Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package virt-manager for openSUSE:Factory
checked in at 2025-08-09 19:58:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/virt-manager (Old)
and /work/SRC/openSUSE:Factory/.virt-manager.new.1085 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "virt-manager"
Sat Aug 9 19:58:47 2025 rev:277 rq:1298223 version:5.0.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/virt-manager/virt-manager.changes
2025-06-26 14:06:29.540795283 +0200
+++ /work/SRC/openSUSE:Factory/.virt-manager.new.1085/virt-manager.changes
2025-08-09 20:04:51.818883544 +0200
@@ -1,0 +2,6 @@
+Mon Jul 28 10:49:22 MDT 2025 - carn...@suse.com
+
+- Add support for creating TDX guests in virt-install
+ 053-virtinst-add-support-for-creating-TDX-guests.patch
+
+-------------------------------------------------------------------
@@ -3477 +3483 @@
-Thu Jan 07 14:25:13 MDT 2014 - carn...@suse.com
+Tue Jan 07 14:25:13 MST 2014 - carn...@suse.com
@@ -3494 +3500 @@
-Mon Dec 9 16:35:32 MDT 2013 - carn...@suse.com
+Mon Dec 9 16:35:32 MST 2013 - carn...@suse.com
@@ -3506 +3512 @@
-Mon Nov 25 16:12:07 MDT 2013 - carn...@suse.com
+Mon Nov 25 16:12:07 MST 2013 - carn...@suse.com
@@ -3941 +3947 @@
-Thu Mar 21 13:34:41 MST 2011 - carn...@novell.com
+Thu Mar 21 13:34:41 MDT 2011 - carn...@novell.com
New:
----
053-virtinst-add-support-for-creating-TDX-guests.patch
----------(New B)----------
New:- Add support for creating TDX guests in virt-install
053-virtinst-add-support-for-creating-TDX-guests.patch
----------(New E)----------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ virt-manager.spec ++++++
--- /var/tmp/diff_new_pack.LvMElZ/_old 2025-08-09 20:04:53.542956030 +0200
+++ /var/tmp/diff_new_pack.LvMElZ/_new 2025-08-09 20:04:53.546956198 +0200
@@ -1,5 +1,5 @@
#
-# spec file
+# spec file for package virt-manager
#
# Copyright (c) 2025 SUSE LLC
#
@@ -86,6 +86,7 @@
Patch50: 050-Validation-allow-spaces-disallow-slashes.patch
Patch51: 051-fix-default-start_folder-to-None.patch
Patch52:
052-Add-Ctrl+Alt+Shift+Esc-key-command-for-loginds-SecureAttentionKey.patch
+Patch53: 053-virtinst-add-support-for-creating-TDX-guests.patch
Patch100:
revert-363fca41-virt-install-Require-osinfo-for-non-x86-HVM-case-too.patch
# SUSE Only
Patch150: virtman-desktop.patch
@@ -302,6 +303,10 @@
donttest="$donttest or testCLI0460virt_clone"
donttest="$donttest or testCLI0461virt_clone"
donttest="$donttest or testCLI0468virt_clone"
+donttest="$donttest or testCLI0472virt_clone_x86_64_launch_security_tdx"
+donttest="$donttest or testCLI0473virt_clone_x86_64_launch_security_tdx_qgs"
+donttest="$donttest or testCLI0474virt_clone_x86_64_launch_security_tdx_full"
+donttest="$donttest or testCLI0475virt_clone"
donttest="$donttest or test_virtinstall_no_testsuite"
donttest="$donttest or testCheckXMLBuilderProps"
donttest="$donttest or testCheckCLISuboptions"
++++++ 051-fix-default-start_folder-to-None.patch ++++++
--- /var/tmp/diff_new_pack.LvMElZ/_old 2025-08-09 20:04:53.786966289 +0200
+++ /var/tmp/diff_new_pack.LvMElZ/_new 2025-08-09 20:04:53.790966457 +0200
@@ -4,11 +4,9 @@
Git: 62f976a61b0363b9e6a0eac1fd2e8553d24d5457
-diff --git a/virtManager/storagebrowse.py b/virtManager/storagebrowse.py
-index 8e8239b4d..d8c70c925 100644
--- a/virtManager/storagebrowse.py
+++ b/virtManager/storagebrowse.py
-@@ -176,6 +176,7 @@ class vmmStorageBrowser(vmmGObjectUI):
+@@ -181,6 +181,7 @@ class vmmStorageBrowser(vmmGObjectUI):
data = _BrowseReasonMetadata(self._browse_reason)
gsettings_key = data.gsettings_key
++++++
052-Add-Ctrl+Alt+Shift+Esc-key-command-for-loginds-SecureAttentionKey.patch
++++++
--- /var/tmp/diff_new_pack.LvMElZ/_old 2025-08-09 20:04:53.806967130 +0200
+++ /var/tmp/diff_new_pack.LvMElZ/_new 2025-08-09 20:04:53.822967803 +0200
@@ -7,11 +7,9 @@
Ctrl+Alt+Shift+Esc that emits SecureAttentionKey to allow login managers to
start
or switch back to the greeter
-diff --git a/virtManager/details/console.py b/virtManager/details/console.py
-index 54b587772..e68bb9ac8 100644
--- a/virtManager/details/console.py
+++ b/virtManager/details/console.py
-@@ -120,6 +120,7 @@ def build_keycombo_menu(on_send_key_fn):
+@@ -119,6 +119,7 @@ def build_keycombo_menu(on_send_key_fn):
make_item("<Control><Alt>BackSpace", ["Control_L", "Alt_L", "BackSpace"])
make_item("<Control><Alt>Delete", ["Control_L", "Alt_L", "Delete"])
++++++ 053-virtinst-add-support-for-creating-TDX-guests.patch ++++++
Subject: virtinst: add support for creating TDX guests
From: Daniel P. Berrangé berra...@redhat.com Tue Jul 8 14:25:17 2025 +0100
Date: Mon Jul 28 15:12:08 2025 +0200:
Git: 1ead880b2e51ae3fab5e103c05fd9cb1c921ec89
A minimal config to enable TDX, with support for attestation
would be
$ virt-install
...args...
--boot uefi \
--machine q35 \
--launchSecurity type=tdx,quoteGenerationService=on
Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
--- /dev/null
+++ b/tests/data/cli/compare/virt-install-x86_64-launch-security-tdx-full.xml
@@ -0,0 +1,83 @@
+<domain type="kvm">
+ <name>vm1</name>
+ <uuid>00000000-1111-2222-3333-444444444444</uuid>
+ <memory>65536</memory>
+ <currentMemory>65536</currentMemory>
+ <vcpu>1</vcpu>
+ <os firmware="efi">
+ <type arch="x86_64" machine="q35">hvm</type>
+ <boot dev="hd"/>
+ </os>
+ <features>
+ <acpi/>
+ <apic/>
+ <vmport state="off"/>
+ </features>
+ <cpu mode="host-passthrough"/>
+ <clock offset="utc">
+ <timer name="rtc" tickpolicy="catchup"/>
+ <timer name="pit" tickpolicy="delay"/>
+ <timer name="hpet" present="no"/>
+ </clock>
+ <pm>
+ <suspend-to-mem enabled="no"/>
+ <suspend-to-disk enabled="no"/>
+ </pm>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <controller type="usb" model="ich9-ehci1"/>
+ <controller type="usb" model="ich9-uhci1">
+ <master startport="0"/>
+ </controller>
+ <controller type="usb" model="ich9-uhci2">
+ <master startport="2"/>
+ </controller>
+ <controller type="usb" model="ich9-uhci3">
+ <master startport="4"/>
+ </controller>
+ <controller type="pci" model="pcie-root"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <interface type="bridge">
+ <source bridge="testsuitebr0"/>
+ <mac address="00:11:22:33:44:55"/>
+ <model type="e1000e"/>
+ </interface>
+ <console type="pty"/>
+ <channel type="spicevmc">
+ <target type="virtio" name="com.redhat.spice.0"/>
+ </channel>
+ <input type="tablet" bus="usb"/>
+ <tpm model="tpm-crb">
+ <backend type="emulator"/>
+ </tpm>
+ <graphics type="spice" port="-1" tlsPort="-1" autoport="yes">
+ <image compression="off"/>
+ </graphics>
+ <sound model="ich9"/>
+ <video>
+ <model type="qxl"/>
+ </video>
+ <redirdev bus="usb" type="spicevmc"/>
+ <redirdev bus="usb" type="spicevmc"/>
+ </devices>
+ <launchSecurity type="tdx">
+ <policy>0x10000000</policy>
+
<mrConfigId>ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v</mrConfigId>
+
<mrOwner>ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v</mrOwner>
+
<mrOwnerConfig>ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v</mrOwnerConfig>
+ <quoteGenerationService path="/var/run/tdx-qgs/qgs.socket"/>
+ </launchSecurity>
+</domain>
--- /dev/null
+++ b/tests/data/cli/compare/virt-install-x86_64-launch-security-tdx-qgs.xml
@@ -0,0 +1,79 @@
+<domain type="kvm">
+ <name>vm1</name>
+ <uuid>00000000-1111-2222-3333-444444444444</uuid>
+ <memory>65536</memory>
+ <currentMemory>65536</currentMemory>
+ <vcpu>1</vcpu>
+ <os firmware="efi">
+ <type arch="x86_64" machine="q35">hvm</type>
+ <boot dev="hd"/>
+ </os>
+ <features>
+ <acpi/>
+ <apic/>
+ <vmport state="off"/>
+ </features>
+ <cpu mode="host-passthrough"/>
+ <clock offset="utc">
+ <timer name="rtc" tickpolicy="catchup"/>
+ <timer name="pit" tickpolicy="delay"/>
+ <timer name="hpet" present="no"/>
+ </clock>
+ <pm>
+ <suspend-to-mem enabled="no"/>
+ <suspend-to-disk enabled="no"/>
+ </pm>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <controller type="usb" model="ich9-ehci1"/>
+ <controller type="usb" model="ich9-uhci1">
+ <master startport="0"/>
+ </controller>
+ <controller type="usb" model="ich9-uhci2">
+ <master startport="2"/>
+ </controller>
+ <controller type="usb" model="ich9-uhci3">
+ <master startport="4"/>
+ </controller>
+ <controller type="pci" model="pcie-root"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <interface type="bridge">
+ <source bridge="testsuitebr0"/>
+ <mac address="00:11:22:33:44:55"/>
+ <model type="e1000e"/>
+ </interface>
+ <console type="pty"/>
+ <channel type="spicevmc">
+ <target type="virtio" name="com.redhat.spice.0"/>
+ </channel>
+ <input type="tablet" bus="usb"/>
+ <tpm model="tpm-crb">
+ <backend type="emulator"/>
+ </tpm>
+ <graphics type="spice" port="-1" tlsPort="-1" autoport="yes">
+ <image compression="off"/>
+ </graphics>
+ <sound model="ich9"/>
+ <video>
+ <model type="qxl"/>
+ </video>
+ <redirdev bus="usb" type="spicevmc"/>
+ <redirdev bus="usb" type="spicevmc"/>
+ </devices>
+ <launchSecurity type="tdx">
+ <quoteGenerationService/>
+ </launchSecurity>
+</domain>
--- /dev/null
+++ b/tests/data/cli/compare/virt-install-x86_64-launch-security-tdx.xml
@@ -0,0 +1,79 @@
+<domain type="kvm">
+ <name>vm1</name>
+ <uuid>00000000-1111-2222-3333-444444444444</uuid>
+ <memory>65536</memory>
+ <currentMemory>65536</currentMemory>
+ <vcpu>1</vcpu>
+ <os firmware="efi">
+ <type arch="x86_64" machine="q35">hvm</type>
+ <boot dev="hd"/>
+ </os>
+ <features>
+ <acpi/>
+ <apic/>
+ <vmport state="off"/>
+ </features>
+ <cpu mode="host-passthrough"/>
+ <clock offset="utc">
+ <timer name="rtc" tickpolicy="catchup"/>
+ <timer name="pit" tickpolicy="delay"/>
+ <timer name="hpet" present="no"/>
+ </clock>
+ <pm>
+ <suspend-to-mem enabled="no"/>
+ <suspend-to-disk enabled="no"/>
+ </pm>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <controller type="usb" model="ich9-ehci1"/>
+ <controller type="usb" model="ich9-uhci1">
+ <master startport="0"/>
+ </controller>
+ <controller type="usb" model="ich9-uhci2">
+ <master startport="2"/>
+ </controller>
+ <controller type="usb" model="ich9-uhci3">
+ <master startport="4"/>
+ </controller>
+ <controller type="pci" model="pcie-root"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <controller type="pci" model="pcie-root-port"/>
+ <interface type="bridge">
+ <source bridge="testsuitebr0"/>
+ <mac address="00:11:22:33:44:55"/>
+ <model type="e1000e"/>
+ </interface>
+ <console type="pty"/>
+ <channel type="spicevmc">
+ <target type="virtio" name="com.redhat.spice.0"/>
+ </channel>
+ <input type="tablet" bus="usb"/>
+ <tpm model="tpm-crb">
+ <backend type="emulator"/>
+ </tpm>
+ <graphics type="spice" port="-1" tlsPort="-1" autoport="yes">
+ <image compression="off"/>
+ </graphics>
+ <sound model="ich9"/>
+ <video>
+ <model type="qxl"/>
+ </video>
+ <redirdev bus="usb" type="spicevmc"/>
+ <redirdev bus="usb" type="spicevmc"/>
+ </devices>
+ <launchSecurity type="tdx">
+ <policy>0x10000000</policy>
+ </launchSecurity>
+</domain>
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@@ -1814,6 +1814,27 @@ def _make_testcases():
testfunc = _create_testfunc(cmd, do_setup)
globals()[name] = testfunc
+c.add_compare(
+ "--boot uefi --machine q35 --launchSecurity type=tdx,policy=0x10000000",
+ "x86_64-launch-security-tdx",
+ prerun_check="11.6.0",
+)
+c.add_compare(
+ "--boot uefi --machine q35 --launchSecurity
type=tdx,quoteGenerationService=on",
+ "x86_64-launch-security-tdx-qgs",
+ prerun_check="11.6.0",
+)
+c.add_compare(
+ "--boot uefi --machine q35 --launchSecurity
type=tdx,policy=0x10000000,mrConfigId=ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v,mrOwner=ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v,mrOwnerConfig=ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v,quoteGenerationSocket=/var/run/tdx-qgs/qgs.socket",
+ "x86_64-launch-security-tdx-full",
+ prerun_check="11.6.0",
+)
+c.add_invalid(
+ "--machine pc --launchSecurity type=tdx,policy=0x10000000",
+ grep="TDX launch security requires a Q35 UEFI machine",
+ prerun_check="11.6.0",
+)
+
_make_testcases()
atexit.register(cleanup)
--- a/virtinst/cli.py
+++ b/virtinst/cli.py
@@ -5041,6 +5041,11 @@ class ParserLaunchSecurity(VirtCLIParser
cls.add_arg("kernelHashes", "kernelHashes", is_onoff=True)
cls.add_arg("authorKey", "authorKey", is_onoff=True)
cls.add_arg("vcek", "vcek", is_onoff=True)
+ cls.add_arg("mrConfigId", "mrConfigId")
+ cls.add_arg("mrOwner", "mrOwner")
+ cls.add_arg("mrOwnerConfig", "mrOwnerConfig")
+ cls.add_arg("quoteGenerationService", "quoteGenerationService",
is_onoff=True)
+ cls.add_arg("quoteGenerationSocket", "quoteGenerationSocket")
###########################
--- a/virtinst/domain/launch_security.py
+++ b/virtinst/domain/launch_security.py
@@ -23,6 +23,11 @@ class DomainLaunchSecurity(XMLBuilder):
kernelHashes = XMLProperty("./@kernelHashes", is_yesno=True)
authorKey = XMLProperty("./@authorKey", is_yesno=True)
vcek = XMLProperty("./@vcek", is_yesno=True)
+ mrConfigId = XMLProperty("./mrConfigId")
+ mrOwner = XMLProperty("./mrOwner")
+ mrOwnerConfig = XMLProperty("./mrOwnerConfig")
+ quoteGenerationService = XMLProperty("./quoteGenerationService",
is_bool=True)
+ quoteGenerationSocket = XMLProperty("./quoteGenerationService/@path")
def _set_defaults_sev(self, guest):
if not guest.os.is_q35() or not guest.is_uefi():
@@ -42,8 +47,14 @@ class DomainLaunchSecurity(XMLBuilder):
if not guest.os.is_q35() or not guest.is_uefi():
raise RuntimeError(_("SEV-SNP launch security requires a Q35 UEFI
machine"))
+ def _set_defaults_tdx(self, guest):
+ if not guest.os.is_q35() or not guest.is_uefi():
+ raise RuntimeError(_("TDX launch security requires a Q35 UEFI
machine"))
+
def set_defaults(self, guest):
if self.type == "sev":
return self._set_defaults_sev(guest)
elif self.type == "sev-snp":
return self._set_defaults_sev_snp(guest)
+ elif self.type == "tdx":
+ return self._set_defaults_tdx(guest)
++++++ virtinst-dont-require-uefi-for-sev-snp.patch ++++++
--- /var/tmp/diff_new_pack.LvMElZ/_old 2025-08-09 20:04:53.946973016 +0200
+++ /var/tmp/diff_new_pack.LvMElZ/_new 2025-08-09 20:04:53.950973185 +0200
@@ -4,9 +4,11 @@
via a pflash device. For SNP guests, the firmware must be provided
as a ROM device.
---- virt-manager-5.0.0/virtinst/domain/launch_security.py.orig 2025-03-06
10:02:31.600954861 -0700
-+++ virt-manager-5.0.0/virtinst/domain/launch_security.py 2025-03-06
14:42:46.001355525 -0700
-@@ -43,7 +43,7 @@ class DomainLaunchSecurity(XMLBuilder):
+Index: virt-manager-5.0.0/virtinst/domain/launch_security.py
+===================================================================
+--- virt-manager-5.0.0.orig/virtinst/domain/launch_security.py
++++ virt-manager-5.0.0/virtinst/domain/launch_security.py
+@@ -48,7 +48,7 @@ class DomainLaunchSecurity(XMLBuilder):
self.policy = "0x07"
def _set_defaults_sev_snp(self, guest):
@@ -14,5 +16,5 @@
+ if not guest.os.is_q35():
raise RuntimeError(_("SEV-SNP launch security requires a Q35 UEFI
machine"))
- def set_defaults(self, guest):
+ def _set_defaults_tdx(self, guest):
++++++ virtman-add-sev-memory-support.patch ++++++
--- /var/tmp/diff_new_pack.LvMElZ/_old 2025-08-09 20:04:54.022976212 +0200
+++ /var/tmp/diff_new_pack.LvMElZ/_new 2025-08-09 20:04:54.026976380 +0200
@@ -171,8 +171,8 @@
===================================================================
--- virt-manager-5.0.0.orig/virtinst/domain/launch_security.py
+++ virt-manager-5.0.0/virtinst/domain/launch_security.py
-@@ -25,8 +25,12 @@ class DomainLaunchSecurity(XMLBuilder):
- vcek = XMLProperty("./@vcek", is_yesno=True)
+@@ -30,8 +30,12 @@ class DomainLaunchSecurity(XMLBuilder):
+ quoteGenerationSocket = XMLProperty("./quoteGenerationService/@path")
def _set_defaults_sev(self, guest):
- if not guest.os.is_q35() or not guest.is_uefi():
