 +- .../prepare/qemu-server/104.conf | 2 +- .../rollback/qemu-server/101.conf | 2 +- .../rollback/qemu-server/106.conf | 4 +- .../rollback/qemu-server/201.conf | 2 +- .../rollback/qemu-server/202.conf | 2 +- .../rollback/qemu-server/203.conf | 2 +- .../rollback/qemu-server/204.conf | 2 +- .../rollback/qemu-server/205.conf | 2 +- .../rollback/qemu-server/301.conf | 2 +- .../rollback/qemu-server/302.conf | 2 +- .../rollback/qemu-server/303.conf | 2 +- .../commit/qemu-server/101.conf | 2 +- .../commit/qemu-server/102.conf | 2 +- .../commit/qemu-server/201.conf | 2 +- .../commit/qemu-server/202.conf | 2 +- .../commit/qemu-server/203.conf | 2 +- .../create/qemu-server/104.conf | 2 +- .../delete/qemu-server/101.conf | 2 +- .../delete/qemu-server/203.conf | 2 +- .../delete/qemu-server/204.conf | 2 +- .../rollback/qemu-server/101.conf | 2 +- .../rollback/qemu-server/102.conf | 2 +- .../rollback/qemu-server/103.conf | 2 +- .../rollback/qemu-server/104.conf | 2 +- .../rollback/qemu-server/106.conf | 4 +- .../rollback/qemu-server/201.conf | 2 +- .../rollback/qemu-server/202.conf | 2 +- .../rollback/qemu-server/203.conf | 2 +- .../rollback/qemu-server/204.conf | 2 +- .../rollback/qemu-server/205.conf | 2 +- .../rollback/qemu-server/301.conf | 2 +- .../rollback/qemu-server/302.conf | 2 +- .../rollback/qemu-server/303.conf | 2 +- test/snapshot-test.pm | 2 +- 55 files changed, 173 insertions(+), 59 deletions(-) create mode 100644 test/cfg2cmd/q35-viommu-alt.conf create mode 100644 test/cfg2cmd/q35-viommu-alt.conf.cmd create mode 100644 test/cfg2cmd/q35-viommu.conf create mode 100644 test/cfg2cmd/q35-viommu.conf.cmd docs: v5: * changed Host and VM Requirements Markus Frank (1): added vIOMMU documentation qm-pci-passthrough.adoc | 25 + 1 file changed, 25 insertions(+) manager: v5: * added check if kvm is undefined or null v4: * check if kvm is enabled * added kvm+q35 hint Markus Frank (1): ui: MachineEdit with viommu checkbox www/manager6/qemu/MachineEdit.js | 58 1 file changed, 58 insertions(+) -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-server v5 2/5] feature #3784: Parameter for guest vIOMMU & machine as property-string
vIOMMU enables the option to passthrough pci devices to L2 VMs
in L1 VMs via Nested Virtualisation.
QEMU-Parameters:
https://www.qemu.org/docs/master/system/qemu-manpage.html
https://wiki.qemu.org/Features/VT-d
-machine ...,kernel-irqchip=split:
"split" because of intremap see below.
-device intel-iommu:
* caching-mode=on:
"It is required for -device vfio-pci to work with the VT-d device, because host
assigned devices requires to setup the DMA mapping on the host before guest DMA
starts."
* intremap=on:
"This enables interrupt remapping feature. It's required to enable complete
x2apic. Currently it only supports kvm kernel-irqchip modes off or split, while
full kernel-irqchip is not yet supported."
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 23 ++---
PVE/QemuConfig.pm | 3 ++-
PVE/QemuServer.pm | 52 ---
PVE/QemuServer/Machine.pm | 6 +++--
4 files changed, 75 insertions(+), 9 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index c87602d..4e089f6 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -979,13 +979,21 @@ __PACKAGE__->register_method({
$conf->{vmgenid} = PVE::QemuServer::generate_uuid();
}
- my $machine = $conf->{machine};
+ my $machine_conf =
PVE::QemuServer::parse_machine($conf->{machine});
+ my $machine = $machine_conf->{type};
if (!$machine || $machine =~ m/^(?:pc|q35|virt)$/) {
# always pin Windows' machine version on create, they
get to easily confused
if
(PVE::QemuServer::Helpers::windows_version($conf->{ostype})) {
- $conf->{machine} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $machine_conf->{type} =
PVE::QemuServer::windows_get_pinned_machine_version($machine);
+ $conf->{machine} =
PVE::QemuServer::print_machine($machine_conf);
}
}
+ my $q35 = $machine_conf->{type} && ($machine_conf->{type}
=~ m/q35/) ? 1 : 0;
+ my $kvm = $conf->{kvm};
+ $kvm //= 1 if PVE::QemuServer::is_native($arch);
+ if ($machine_conf->{viommu} && (!$kvm || !$q35)) {
+ die "to use vIOMMU please enable kvm and set the
machine type to q35\n";
+ }
PVE::QemuConfig->write_config($vmid, $conf);
@@ -1770,7 +1778,16 @@ my $update_vm_api = sub {
} elsif ($opt eq 'tags') {
assert_tag_permissions($vmid, $conf->{$opt},
$param->{$opt}, $rpcenv, $authuser);
$conf->{pending}->{$opt} =
PVE::GuestHelpers::get_unique_tags($param->{$opt});
- } else {
+ } elsif ($opt eq 'machine') {
+ my $machine_conf =
PVE::QemuServer::parse_machine($param->{$opt});
+ my $q35 = $machine_conf->{type} && ($machine_conf->{type}
=~ m/q35/) ? 1 : 0;
+ my $kvm = $conf->{kvm};
+ $kvm //= 1 if PVE::QemuServer::is_native($arch);
+ if ($machine_conf->{viommu} && (!$kvm || !$q35)) {
+ die "to use vIOMMU please enable kvm and set the
machine type to q35\n";
+ }
+ $conf->{pending}->{$opt} = $param->{$opt};
+ }else {
$conf->{pending}->{$opt} = $param->{$opt};
if ($opt eq 'boot') {
diff --git a/PVE/QemuConfig.pm b/PVE/QemuConfig.pm
index 051382c..7c998ef 100644
--- a/PVE/QemuConfig.pm
+++ b/PVE/QemuConfig.pm
@@ -433,7 +433,8 @@ sub __snapshot_rollback_hook {
} else {
# Note: old code did not store 'machine', so we try to be smart
# and guess the snapshot was generated with kvm 1.4 (pc-i440fx-1.4).
- $data->{forcemachine} = $conf->{machine} || 'pc-i440fx-1.4';
+ my $machine_conf = PVE::QemuServer::parse_machine($conf->{machine});
+ $data->{forcemachine} = $machine_conf->{type} || 'pc-i440fx-1.4';
# we remove the 'machine' configuration if not explicitly specified
# in the original config.
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index 987908d..55c11d5 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -124,6 +124,19 @@
PVE::JSONSchema::register_standard_option('pve-qemu-machine', {
optional => 1,
});
+my $machine_fmt = {
+type => get_standard_option('pve-qemu-machine', {
+ default_key => 1,
+ form
pve-devel@lists.proxmox.com
needed for new machine parameter parse_property_string checks for the regex, therefore the test-cases with somemachine & someothermachine always fail. So I changed somemachine & someothermachine to q35 & pc with sed sed -i 's/somemachine/q35/g' sed -i 's/someothermachine/pc/g' Signed-off-by: Markus Frank --- test/snapshot-expected/commit/qemu-server/101.conf | 2 +- test/snapshot-expected/commit/qemu-server/102.conf | 2 +- test/snapshot-expected/commit/qemu-server/201.conf | 2 +- test/snapshot-expected/commit/qemu-server/202.conf | 2 +- test/snapshot-expected/commit/qemu-server/203.conf | 2 +- test/snapshot-expected/create/qemu-server/102.conf | 2 +- test/snapshot-expected/create/qemu-server/104.conf | 4 ++-- test/snapshot-expected/create/qemu-server/106.conf | 2 +- test/snapshot-expected/create/qemu-server/301.conf | 2 +- test/snapshot-expected/create/qemu-server/302.conf | 2 +- test/snapshot-expected/delete/qemu-server/203.conf | 2 +- test/snapshot-expected/delete/qemu-server/204.conf | 2 +- test/snapshot-expected/prepare/qemu-server/102.conf | 2 +- test/snapshot-expected/prepare/qemu-server/104.conf | 2 +- test/snapshot-expected/rollback/qemu-server/101.conf | 2 +- test/snapshot-expected/rollback/qemu-server/106.conf | 4 ++-- test/snapshot-expected/rollback/qemu-server/201.conf | 2 +- test/snapshot-expected/rollback/qemu-server/202.conf | 2 +- test/snapshot-expected/rollback/qemu-server/203.conf | 2 +- test/snapshot-expected/rollback/qemu-server/204.conf | 2 +- test/snapshot-expected/rollback/qemu-server/205.conf | 2 +- test/snapshot-expected/rollback/qemu-server/301.conf | 2 +- test/snapshot-expected/rollback/qemu-server/302.conf | 2 +- test/snapshot-expected/rollback/qemu-server/303.conf | 2 +- test/snapshot-input/commit/qemu-server/101.conf | 2 +- test/snapshot-input/commit/qemu-server/102.conf | 2 +- test/snapshot-input/commit/qemu-server/201.conf | 2 +- test/snapshot-input/commit/qemu-server/202.conf | 2 +- test/snapshot-input/commit/qemu-server/203.conf | 2 +- test/snapshot-input/create/qemu-server/104.conf | 2 +- test/snapshot-input/delete/qemu-server/101.conf | 2 +- test/snapshot-input/delete/qemu-server/203.conf | 2 +- test/snapshot-input/delete/qemu-server/204.conf | 2 +- test/snapshot-input/rollback/qemu-server/101.conf| 2 +- test/snapshot-input/rollback/qemu-server/102.conf| 2 +- test/snapshot-input/rollback/qemu-server/103.conf| 2 +- test/snapshot-input/rollback/qemu-server/104.conf| 2 +- test/snapshot-input/rollback/qemu-server/106.conf| 4 ++-- test/snapshot-input/rollback/qemu-server/201.conf| 2 +- test/snapshot-input/rollback/qemu-server/202.conf| 2 +- test/snapshot-input/rollback/qemu-server/203.conf| 2 +- test/snapshot-input/rollback/qemu-server/204.conf| 2 +- test/snapshot-input/rollback/qemu-server/205.conf| 2 +- test/snapshot-input/rollback/qemu-server/301.conf| 2 +- test/snapshot-input/rollback/qemu-server/302.conf| 2 +- test/snapshot-input/rollback/qemu-server/303.conf| 2 +- test/snapshot-test.pm| 2 +- 47 files changed, 50 insertions(+), 50 deletions(-) diff --git a/test/snapshot-expected/commit/qemu-server/101.conf b/test/snapshot-expected/commit/qemu-server/101.conf index 060676e..82c9522 100644 --- a/test/snapshot-expected/commit/qemu-server/101.conf +++ b/test/snapshot-expected/commit/qemu-server/101.conf @@ -18,7 +18,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/102.conf b/test/snapshot-expected/commit/qemu-server/102.conf index 13f33a3..01b8531 100644 --- a/test/snapshot-expected/commit/qemu-server/102.conf +++ b/test/snapshot-expected/commit/qemu-server/102.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/201.conf b/test/snapshot-expected/commit/qemu-server/201.conf index 63a6d77..f8e99dd 100644 --- a/test/snapshot-expected/commit/qemu-server/201.conf +++ b/test/snapshot-expected/commit/qemu-server/201.conf @@ -34,7 +34,7 @@ bootdisk: ide0 cores: 4 ide0: somestore:somedisk,discard=on,size=32G ide2: none,media=cdrom -machine: somemachine +machine: q35 memory: 8192 name: win net0: e1000=12:34:56:78:90:12,bridge=somebr0,firewall=1 diff --git a/test/snapshot-expected/commit/qemu-server/202.conf b/test/snapshot-expected/commit/qemu-server/202.conf index 4c6b84d..a221ba0 100644 --- a/test/snapshot-expected/commit/qemu-server/202.conf +++ b/test/snapshot-expected/commit/qem
[pve-devel] [PATCH manager v5 5/5] ui: MachineEdit with viommu checkbox
Added a checkbox to enable viommu, if q35 is selected.
Otherwise (i440fx & !kvm) the checkbox is disabled, if not ticked on
before. If ticked on before, the user is able to uncheck the checkbox.
If kvm is deactivated or i440fx is selected, a hint tells that q35 and
kvm are required for vIOMMU.
The UI also needs to parse the new machine parameter as PropertyString.
Signed-off-by: Markus Frank
---
www/manager6/qemu/MachineEdit.js | 58
1 file changed, 58 insertions(+)
diff --git a/www/manager6/qemu/MachineEdit.js b/www/manager6/qemu/MachineEdit.js
index f928c80c..d7650ea9 100644
--- a/www/manager6/qemu/MachineEdit.js
+++ b/www/manager6/qemu/MachineEdit.js
@@ -1,6 +1,7 @@
Ext.define('PVE.qemu.MachineInputPanel', {
extend: 'Proxmox.panel.InputPanel',
xtype: 'pveMachineInputPanel',
+onlineHelp: 'qm_pci_viommu',
controller: {
xclass: 'Ext.app.ViewController',
@@ -12,11 +13,26 @@ Ext.define('PVE.qemu.MachineInputPanel', {
onMachineChange: function(field, value) {
let me = this;
let version = me.lookup('version');
+ let kvm = me.lookup('kvm');
+ let viommu = me.lookup('viommu');
+ let kvmHint = me.lookup('kvmQ35Hint');
let store = version.getStore();
let oldRec = store.findRecord('id', version.getValue(), 0, false,
false, true);
let type = value === 'q35' ? 'q35' : 'i440fx';
store.clearFilter();
store.addFilter(val => val.data.id === 'latest' || val.data.type
=== type);
+ if ((type === 'q35' && kvm.getValue()) || viommu.getValue()) {
+ viommu.setDisabled(false);
+ kvmHint.setVisible(false);
+ } else {
+ // disable checkbox if vIOMMU is not possible and checkbox was
not
+ // ticked on before
+ viommu.setDisabled(true);
+ }
+ if (type === 'i440fx' || !kvm.getValue()) {
+ // show hint when vIOMMU cannot be used
+ kvmHint.setVisible(true);
+ }
if (!me.getView().isWindows) {
version.setValue('latest');
} else {
@@ -38,14 +54,27 @@ Ext.define('PVE.qemu.MachineInputPanel', {
if (values.version && values.version !== 'latest') {
values.machine = values.version;
delete values.delete;
+ } else if (values.machine === undefined && values.viommu) {
+ // set machine to pc to raise the viommu + i440fx error
+ // from qemu-server instead of a regex error
+ values.machine = "pc";
+ delete values.delete;
}
delete values.version;
+ if (values.viommu) {
+ values.machine += ",viommu=1";
+ }
+ delete values.viommu;
+ delete values.kvm;
return values;
},
setValues: function(values) {
let me = this;
+ let machineConf = PVE.Parser.parsePropertyString(values.machine,
"type");
+ values.machine = machineConf.type;
+
me.isWindows = values.isWindows;
if (values.machine === 'pc') {
values.machine = '__default__';
@@ -58,6 +87,11 @@ Ext.define('PVE.qemu.MachineInputPanel', {
values.version = 'pc-q35-5.1';
}
}
+
+ me.lookup('kvm').setValue(values.kvm);
+ values.viommu = machineConf.viommu === '1';
+ me.lookup('viommu').setValue(values.viommu);
+
if (values.machine !== '__default__' && values.machine !== 'q35') {
values.version = values.machine;
values.machine = values.version.match(/q35/) ? 'q35' :
'__default__';
@@ -113,6 +147,26 @@ Ext.define('PVE.qemu.MachineInputPanel', {
fieldLabel: gettext('Note'),
value: gettext('Machine version change may affect hardware layout
and settings in the guest OS.'),
},
+ {
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('vIOMMU'),
+ name: 'viommu',
+ reference: 'viommu',
+ },
+ {
+ xtype: 'proxmoxcheckbox',
+ name: 'kvm',
+ reference: 'kvm',
+ hidden: true,
+ },
+ {
+ xtype: 'displayfield',
+ name: 'kvmQ35Hint',
+ reference: 'kvmQ35Hint',
+ userCls: 'pmx-hint',
+ value: gettext('vIOMMU needs kvm enabled and q35 firmware'),
+ hidden: t
[pve-devel] [PATCH docs v5 4/5] added vIOMMU documentation
Signed-off-by: Markus Frank
---
qm-pci-passthrough.adoc | 25 +
1 file changed, 25 insertions(+)
diff --git a/qm-pci-passthrough.adoc b/qm-pci-passthrough.adoc
index df6cf21..0db9b06 100644
--- a/qm-pci-passthrough.adoc
+++ b/qm-pci-passthrough.adoc
@@ -400,6 +400,31 @@ Example configuration with an `Intel GVT-g vGPU` (`Intel
Skylake 6700k`):
With this set, {pve} automatically creates such a device on VM start, and
cleans it up again when the VM stops.
+[[qm_pci_viommu]]
+vIOMMU
+~~
+
+vIOMMU enables the option to passthrough pci devices to Level-2 VMs
+in Level-1 VMs via Nested Virtualisation.
+
+Host Requirement: Add `intel_iommu=on` or `amd_iommu=on`
+depending on your CPU to your kernel command line.
+
+VM Requirement: For both Intel and AMD CPUs, set `intel_iommu=on`
+as the kernel parameter in the vIOMMU enabled VM, since qemu-server currently
+uses the Intel variant. The guest vIOMMU only works with the *q35* machine
+type and with *kvm* enabled.
+
+To enable vIOMMU, add `viommu=1` to the machine-parameter in the
+configuration of the VM that should be able to passthrough pci devices.
+
+
+# qm set VMID -machine q35,viommu=1
+
+
+
+https://wiki.qemu.org/Features/VT-d
+
ifdef::wiki[]
See Also
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH novnc 1/3] replaced check for VERSION file with check for package.json
Signed-off-by: Markus Frank
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 4f64bbe..9591e35 100644
--- a/Makefile
+++ b/Makefile
@@ -34,7 +34,7 @@ ${DSC}: ${BUILDDIR}
.PHONY: submodule
submodule:
- test -f "${SRCDIR}/VERSION" || git submodule update --init
+ test -f "${SRCDIR}/package.json" || git submodule update --init
.PHONY: download
download ${SRCDIR}:
--
2.30.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH novnc 3/3] bump version to 1.4.0-1
Signed-off-by: Markus Frank --- debian/changelog | 8 1 file changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index 04939cd..e8cb27c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +novnc-pve (1.4.0-1) bullseye; urgency=medium + + * upgrade noVNC and patches to new 1.4.0 upstream release + + * check for package.json instead of VERSION in Makefile + + -- Proxmox Support Team Thu, 02 Feb 2023 10:06:55 +0200 + novnc-pve (1.3.0-3) bullseye; urgency=medium * skip confirmation in start button -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH novnc 2/3] upgrade novnc and patches to 1.4.0
rebase patches for 1.4.0
Signed-off-by: Markus Frank
---
.../0001-add-PVE-specific-JS-code.patch | 39 +-
...002-add-custom-fbresize-event-on-rfb.patch | 15 ++--
...nge-scaling-when-toggling-fullscreen.patch | 9 ++-
debian/patches/0004-add-pve-style.patch | 15 ++--
debian/patches/0005-remove-vnc-logos.patch| 56 +++
...rectory-for-fetching-images-js-files.patch | 72 ++-
.../patches/0007-add-pve-vnc-commands.patch | 7 +-
...add-replaceable-snippets-in-vnc.html.patch | 9 ++-
.../0009-decrease-animation-time.patch| 21 +++---
debian/patches/0010-use-only-app.js.patch | 7 +-
.../0011-add-localCursor-setting-to-rfb.patch | 35 -
.../0012-pass-custom-command-to-vnc.patch | 3 +
...ove-the-default-value-of-wsProtocols.patch | 13 ++--
...passing-deprecated-upgrade-parameter.patch | 3 +
...-create-own-class-for-hidden-buttons.patch | 7 +-
...-button-on-isFullscreen-get-variable.patch | 3 +
debian/patches/0017-make-error-hideable.patch | 60
...ow-start-button-on-not-running-vm-ct.patch | 13 ++--
.../0001-Ignore-ResizeObserver-errors.patch | 31
debian/patches/series | 1 -
20 files changed, 218 insertions(+), 201 deletions(-)
delete mode 100644 debian/patches/extra/0001-Ignore-ResizeObserver-errors.patch
diff --git a/debian/patches/0001-add-PVE-specific-JS-code.patch
b/debian/patches/0001-add-PVE-specific-JS-code.patch
index f1cd8da..4e1a5c6 100644
--- a/debian/patches/0001-add-PVE-specific-JS-code.patch
+++ b/debian/patches/0001-add-PVE-specific-JS-code.patch
@@ -452,10 +452,10 @@ index 000..e3c7758
+},
+};
diff --git a/app/ui.js b/app/ui.js
-index cb6a9fd..6b4442f 100644
+index c1f6776..5ebb134 100644
--- a/app/ui.js
+++ b/app/ui.js
-@@ -16,6 +16,7 @@ import keysyms from "../core/input/keysymdef.js";
+@@ -17,6 +17,7 @@ import keysyms from "../core/input/keysymdef.js";
import Keyboard from "../core/input/keyboard.js";
import RFB from "../core/rfb.js";
import * as WebUtil from "./webutil.js";
@@ -463,7 +463,7 @@ index cb6a9fd..6b4442f 100644
const PAGE_TITLE = "noVNC";
-@@ -56,6 +57,8 @@ const UI = {
+@@ -57,6 +58,8 @@ const UI = {
// Render default UI and initialize settings menu
start() {
@@ -472,7 +472,7 @@ index cb6a9fd..6b4442f 100644
UI.initSettings();
// Translate the DOM
-@@ -100,6 +103,9 @@ const UI = {
+@@ -108,6 +111,9 @@ const UI = {
UI.addConnectionControlHandlers();
UI.addClipboardHandlers();
UI.addSettingsHandlers();
@@ -482,7 +482,7 @@ index cb6a9fd..6b4442f 100644
document.getElementById("noVNC_status")
.addEventListener('click', UI.hideStatus);
-@@ -108,19 +114,15 @@ const UI = {
+@@ -116,19 +122,15 @@ const UI = {
UI.openControlbar();
@@ -506,7 +506,7 @@ index cb6a9fd..6b4442f 100644
return Promise.resolve(UI.rfb);
},
-@@ -164,11 +166,12 @@ const UI = {
+@@ -172,11 +174,12 @@ const UI = {
/* Populate the controls if defaults are provided in the URL */
UI.initSetting('host', window.location.hostname);
UI.initSetting('port', port);
@@ -520,7 +520,7 @@ index cb6a9fd..6b4442f 100644
UI.initSetting('shared', true);
UI.initSetting('view_only', false);
UI.initSetting('show_dot', false);
-@@ -347,6 +350,7 @@ const UI = {
+@@ -357,6 +360,7 @@ const UI = {
UI.addSettingChangeHandler('resize');
UI.addSettingChangeHandler('resize', UI.applyResizeMode);
UI.addSettingChangeHandler('resize', UI.updateViewClip);
@@ -528,7 +528,7 @@ index cb6a9fd..6b4442f 100644
UI.addSettingChangeHandler('quality');
UI.addSettingChangeHandler('quality', UI.updateQuality);
UI.addSettingChangeHandler('compression');
-@@ -401,6 +405,9 @@ const UI = {
+@@ -411,6 +415,9 @@ const UI = {
document.documentElement.classList.add("noVNC_connecting");
break;
case 'connected':
@@ -538,7 +538,7 @@ index cb6a9fd..6b4442f 100644
document.documentElement.classList.add("noVNC_connected");
break;
case 'disconnecting':
-@@ -408,6 +415,11 @@ const UI = {
+@@ -418,6 +425,11 @@ const UI = {
document.documentElement.classList.add("noVNC_disconnecting");
break;
case 'disconnected':
@@ -550,7 +550,7 @@ index cb6a9fd..6b4442f 100644
break;
case 'reconnecting':
transitionElem.textContent = _("Reconnecting...");
-@@ -821,6 +833,7 @@ const UI = {
+@@ -843,6 +8
[pve-devel] [PATCH novnc 0/3] upgrade to v1.4.0
For this patch-series please update the mirror and the submodule. Markus Frank (3): replaced check for VERSION file with check for package.json upgrade novnc and patches to 1.4.0 bump version to 1.4.0-1 Makefile | 2 +- debian/changelog | 8 +++ .../0001-add-PVE-specific-JS-code.patch | 39 +- ...002-add-custom-fbresize-event-on-rfb.patch | 15 ++-- ...nge-scaling-when-toggling-fullscreen.patch | 9 ++- debian/patches/0004-add-pve-style.patch | 15 ++-- debian/patches/0005-remove-vnc-logos.patch| 56 +++ ...rectory-for-fetching-images-js-files.patch | 72 ++- .../patches/0007-add-pve-vnc-commands.patch | 7 +- ...add-replaceable-snippets-in-vnc.html.patch | 9 ++- .../0009-decrease-animation-time.patch| 21 +++--- debian/patches/0010-use-only-app.js.patch | 7 +- .../0011-add-localCursor-setting-to-rfb.patch | 35 - .../0012-pass-custom-command-to-vnc.patch | 3 + ...ove-the-default-value-of-wsProtocols.patch | 13 ++-- ...passing-deprecated-upgrade-parameter.patch | 3 + ...-create-own-class-for-hidden-buttons.patch | 7 +- ...-button-on-isFullscreen-get-variable.patch | 3 + debian/patches/0017-make-error-hideable.patch | 60 ...ow-start-button-on-not-running-vm-ct.patch | 13 ++-- .../0001-Ignore-ResizeObserver-errors.patch | 31 debian/patches/series | 1 - 22 files changed, 227 insertions(+), 202 deletions(-) delete mode 100644 debian/patches/extra/0001-Ignore-ResizeObserver-errors.patch -- 2.30.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager v1] fix #4947 spice: correct filename extension safari
Fix file extension for SPICE config download on
AppleWebKit browsers to ensure proper application
association on MacOS.
Signed-off-by: Markus Frank
---
www/manager6/Utils.js | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/www/manager6/Utils.js b/www/manager6/Utils.js
index 6d4842df..06b63315 100644
--- a/www/manager6/Utils.js
+++ b/www/manager6/Utils.js
@@ -1401,10 +1401,11 @@ Ext.define('PVE.Utils', {
css: 'display:none;visibility:hidden;height:0px;',
});
- // Note: we need to tell Android and Chrome the correct file name
extension
+ // Note: we need to tell Android, AppleWebKit and Chrome
+ // the correct file name extension
// but we do not set 'download' tag for other environments, because
// It can have strange side effects (additional user prompt on
firefox)
- if (navigator.userAgent.match(/Android|Chrome/i)) {
+ if (navigator.userAgent.match(/Android|AppleWebKit|Chrome/i)) {
link.download = name;
}
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever v11 2/6] add clipboard variable to return at status/current
By that noVNC is able to check if clipboard is active.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 8
1 file changed, 8 insertions(+)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 8a2fdef..49d0420 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -2697,6 +2697,13 @@ __PACKAGE__->register_method({
type => 'boolean',
optional => 1,
},
+ clipboard => {
+ description => 'Enable a specific clipboard. If not set,
depending on'
+ .' the display type the SPICE one will be added.',
+ type => 'string',
+ enum => ['vnc'],
+ optional => 1,
+ },
},
},
code => sub {
@@ -2715,6 +2722,7 @@ __PACKAGE__->register_method({
my $spice = defined($vga->{type}) && $vga->{type} =~ /^virtio/;
$spice ||= PVE::QemuServer::vga_conf_has_spice($conf->{vga});
$status->{spice} = 1 if $spice;
+ $status->{clipboard} = $vga->{clipboard};
}
$status->{agent} = 1 if PVE::QemuServer::get_qga_key($conf, 'enabled');
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever v11 1/6] enable VNC clipboard parameter in vga_fmt
added option to use the qemu vdagent implementation to enable the VNC
clipboard. When enabled with SPICE the spice-vdagent gets replaced with the QEMU
implementation.
This patch does not solve #1406, but does allow copy and paste with
a running X-session, when spice-vdagent is installed on the guest.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 7 +
PVE/QemuServer.pm | 66 ++-
2 files changed, 55 insertions(+), 18 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 9606e72..8a2fdef 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -1034,6 +1034,9 @@ __PACKAGE__->register_method({
$conf->{boot} = PVE::QemuServer::print_bootorder($devs);
}
+ my $vga = PVE::QemuServer::parse_vga($conf->{vga});
+ PVE::QemuServer::assert_clipboard_config($vga);
+
# auto generate uuid if user did not specify smbios1 option
if (!$conf->{smbios1}) {
$conf->{smbios1} =
PVE::QemuServer::generate_smbios1_uuid();
@@ -1856,6 +1859,10 @@ my $update_vm_api = sub {
die "only root can modify '$opt' config for real
devices\n";
}
$conf->{pending}->{$opt} = $param->{$opt};
+ } elsif ($opt eq 'vga') {
+ my $vga = PVE::QemuServer::parse_vga($param->{$opt});
+ PVE::QemuServer::assert_clipboard_config($vga);
+ $conf->{pending}->{$opt} = $param->{$opt};
} elsif ($opt =~ m/^usb\d+/) {
if (my $olddevice = $conf->{$opt}) {
check_usb_perm($rpcenv, $authuser, $vmid, undef, $opt,
$conf->{$opt});
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index bf1de17..2b84ed8 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -195,6 +195,13 @@ my $vga_fmt = {
minimum => 4,
maximum => 512,
},
+clipboard => {
+ description => 'Enable a specific clipboard. If not set, depending on'
+ .' the display type the SPICE one will be added.',
+ type => 'string',
+ enum => ['vnc'],
+ optional => 1,
+},
};
my $ivshmem_fmt = {
@@ -1375,6 +1382,21 @@ sub pve_verify_hotplug_features {
die "unable to parse hotplug option\n";
}
+sub assert_clipboard_config {
+my ($vga) = @_;
+
+my $clipboard_regex = qr/^(std|cirrus|vmware|virtio|qxl)/;
+
+if (
+ $vga->{'clipboard'}
+ && $vga->{'clipboard'} eq 'vnc'
+ && $vga->{type}
+ && $vga->{type} !~ $clipboard_regex
+) {
+ die "vga type $vga->{type} is not compatible with VNC clipboard\n";
+}
+}
+
sub scsi_inquiry {
my($fh, $noerr) = @_;
@@ -3945,7 +3967,10 @@ sub config_to_command {
my $spice_port;
-if ($qxlnum || $vga->{type} =~ /^virtio/) {
+assert_clipboard_config($vga);
+my $is_spice = $qxlnum || $vga->{type} =~ /^virtio/;
+
+if ($is_spice || ($vga->{'clipboard'} && $vga->{'clipboard'} eq 'vnc')) {
if ($qxlnum > 1) {
if ($winversion){
for (my $i = 1; $i < $qxlnum; $i++){
@@ -3966,29 +3991,34 @@ sub config_to_command {
my $pciaddr = print_pci_addr("spice", $bridges, $arch, $machine_type);
- my $pfamily = PVE::Tools::get_host_address_family($nodename);
- my @nodeaddrs = PVE::Tools::getaddrinfo_all('localhost', family =>
$pfamily);
- die "failed to get an ip address of type $pfamily for 'localhost'\n" if
!@nodeaddrs;
-
push @$devices, '-device', "virtio-serial,id=spice$pciaddr";
- push @$devices, '-chardev', "spicevmc,id=vdagent,name=vdagent";
+ if ($vga->{'clipboard'} && $vga->{'clipboard'} eq 'vnc') {
+ push @$devices, '-chardev',
'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on';
+ } else {
+ push @$devices, '-chardev', 'spicevmc,id=vdagent,name=vdagent';
+ }
push @$devices, '-device',
"virtserialport,chardev=vdagent,name=com.redhat.spice.0";
- my $localhost = PVE::Network::addr_to_ip($nodeaddrs[0]->{addr});
- $spice_port = PVE::Tools::next_spice_port($pfamily, $localhost);
+ if ($is_spice) {
+ my $pfamily = PVE::Tools::get_host_address_family($nodename);
+ my @nodeaddrs = PVE::Tools::getaddrinfo_all('localhost', family =>
$pfamily);
+ die "failed to get an ip address of type $pfamily for
'
[pve-devel] [PATCH novnc v11 4/6] add "show clipboard button" patch to series
Signed-off-by: Markus Frank
---
.../patches/0019-show-clipboard-button.patch | 30 +++
debian/patches/series | 1 +
2 files changed, 31 insertions(+)
create mode 100644 debian/patches/0019-show-clipboard-button.patch
diff --git a/debian/patches/0019-show-clipboard-button.patch
b/debian/patches/0019-show-clipboard-button.patch
new file mode 100644
index 000..7f7202f
--- /dev/null
+++ b/debian/patches/0019-show-clipboard-button.patch
@@ -0,0 +1,30 @@
+From Mon Sep 17 00:00:00 2001
+From: Markus Frank
+Date: Fri, 28 Oct 2022 13:57:57 +0200
+Subject: [PATCH] show clipboard button
+
+show button when vnc-clipboard at status/current is true
+
+Signed-off-by: Markus Frank
+---
+ app/pve.js | 4
+ 1 file changed, 4 insertions(+)
+
+diff --git a/app/pve.js b/app/pve.js
+index 287615f..a2e54b0 100644
+--- a/app/pve.js
b/app/pve.js
+@@ -411,6 +411,10 @@ PVEUI.prototype = {
+ document.getElementById('pve_start_dlg')
+ .classList.add("noVNC_open");
+ }
++ if (result.data['vnc-clipboard']) {
++ document.getElementById('noVNC_clipboard_button')
++ .classList.remove('pve_hidden');
++ }
+ },
+ failure: function(msg, code) {
+ if (code === 403) {
+--
+2.30.2
+
diff --git a/debian/patches/series b/debian/patches/series
index 085e2b4..212add7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,3 +16,4 @@
0016-hide-fullscreen-button-on-isFullscreen-get-variable.patch
0017-make-error-hideable.patch
0018-show-start-button-on-not-running-vm-ct.patch
+0019-show-clipboard-button.patch
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever v11 3/6] test cases for clipboard spice & std
add one test case for a spice display and one for std Signed-off-by: Markus Frank --- test/cfg2cmd/VNC-clipboard-spice.conf | 1 + test/cfg2cmd/VNC-clipboard-spice.conf.cmd | 27 +++ test/cfg2cmd/VNC-clipboard-std.conf | 1 + test/cfg2cmd/VNC-clipboard-std.conf.cmd | 27 +++ 4 files changed, 56 insertions(+) create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf.cmd diff --git a/test/cfg2cmd/VNC-clipboard-spice.conf b/test/cfg2cmd/VNC-clipboard-spice.conf new file mode 100644 index 000..54cfa38 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-spice.conf @@ -0,0 +1 @@ +vga: qxl,clipboard=vnc diff --git a/test/cfg2cmd/VNC-clipboard-spice.conf.cmd b/test/cfg2cmd/VNC-clipboard-spice.conf.cmd new file mode 100644 index 000..f24cc7f --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-spice.conf.cmd @@ -0,0 +1,27 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \ + -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \ + -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \ + -device 'qxl-vga,id=vga,max_outputs=4,bus=pci.0,addr=0x2' \ + -device 'virtio-serial,id=spice,bus=pci.0,addr=0x9' \ + -chardev 'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on' \ + -device 'virtserialport,chardev=vdagent,name=com.redhat.spice.0' \ + -spice 'tls-port=61000,addr=127.0.0.1,tls-ciphers=HIGH,seamless-migration=on' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=pc+pve0' diff --git a/test/cfg2cmd/VNC-clipboard-std.conf b/test/cfg2cmd/VNC-clipboard-std.conf new file mode 100644 index 000..a980f42 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-std.conf @@ -0,0 +1 @@ +vga: std,clipboard=vnc diff --git a/test/cfg2cmd/VNC-clipboard-std.conf.cmd b/test/cfg2cmd/VNC-clipboard-std.conf.cmd new file mode 100644 index 000..c0c6cd2 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-std.conf.cmd @@ -0,0 +1,27 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \ + -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \ + -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \ + -device 'usb-tablet,id=tablet,bus=uhci.0,port=1' \ + -device 'VGA,id=vga,bus=pci.0,addr=0x2' \ + -device 'virtio-serial,id=spice,bus=pci.0,addr=0x9' \ + -chardev 'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on' \ + -device 'virtserialport,chardev=vdagent,name=com.redhat.spice.0' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=pc+pve0' -- 2.39.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever/novnc/manager/docs v11 0/6] Feature VNC-Clipboard
overall changes v11: * renamed vnc-clipboard to clipboard and changed it to a string overall changes v9: * renamed vnc_clipboard to vnc-clipboard qemu-sever: changes v10: * separated "vnc-clipboard return at status/current" to its own patch * added missing trailing comma * changed capitalization changes v8: * removed unnecessary conditions * removed spicedevices variable and changed back to devices * created is_spice variable changes v6: * added check if vga->type is set to prevent error when using default display * renamed clipboard to vnc_clipboard changes v5: * removed return of regex check in the assertion-function for the clipboard config * moved clipboard code into spice-if-block changes v4: * removed duplicate code and created a spicedevices variable to store spice/vdagent devices. * clipboard_check_compatibility function changes v3: * added hint to make clearer that the spice guest tools are required for the noVNC-clipboard * Checkbox changes to ComboBox when a spice device is selected to make clear that only one clipboard can be used at a time. * added 2 test-cases changes v2: * added pci address to virtio-serial-pci Markus Frank (3): enable VNC clipboard parameter in vga_fmt add vnc-clipboard variable to return at status/current test cases for clipboard spice & std PVE/API2/Qemu.pm | 15 ++ PVE/QemuServer.pm | 66 --- test/cfg2cmd/VNC-clipboard-spice.conf | 1 + test/cfg2cmd/VNC-clipboard-spice.conf.cmd | 27 ++ test/cfg2cmd/VNC-clipboard-std.conf | 1 + test/cfg2cmd/VNC-clipboard-std.conf.cmd | 27 ++ 6 files changed, 119 insertions(+), 18 deletions(-) create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf.cmd novnc: Markus Frank (1): add "show clipboard button" patch to series .../patches/0019-show-clipboard-button.patch | 30 +++ debian/patches/series | 1 + 2 files changed, 31 insertions(+) create mode 100644 debian/patches/0019-show-clipboard-button.patch manager: changes v11: * added hint that SPICE & VNC Clipboard won't work at the same time. changes v7: * fixed the empty Display Bug in VGA options found by Friedrich (it should be "Default" instead of empty) changes v6: * Changed onGetValues in DisplayEdit to only set the saved vnc_clipboard variable, so it's possible to reset type and memory to default values changes v4: * moved clipboard option from Display settings in Hardware to Options Markus Frank (1): add clipboard checkbox to VM Options www/manager6/qemu/DisplayEdit.js | 8 + www/manager6/qemu/Options.js | 52 2 files changed, 60 insertions(+) docs: changes v4: * rewrote entire Text * added command example to set clipboard to 1 Markus Frank (1): add VNC clipboard documentation qm.adoc | 18 ++ 1 file changed, 18 insertions(+) -- 2.39.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager v11 5/6] add clipboard checkbox to VM Options
Signed-off-by: Markus Frank
---
www/manager6/qemu/DisplayEdit.js | 8 +
www/manager6/qemu/Options.js | 52
2 files changed, 60 insertions(+)
diff --git a/www/manager6/qemu/DisplayEdit.js b/www/manager6/qemu/DisplayEdit.js
index 9bb1763e..d7cd51a9 100644
--- a/www/manager6/qemu/DisplayEdit.js
+++ b/www/manager6/qemu/DisplayEdit.js
@@ -4,6 +4,9 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
onlineHelp: 'qm_display',
onGetValues: function(values) {
+ if (typeof this.originalConfig.clipboard !== 'undefined') {
+ values.clipboard = this.originalConfig.clipboard;
+ }
let ret = PVE.Parser.printPropertyString(values, 'type');
if (ret === '') {
return { 'delete': 'vga' };
@@ -11,6 +14,11 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
return { vga: ret };
},
+onSetValues: function(values) {
+ this.originalConfig = values;
+ return values;
+},
+
items: [{
name: 'type',
xtype: 'proxmoxKVComboBox',
diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js
index 7b112400..7b8283c6 100644
--- a/www/manager6/qemu/Options.js
+++ b/www/manager6/qemu/Options.js
@@ -154,6 +154,58 @@ Ext.define('PVE.qemu.Options', {
},
} : undefined,
},
+ vga: {
+ header: gettext('Clipboard'),
+ defaultValue: false,
+ renderer: function(value) {
+ let vga = PVE.Parser.parsePropertyString(value, 'type');
+ return vga.clipboard ? vga.clipboard.toUpperCase() : "auto
(SPICE)";
+ },
+ editor: caps.vms['VM.Config.HWType'] ? {
+ xtype: 'proxmoxWindowEdit',
+ subject: gettext('Clipboard'),
+ onlineHelp: 'qm_display',
+ items: {
+ xtype: 'pveDisplayInputPanel',
+ items: [
+ {
+ xtype: 'proxmoxKVComboBox',
+ name: 'clipboard',
+ itemId: 'clipboardBox',
+ fieldLabel: gettext('Clipboard'),
+ deleteDefaultValue: true,
+ value: '__default__',
+ comboItems: [
+ ['__default__', 'auto (SPICE)'],
+ ['vnc', 'VNC'],
+ ],
+ },
+ {
+ itemId: 'vdagentHint',
+ name: 'vdagentHint',
+ xtype: 'displayfield',
+ userCls: 'pmx-hint',
+ value: 'The SPICE Clipboard stops working when'
+
+ ' you are using the VNC Clipboard, as both'
+
+ ' rely on the same SPICE vdagent.',
+ },
+ ],
+ onGetValues: function(values) {
+ values = Ext.apply(this.originalConfig, values);
+ if (values.delete === "clipboard") {
+ delete values.clipboard;
+ delete values.delete;
+ }
+ let ret = PVE.Parser.printPropertyString(values,
'type');
+ return { vga: ret };
+ },
+ onSetValues: function(values) {
+ this.originalConfig =
PVE.Parser.parsePropertyString(values.vga, 'type');
+ return this.originalConfig;
+ },
+ },
+ } : undefined,
+ },
hotplug: {
header: gettext('Hotplug'),
defaultValue: 'disk,network,usb',
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs v11 6/6] add VNC clipboard documentation
Signed-off-by: Markus Frank --- qm.adoc | 18 ++ 1 file changed, 18 insertions(+) diff --git a/qm.adoc b/qm.adoc index b3c3034..43c1da4 100644 --- a/qm.adoc +++ b/qm.adoc @@ -776,6 +776,24 @@ Selecting `serialX` as display 'type' disables the VGA output, and redirects the Web Console to the selected serial port. A configured display 'memory' setting will be ignored in that case. +.VNC clipboard +You can enable the VNC clipboard by setting `clipboard` to `vnc`. + + +# qm set -vga ,clipboard=vnc + + +In order to use the clipboard feature, you must first install the +SPICE guest tools. On Debian-based distributions, this can be achieved +by installing `spice-vdagent`. For other Operating Systems search for it +in the offical repositories or see: https://www.spice-space.org/download.html + +Once you have installed the spice guest tools, you can use the VNC clipboard +function (e.g. in the noVNC console panel). However, if you're using +SPICE, virtio or virgl, you'll need to choose which clipboard to use. +This is because the default *SPICE* clipboard will be replaced by the +*VNC* clipboard, if `clipboard` is set to `vnc`. + [[qm_usb_passthrough]] USB Passthrough ~~~ -- 2.39.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH qemu-sever/novnc/manager/docs v11 0/6] Feature VNC-Clipboard
forgot to update novnc-pve -> ignore this v11 series At Fri Sep 08 2023 12:46:43 GMT+0200 (Central European Summer Time), Markus Frank wrote: overall changes v11: * renamed vnc-clipboard to clipboard and changed it to a string overall changes v9: * renamed vnc_clipboard to vnc-clipboard qemu-sever: changes v10: * separated "vnc-clipboard return at status/current" to its own patch * added missing trailing comma * changed capitalization changes v8: * removed unnecessary conditions * removed spicedevices variable and changed back to devices * created is_spice variable changes v6: * added check if vga->type is set to prevent error when using default display * renamed clipboard to vnc_clipboard changes v5: * removed return of regex check in the assertion-function for the clipboard config * moved clipboard code into spice-if-block changes v4: * removed duplicate code and created a spicedevices variable to store spice/vdagent devices. * clipboard_check_compatibility function changes v3: * added hint to make clearer that the spice guest tools are required for the noVNC-clipboard * Checkbox changes to ComboBox when a spice device is selected to make clear that only one clipboard can be used at a time. * added 2 test-cases changes v2: * added pci address to virtio-serial-pci Markus Frank (3): enable VNC clipboard parameter in vga_fmt add vnc-clipboard variable to return at status/current test cases for clipboard spice & std PVE/API2/Qemu.pm | 15 ++ PVE/QemuServer.pm | 66 --- test/cfg2cmd/VNC-clipboard-spice.conf | 1 + test/cfg2cmd/VNC-clipboard-spice.conf.cmd | 27 ++ test/cfg2cmd/VNC-clipboard-std.conf | 1 + test/cfg2cmd/VNC-clipboard-std.conf.cmd | 27 ++ 6 files changed, 119 insertions(+), 18 deletions(-) create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf.cmd novnc: Markus Frank (1): add "show clipboard button" patch to series .../patches/0019-show-clipboard-button.patch | 30 +++ debian/patches/series | 1 + 2 files changed, 31 insertions(+) create mode 100644 debian/patches/0019-show-clipboard-button.patch manager: changes v11: * added hint that SPICE & VNC Clipboard won't work at the same time. changes v7: * fixed the empty Display Bug in VGA options found by Friedrich (it should be "Default" instead of empty) changes v6: * Changed onGetValues in DisplayEdit to only set the saved vnc_clipboard variable, so it's possible to reset type and memory to default values changes v4: * moved clipboard option from Display settings in Hardware to Options Markus Frank (1): add clipboard checkbox to VM Options www/manager6/qemu/DisplayEdit.js | 8 + www/manager6/qemu/Options.js | 52 2 files changed, 60 insertions(+) docs: changes v4: * rewrote entire Text * added command example to set clipboard to 1 Markus Frank (1): add VNC clipboard documentation qm.adoc | 18 ++ 1 file changed, 18 insertions(+) ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH novnc v12 4/6] add "show clipboard button" patch to series
Signed-off-by: Markus Frank
---
.../patches/0019-show-clipboard-button.patch | 30 +++
debian/patches/series | 1 +
2 files changed, 31 insertions(+)
create mode 100644 debian/patches/0019-show-clipboard-button.patch
diff --git a/debian/patches/0019-show-clipboard-button.patch
b/debian/patches/0019-show-clipboard-button.patch
new file mode 100644
index 000..b87229e
--- /dev/null
+++ b/debian/patches/0019-show-clipboard-button.patch
@@ -0,0 +1,30 @@
+From Mon Sep 17 00:00:00 2001
+From: Markus Frank
+Date: Fri, 28 Oct 2022 13:57:57 +0200
+Subject: [PATCH] show clipboard button
+
+show button when clipboard at status/current is true
+
+Signed-off-by: Markus Frank
+---
+ app/pve.js | 4
+ 1 file changed, 4 insertions(+)
+
+diff --git a/app/pve.js b/app/pve.js
+index 287615f..1b98f20 100644
+--- a/app/pve.js
b/app/pve.js
+@@ -411,6 +411,10 @@ PVEUI.prototype = {
+ document.getElementById('pve_start_dlg')
+ .classList.add("noVNC_open");
+ }
++ if (result.data.clipboard === "vnc") {
++ document.getElementById('noVNC_clipboard_button')
++ .classList.remove('pve_hidden');
++ }
+ },
+ failure: function(msg, code) {
+ if (code === 403) {
+--
+2.39.2
+
diff --git a/debian/patches/series b/debian/patches/series
index 085e2b4..212add7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,3 +16,4 @@
0016-hide-fullscreen-button-on-isFullscreen-get-variable.patch
0017-make-error-hideable.patch
0018-show-start-button-on-not-running-vm-ct.patch
+0019-show-clipboard-button.patch
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever v12 2/6] add clipboard variable to return at status/current
By that noVNC is able to check if clipboard is active.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 8
1 file changed, 8 insertions(+)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 8a2fdef..49d0420 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -2697,6 +2697,13 @@ __PACKAGE__->register_method({
type => 'boolean',
optional => 1,
},
+ clipboard => {
+ description => 'Enable a specific clipboard. If not set,
depending on'
+ .' the display type the SPICE one will be added.',
+ type => 'string',
+ enum => ['vnc'],
+ optional => 1,
+ },
},
},
code => sub {
@@ -2715,6 +2722,7 @@ __PACKAGE__->register_method({
my $spice = defined($vga->{type}) && $vga->{type} =~ /^virtio/;
$spice ||= PVE::QemuServer::vga_conf_has_spice($conf->{vga});
$status->{spice} = 1 if $spice;
+ $status->{clipboard} = $vga->{clipboard};
}
$status->{agent} = 1 if PVE::QemuServer::get_qga_key($conf, 'enabled');
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH docs v12 6/6] add VNC clipboard documentation
Signed-off-by: Markus Frank --- qm.adoc | 18 ++ 1 file changed, 18 insertions(+) diff --git a/qm.adoc b/qm.adoc index b3c3034..43c1da4 100644 --- a/qm.adoc +++ b/qm.adoc @@ -776,6 +776,24 @@ Selecting `serialX` as display 'type' disables the VGA output, and redirects the Web Console to the selected serial port. A configured display 'memory' setting will be ignored in that case. +.VNC clipboard +You can enable the VNC clipboard by setting `clipboard` to `vnc`. + + +# qm set -vga ,clipboard=vnc + + +In order to use the clipboard feature, you must first install the +SPICE guest tools. On Debian-based distributions, this can be achieved +by installing `spice-vdagent`. For other Operating Systems search for it +in the offical repositories or see: https://www.spice-space.org/download.html + +Once you have installed the spice guest tools, you can use the VNC clipboard +function (e.g. in the noVNC console panel). However, if you're using +SPICE, virtio or virgl, you'll need to choose which clipboard to use. +This is because the default *SPICE* clipboard will be replaced by the +*VNC* clipboard, if `clipboard` is set to `vnc`. + [[qm_usb_passthrough]] USB Passthrough ~~~ -- 2.39.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever/novnc/manager/docs v12 0/6] Feature VNC-Clipboard
overall changes v11: * renamed vnc-clipboard to clipboard and changed it to a string overall changes v9: * renamed vnc_clipboard to vnc-clipboard qemu-sever: changes v10: * separated "vnc-clipboard return at status/current" to its own patch * added missing trailing comma * changed capitalization changes v8: * removed unnecessary conditions * removed spicedevices variable and changed back to devices * created is_spice variable changes v6: * added check if vga->type is set to prevent error when using default display * renamed clipboard to vnc_clipboard changes v5: * removed return of regex check in the assertion-function for the clipboard config * moved clipboard code into spice-if-block changes v4: * removed duplicate code and created a spicedevices variable to store spice/vdagent devices. * clipboard_check_compatibility function changes v3: * added hint to make clearer that the spice guest tools are required for the noVNC-clipboard * Checkbox changes to ComboBox when a spice device is selected to make clear that only one clipboard can be used at a time. * added 2 test-cases changes v2: * added pci address to virtio-serial-pci Markus Frank (3): enable VNC clipboard parameter in vga_fmt add vnc-clipboard variable to return at status/current test cases for clipboard spice & std PVE/API2/Qemu.pm | 15 ++ PVE/QemuServer.pm | 66 --- test/cfg2cmd/VNC-clipboard-spice.conf | 1 + test/cfg2cmd/VNC-clipboard-spice.conf.cmd | 27 ++ test/cfg2cmd/VNC-clipboard-std.conf | 1 + test/cfg2cmd/VNC-clipboard-std.conf.cmd | 27 ++ 6 files changed, 119 insertions(+), 18 deletions(-) create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf.cmd novnc: Markus Frank (1): add "show clipboard button" patch to series .../patches/0019-show-clipboard-button.patch | 30 +++ debian/patches/series | 1 + 2 files changed, 31 insertions(+) create mode 100644 debian/patches/0019-show-clipboard-button.patch manager: changes v11: * added hint that SPICE & VNC Clipboard won't work at the same time. changes v7: * fixed the empty Display Bug in VGA options found by Friedrich (it should be "Default" instead of empty) changes v6: * Changed onGetValues in DisplayEdit to only set the saved vnc_clipboard variable, so it's possible to reset type and memory to default values changes v4: * moved clipboard option from Display settings in Hardware to Options Markus Frank (1): add clipboard checkbox to VM Options www/manager6/qemu/DisplayEdit.js | 8 + www/manager6/qemu/Options.js | 52 2 files changed, 60 insertions(+) docs: changes v4: * rewrote entire Text * added command example to set clipboard to 1 Markus Frank (1): add VNC clipboard documentation qm.adoc | 18 ++ 1 file changed, 18 insertions(+) -- 2.39.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever v12 3/6] test cases for clipboard spice & std
add one test case for a spice display and one for std Signed-off-by: Markus Frank --- test/cfg2cmd/VNC-clipboard-spice.conf | 1 + test/cfg2cmd/VNC-clipboard-spice.conf.cmd | 27 +++ test/cfg2cmd/VNC-clipboard-std.conf | 1 + test/cfg2cmd/VNC-clipboard-std.conf.cmd | 27 +++ 4 files changed, 56 insertions(+) create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf.cmd diff --git a/test/cfg2cmd/VNC-clipboard-spice.conf b/test/cfg2cmd/VNC-clipboard-spice.conf new file mode 100644 index 000..54cfa38 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-spice.conf @@ -0,0 +1 @@ +vga: qxl,clipboard=vnc diff --git a/test/cfg2cmd/VNC-clipboard-spice.conf.cmd b/test/cfg2cmd/VNC-clipboard-spice.conf.cmd new file mode 100644 index 000..f24cc7f --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-spice.conf.cmd @@ -0,0 +1,27 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \ + -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \ + -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \ + -device 'qxl-vga,id=vga,max_outputs=4,bus=pci.0,addr=0x2' \ + -device 'virtio-serial,id=spice,bus=pci.0,addr=0x9' \ + -chardev 'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on' \ + -device 'virtserialport,chardev=vdagent,name=com.redhat.spice.0' \ + -spice 'tls-port=61000,addr=127.0.0.1,tls-ciphers=HIGH,seamless-migration=on' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=pc+pve0' diff --git a/test/cfg2cmd/VNC-clipboard-std.conf b/test/cfg2cmd/VNC-clipboard-std.conf new file mode 100644 index 000..a980f42 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-std.conf @@ -0,0 +1 @@ +vga: std,clipboard=vnc diff --git a/test/cfg2cmd/VNC-clipboard-std.conf.cmd b/test/cfg2cmd/VNC-clipboard-std.conf.cmd new file mode 100644 index 000..c0c6cd2 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-std.conf.cmd @@ -0,0 +1,27 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \ + -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \ + -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \ + -device 'usb-tablet,id=tablet,bus=uhci.0,port=1' \ + -device 'VGA,id=vga,bus=pci.0,addr=0x2' \ + -device 'virtio-serial,id=spice,bus=pci.0,addr=0x9' \ + -chardev 'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on' \ + -device 'virtserialport,chardev=vdagent,name=com.redhat.spice.0' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=pc+pve0' -- 2.39.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager v12 5/6] add clipboard checkbox to VM Options
Signed-off-by: Markus Frank
---
www/manager6/qemu/DisplayEdit.js | 8 +
www/manager6/qemu/Options.js | 52
2 files changed, 60 insertions(+)
diff --git a/www/manager6/qemu/DisplayEdit.js b/www/manager6/qemu/DisplayEdit.js
index 9bb1763e..d7cd51a9 100644
--- a/www/manager6/qemu/DisplayEdit.js
+++ b/www/manager6/qemu/DisplayEdit.js
@@ -4,6 +4,9 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
onlineHelp: 'qm_display',
onGetValues: function(values) {
+ if (typeof this.originalConfig.clipboard !== 'undefined') {
+ values.clipboard = this.originalConfig.clipboard;
+ }
let ret = PVE.Parser.printPropertyString(values, 'type');
if (ret === '') {
return { 'delete': 'vga' };
@@ -11,6 +14,11 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
return { vga: ret };
},
+onSetValues: function(values) {
+ this.originalConfig = values;
+ return values;
+},
+
items: [{
name: 'type',
xtype: 'proxmoxKVComboBox',
diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js
index 7b112400..7b8283c6 100644
--- a/www/manager6/qemu/Options.js
+++ b/www/manager6/qemu/Options.js
@@ -154,6 +154,58 @@ Ext.define('PVE.qemu.Options', {
},
} : undefined,
},
+ vga: {
+ header: gettext('Clipboard'),
+ defaultValue: false,
+ renderer: function(value) {
+ let vga = PVE.Parser.parsePropertyString(value, 'type');
+ return vga.clipboard ? vga.clipboard.toUpperCase() : "auto
(SPICE)";
+ },
+ editor: caps.vms['VM.Config.HWType'] ? {
+ xtype: 'proxmoxWindowEdit',
+ subject: gettext('Clipboard'),
+ onlineHelp: 'qm_display',
+ items: {
+ xtype: 'pveDisplayInputPanel',
+ items: [
+ {
+ xtype: 'proxmoxKVComboBox',
+ name: 'clipboard',
+ itemId: 'clipboardBox',
+ fieldLabel: gettext('Clipboard'),
+ deleteDefaultValue: true,
+ value: '__default__',
+ comboItems: [
+ ['__default__', 'auto (SPICE)'],
+ ['vnc', 'VNC'],
+ ],
+ },
+ {
+ itemId: 'vdagentHint',
+ name: 'vdagentHint',
+ xtype: 'displayfield',
+ userCls: 'pmx-hint',
+ value: 'The SPICE Clipboard stops working when'
+
+ ' you are using the VNC Clipboard, as both'
+
+ ' rely on the same SPICE vdagent.',
+ },
+ ],
+ onGetValues: function(values) {
+ values = Ext.apply(this.originalConfig, values);
+ if (values.delete === "clipboard") {
+ delete values.clipboard;
+ delete values.delete;
+ }
+ let ret = PVE.Parser.printPropertyString(values,
'type');
+ return { vga: ret };
+ },
+ onSetValues: function(values) {
+ this.originalConfig =
PVE.Parser.parsePropertyString(values.vga, 'type');
+ return this.originalConfig;
+ },
+ },
+ } : undefined,
+ },
hotplug: {
header: gettext('Hotplug'),
defaultValue: 'disk,network,usb',
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever v12 1/6] enable VNC clipboard parameter in vga_fmt
added option to use the qemu vdagent implementation to enable the VNC
clipboard. When enabled with SPICE the spice-vdagent gets replaced with the QEMU
implementation.
This patch does not solve #1406, but does allow copy and paste with
a running X-session, when spice-vdagent is installed on the guest.
Signed-off-by: Markus Frank
---
PVE/API2/Qemu.pm | 7 +
PVE/QemuServer.pm | 66 ++-
2 files changed, 55 insertions(+), 18 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 9606e72..8a2fdef 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -1034,6 +1034,9 @@ __PACKAGE__->register_method({
$conf->{boot} = PVE::QemuServer::print_bootorder($devs);
}
+ my $vga = PVE::QemuServer::parse_vga($conf->{vga});
+ PVE::QemuServer::assert_clipboard_config($vga);
+
# auto generate uuid if user did not specify smbios1 option
if (!$conf->{smbios1}) {
$conf->{smbios1} =
PVE::QemuServer::generate_smbios1_uuid();
@@ -1856,6 +1859,10 @@ my $update_vm_api = sub {
die "only root can modify '$opt' config for real
devices\n";
}
$conf->{pending}->{$opt} = $param->{$opt};
+ } elsif ($opt eq 'vga') {
+ my $vga = PVE::QemuServer::parse_vga($param->{$opt});
+ PVE::QemuServer::assert_clipboard_config($vga);
+ $conf->{pending}->{$opt} = $param->{$opt};
} elsif ($opt =~ m/^usb\d+/) {
if (my $olddevice = $conf->{$opt}) {
check_usb_perm($rpcenv, $authuser, $vmid, undef, $opt,
$conf->{$opt});
diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index bf1de17..2b84ed8 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -195,6 +195,13 @@ my $vga_fmt = {
minimum => 4,
maximum => 512,
},
+clipboard => {
+ description => 'Enable a specific clipboard. If not set, depending on'
+ .' the display type the SPICE one will be added.',
+ type => 'string',
+ enum => ['vnc'],
+ optional => 1,
+},
};
my $ivshmem_fmt = {
@@ -1375,6 +1382,21 @@ sub pve_verify_hotplug_features {
die "unable to parse hotplug option\n";
}
+sub assert_clipboard_config {
+my ($vga) = @_;
+
+my $clipboard_regex = qr/^(std|cirrus|vmware|virtio|qxl)/;
+
+if (
+ $vga->{'clipboard'}
+ && $vga->{'clipboard'} eq 'vnc'
+ && $vga->{type}
+ && $vga->{type} !~ $clipboard_regex
+) {
+ die "vga type $vga->{type} is not compatible with VNC clipboard\n";
+}
+}
+
sub scsi_inquiry {
my($fh, $noerr) = @_;
@@ -3945,7 +3967,10 @@ sub config_to_command {
my $spice_port;
-if ($qxlnum || $vga->{type} =~ /^virtio/) {
+assert_clipboard_config($vga);
+my $is_spice = $qxlnum || $vga->{type} =~ /^virtio/;
+
+if ($is_spice || ($vga->{'clipboard'} && $vga->{'clipboard'} eq 'vnc')) {
if ($qxlnum > 1) {
if ($winversion){
for (my $i = 1; $i < $qxlnum; $i++){
@@ -3966,29 +3991,34 @@ sub config_to_command {
my $pciaddr = print_pci_addr("spice", $bridges, $arch, $machine_type);
- my $pfamily = PVE::Tools::get_host_address_family($nodename);
- my @nodeaddrs = PVE::Tools::getaddrinfo_all('localhost', family =>
$pfamily);
- die "failed to get an ip address of type $pfamily for 'localhost'\n" if
!@nodeaddrs;
-
push @$devices, '-device', "virtio-serial,id=spice$pciaddr";
- push @$devices, '-chardev', "spicevmc,id=vdagent,name=vdagent";
+ if ($vga->{'clipboard'} && $vga->{'clipboard'} eq 'vnc') {
+ push @$devices, '-chardev',
'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on';
+ } else {
+ push @$devices, '-chardev', 'spicevmc,id=vdagent,name=vdagent';
+ }
push @$devices, '-device',
"virtserialport,chardev=vdagent,name=com.redhat.spice.0";
- my $localhost = PVE::Network::addr_to_ip($nodeaddrs[0]->{addr});
- $spice_port = PVE::Tools::next_spice_port($pfamily, $localhost);
+ if ($is_spice) {
+ my $pfamily = PVE::Tools::get_host_address_family($nodename);
+ my @nodeaddrs = PVE::Tools::getaddrinfo_all('localhost', family =>
$pfamily);
+ die "failed to get an ip address of type $pfamily for
'
[pve-devel] [PATCH qemu-sever/novnc/manager/docs v13 0/6] Feature VNC-Clipboard
overall changes v11: * renamed vnc-clipboard to clipboard and changed it to a string overall changes v9: * renamed vnc_clipboard to vnc-clipboard qemu-sever: changes v10: * separated "vnc-clipboard return at status/current" to its own patch * added missing trailing comma * changed capitalization changes v8: * removed unnecessary conditions * removed spicedevices variable and changed back to devices * created is_spice variable changes v6: * added check if vga->type is set to prevent error when using default display * renamed clipboard to vnc_clipboard changes v5: * removed return of regex check in the assertion-function for the clipboard config * moved clipboard code into spice-if-block changes v4: * removed duplicate code and created a spicedevices variable to store spice/vdagent devices. * clipboard_check_compatibility function changes v3: * added hint to make clearer that the spice guest tools are required for the noVNC-clipboard * Checkbox changes to ComboBox when a spice device is selected to make clear that only one clipboard can be used at a time. * added 2 test-cases changes v2: * added pci address to virtio-serial-pci Markus Frank (3): enable VNC clipboard parameter in vga_fmt add vnc-clipboard variable to return at status/current test cases for clipboard spice & std PVE/API2/Qemu.pm | 15 ++ PVE/QemuServer.pm | 66 --- test/cfg2cmd/VNC-clipboard-spice.conf | 1 + test/cfg2cmd/VNC-clipboard-spice.conf.cmd | 27 ++ test/cfg2cmd/VNC-clipboard-std.conf | 1 + test/cfg2cmd/VNC-clipboard-std.conf.cmd | 27 ++ 6 files changed, 119 insertions(+), 18 deletions(-) create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf.cmd novnc: Markus Frank (1): add "show clipboard button" patch to series .../patches/0019-show-clipboard-button.patch | 30 +++ debian/patches/series | 1 + 2 files changed, 31 insertions(+) create mode 100644 debian/patches/0019-show-clipboard-button.patch manager: changes v13: * send "delete: vga" if print_property_string returns empty string. * shows a hint for the default & vnc clipboard changes v11: * added hint that SPICE & VNC Clipboard won't work at the same time. changes v7: * fixed the empty Display Bug in VGA options found by Friedrich (it should be "Default" instead of empty) changes v6: * Changed onGetValues in DisplayEdit to only set the saved vnc_clipboard variable, so it's possible to reset type and memory to default values changes v4: * moved clipboard option from Display settings in Hardware to Options Markus Frank (1): add clipboard checkbox to VM Options www/manager6/qemu/DisplayEdit.js | 8 +++ www/manager6/qemu/Options.js | 89 2 files changed, 97 insertions(+) docs: changes v4: * rewrote entire Text * added command example to set clipboard to 1 Markus Frank (1): add VNC clipboard documentation qm.adoc | 18 ++ 1 file changed, 18 insertions(+) -- 2.39.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH novnc v13 4/6] add "show clipboard button" patch to series
Signed-off-by: Markus Frank
---
.../patches/0019-show-clipboard-button.patch | 30 +++
debian/patches/series | 1 +
2 files changed, 31 insertions(+)
create mode 100644 debian/patches/0019-show-clipboard-button.patch
diff --git a/debian/patches/0019-show-clipboard-button.patch
b/debian/patches/0019-show-clipboard-button.patch
new file mode 100644
index 000..b87229e
--- /dev/null
+++ b/debian/patches/0019-show-clipboard-button.patch
@@ -0,0 +1,30 @@
+From Mon Sep 17 00:00:00 2001
+From: Markus Frank
+Date: Fri, 28 Oct 2022 13:57:57 +0200
+Subject: [PATCH] show clipboard button
+
+show button when clipboard at status/current is true
+
+Signed-off-by: Markus Frank
+---
+ app/pve.js | 4
+ 1 file changed, 4 insertions(+)
+
+diff --git a/app/pve.js b/app/pve.js
+index 287615f..1b98f20 100644
+--- a/app/pve.js
b/app/pve.js
+@@ -411,6 +411,10 @@ PVEUI.prototype = {
+ document.getElementById('pve_start_dlg')
+ .classList.add("noVNC_open");
+ }
++ if (result.data.clipboard === "vnc") {
++ document.getElementById('noVNC_clipboard_button')
++ .classList.remove('pve_hidden');
++ }
+ },
+ failure: function(msg, code) {
+ if (code === 403) {
+--
+2.39.2
+
diff --git a/debian/patches/series b/debian/patches/series
index 085e2b4..212add7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,3 +16,4 @@
0016-hide-fullscreen-button-on-isFullscreen-get-variable.patch
0017-make-error-hideable.patch
0018-show-start-button-on-not-running-vm-ct.patch
+0019-show-clipboard-button.patch
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH qemu-sever v13 3/6] test cases for clipboard spice & std
add one test case for a spice display and one for std Signed-off-by: Markus Frank --- test/cfg2cmd/VNC-clipboard-spice.conf | 1 + test/cfg2cmd/VNC-clipboard-spice.conf.cmd | 27 +++ test/cfg2cmd/VNC-clipboard-std.conf | 1 + test/cfg2cmd/VNC-clipboard-std.conf.cmd | 27 +++ 4 files changed, 56 insertions(+) create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf create mode 100644 test/cfg2cmd/VNC-clipboard-spice.conf.cmd create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf create mode 100644 test/cfg2cmd/VNC-clipboard-std.conf.cmd diff --git a/test/cfg2cmd/VNC-clipboard-spice.conf b/test/cfg2cmd/VNC-clipboard-spice.conf new file mode 100644 index 000..54cfa38 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-spice.conf @@ -0,0 +1 @@ +vga: qxl,clipboard=vnc diff --git a/test/cfg2cmd/VNC-clipboard-spice.conf.cmd b/test/cfg2cmd/VNC-clipboard-spice.conf.cmd new file mode 100644 index 000..f24cc7f --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-spice.conf.cmd @@ -0,0 +1,27 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \ + -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \ + -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \ + -device 'qxl-vga,id=vga,max_outputs=4,bus=pci.0,addr=0x2' \ + -device 'virtio-serial,id=spice,bus=pci.0,addr=0x9' \ + -chardev 'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on' \ + -device 'virtserialport,chardev=vdagent,name=com.redhat.spice.0' \ + -spice 'tls-port=61000,addr=127.0.0.1,tls-ciphers=HIGH,seamless-migration=on' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=pc+pve0' diff --git a/test/cfg2cmd/VNC-clipboard-std.conf b/test/cfg2cmd/VNC-clipboard-std.conf new file mode 100644 index 000..a980f42 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-std.conf @@ -0,0 +1 @@ +vga: std,clipboard=vnc diff --git a/test/cfg2cmd/VNC-clipboard-std.conf.cmd b/test/cfg2cmd/VNC-clipboard-std.conf.cmd new file mode 100644 index 000..c0c6cd2 --- /dev/null +++ b/test/cfg2cmd/VNC-clipboard-std.conf.cmd @@ -0,0 +1,27 @@ +/usr/bin/kvm \ + -id 8006 \ + -name 'vm8006,debug-threads=on' \ + -no-shutdown \ + -chardev 'socket,id=qmp,path=/var/run/qemu-server/8006.qmp,server=on,wait=off' \ + -mon 'chardev=qmp,mode=control' \ + -chardev 'socket,id=qmp-event,path=/var/run/qmeventd.sock,reconnect=5' \ + -mon 'chardev=qmp-event,mode=control' \ + -pidfile /var/run/qemu-server/8006.pid \ + -daemonize \ + -smp '1,sockets=1,cores=1,maxcpus=1' \ + -nodefaults \ + -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' \ + -vnc 'unix:/var/run/qemu-server/8006.vnc,password=on' \ + -cpu kvm64,enforce,+kvm_pv_eoi,+kvm_pv_unhalt,+lahf_lm,+sep \ + -m 512 \ + -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' \ + -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' \ + -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' \ + -device 'usb-tablet,id=tablet,bus=uhci.0,port=1' \ + -device 'VGA,id=vga,bus=pci.0,addr=0x2' \ + -device 'virtio-serial,id=spice,bus=pci.0,addr=0x9' \ + -chardev 'qemu-vdagent,id=vdagent,name=vdagent,clipboard=on' \ + -device 'virtserialport,chardev=vdagent,name=com.redhat.spice.0' \ + -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3,free-page-reporting=on' \ + -iscsi 'initiator-name=iqn.1993-08.org.debian:01:aabbccddeeff' \ + -machine 'type=pc+pve0' -- 2.39.2 ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager v13 5/6] add clipboard checkbox to VM Options
Signed-off-by: Markus Frank
---
www/manager6/qemu/DisplayEdit.js | 8 +++
www/manager6/qemu/Options.js | 89
2 files changed, 97 insertions(+)
diff --git a/www/manager6/qemu/DisplayEdit.js b/www/manager6/qemu/DisplayEdit.js
index 9bb1763e..d7cd51a9 100644
--- a/www/manager6/qemu/DisplayEdit.js
+++ b/www/manager6/qemu/DisplayEdit.js
@@ -4,6 +4,9 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
onlineHelp: 'qm_display',
onGetValues: function(values) {
+ if (typeof this.originalConfig.clipboard !== 'undefined') {
+ values.clipboard = this.originalConfig.clipboard;
+ }
let ret = PVE.Parser.printPropertyString(values, 'type');
if (ret === '') {
return { 'delete': 'vga' };
@@ -11,6 +14,11 @@ Ext.define('PVE.qemu.DisplayInputPanel', {
return { vga: ret };
},
+onSetValues: function(values) {
+ this.originalConfig = values;
+ return values;
+},
+
items: [{
name: 'type',
xtype: 'proxmoxKVComboBox',
diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js
index 7b112400..73d0c923 100644
--- a/www/manager6/qemu/Options.js
+++ b/www/manager6/qemu/Options.js
@@ -154,6 +154,95 @@ Ext.define('PVE.qemu.Options', {
},
} : undefined,
},
+ vga: {
+ header: gettext('Clipboard'),
+ defaultValue: false,
+ renderer: function(value) {
+ let vga = PVE.Parser.parsePropertyString(value, 'type');
+ if (vga.clipboard) {
+ return vga.clipboard.toUpperCase();
+ } else {
+ return Proxmox.Utils.defaultText + ' (SPICE)';
+ }
+ },
+ editor: caps.vms['VM.Config.HWType'] ? {
+ xtype: 'proxmoxWindowEdit',
+ subject: gettext('Clipboard'),
+ onlineHelp: 'qm_display',
+ items: {
+ xtype: 'pveDisplayInputPanel',
+ referenceHolder: true,
+ items: [
+ {
+ xtype: 'proxmoxKVComboBox',
+ name: 'clipboard',
+ reference: 'clipboard',
+ itemId: 'clipboardBox',
+ fieldLabel: gettext('Clipboard'),
+ deleteDefaultValue: true,
+ listeners: {
+ change: function(field, value) {
+ let inputpanel = field.up("inputpanel");
+ let vncHint =
inputpanel.lookup('vncHint');
+ let defaultHint =
inputpanel.lookup('defaultHint');
+ if (value === "__default__") {
+ vncHint.setVisible(false);
+ defaultHint.setVisible(true);
+ } else if (value === "vnc") {
+ vncHint.setVisible(true);
+ defaultHint.setVisible(false);
+ }
+ },
+ },
+ value: '__default__',
+ comboItems: [
+ ['__default__', Proxmox.Utils.defaultText +
' (SPICE)'],
+ ['vnc', 'VNC'],
+ ],
+ },
+ {
+ itemId: 'vncHint',
+ name: 'vncHint',
+ reference: 'vncHint',
+ xtype: 'displayfield',
+ userCls: 'pmx-hint',
+ hidden: true,
+ value: 'You cannot use the default SPICE
clipboard' +
+ ' if the VNC Clipboard is selected',
+ },
+
+ {
+ itemId: 'defaultHint',
+ name: 'defaultHint',
+
