From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id 775621FF13F
	for <inbox@lore.proxmox.com>; Thu, 18 Jun 2026 10:08:21 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 993EBDEB9;
	Thu, 18 Jun 2026 10:08:19 +0200 (CEST)
From: Erik Fastermann <e.fastermann@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [PATCH qemu-server] remote migration: validate custom CPU configs
Date: Thu, 18 Jun 2026 10:08:11 +0200
Message-ID: <20260618080811.20382-1-e.fastermann@proxmox.com>
X-Mailer: git-send-email 2.47.3
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
	AWL                    -0.112 Adjusted score from AWL reputation of From:
 address
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_MISSING             0.1 Missing DMARC policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict
 Alignment
	KAM_LAZY_DOMAIN_SECURITY      1 Sending domain does not have any anti-forgery
 methods
	RDNS_NONE               0.793 Delivered to internal network by a host with no
 rDNS
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_NONE                0.001 SPF: sender does not publish an SPF Record
	URIBL_BLOCKED           0.001 ADMINISTRATOR NOTICE: The query to URIBL was
 blocked.  See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
 for more information. [qemu.pm]
Message-ID-Hash: Y35WWB25CRARMYKHGMO55TB5BZIFFWPQ
X-Message-ID-Hash: Y35WWB25CRARMYKHGMO55TB5BZIFFWPQ
X-MailFrom: efastermann@ruth.proxmox.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
CC: Erik Fastermann <e.fastermann@proxmox.com>
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Owner: <mailto:pve-devel-owner@lists.proxmox.com>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Subscribe: <mailto:pve-devel-join@lists.proxmox.com>
List-Unsubscribe: <mailto:pve-devel-leave@lists.proxmox.com>

Previously, a remote migration would fail with a cryptic error message
if a custom CPU model was selected that did not exist on the target
server. Furthermore, no validation was performed to ensure that the
custom CPU definitions matched between the source and target.

Fix this by comparing the CPU configurations before initiating the
migration and aborting early if they do not match.

Reported-by: Walter Hoos <w.hoos@proxmox.com>
Suggested-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Erik Fastermann <e.fastermann@proxmox.com>
---
 src/PVE/API2/Qemu.pm | 48 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/src/PVE/API2/Qemu.pm b/src/PVE/API2/Qemu.pm
index 54883f1e..3f1362c6 100644
--- a/src/PVE/API2/Qemu.pm
+++ b/src/PVE/API2/Qemu.pm
@@ -5745,6 +5745,54 @@ __PACKAGE__->register_method({
             $param->{online} = 0;
         }
 
+        if (defined($conf->{cpu})) {
+            my $cpu = PVE::JSONSchema::parse_property_string('pve-vm-cpu-conf', $conf->{cpu});
+            my $cputype = $cpu->{cputype};
+            if (defined($cputype) && PVE::QemuServer::CPUConfig::is_custom_model($cputype)) {
+                my $custom_cpu = PVE::QemuServer::CPUConfig::get_custom_model($cputype);
+
+                my $remote_custom_cpu = eval {
+                    $api_client->get("/cluster/qemu/custom-cpu-models/"
+                        . URI::Escape::uri_escape_utf8($cputype));
+                };
+                if (my $err = $@) {
+                    die "cpu $cputype config mismatch: $err\n";
+                }
+
+                my $cpu_fmt = PVE::QemuServer::CPUConfig->options();
+                eval { PVE::JSONSchema::validate($remote_custom_cpu, $cpu_fmt); };
+                if (my $err = $@) {
+                    die "cpu $cputype config mismatch: $err\n";
+                }
+
+                my @custom_cpu_flags = sort split /;/, ($custom_cpu->{flags} // '');
+                my @remote_custom_cpu_flags = sort split /;/,
+                    ($remote_custom_cpu->{flags} // '');
+
+                my $cpu_flags_mismatch_error =
+                    "cpu $cputype config mismatch for flags: local="
+                    . $custom_cpu->{flags}
+                    . ",remote="
+                    . $remote_custom_cpu->{flags} . "\n";
+
+                die $cpu_flags_mismatch_error
+                    if @custom_cpu_flags != @remote_custom_cpu_flags;
+
+                for my $i (0 .. $#custom_cpu_flags) {
+                    die $cpu_flags_mismatch_error
+                        if $custom_cpu_flags[$i] ne $remote_custom_cpu_flags[$i];
+                }
+
+                for my $key (sort keys %$cpu_fmt) {
+                    next if $key eq 'flags';
+                    my $v1 = $custom_cpu->{$key} // '';
+                    my $v2 = $remote_custom_cpu->{$key} // '';
+                    die "cpu $cputype config mismatch for $key: local=$v1,remote=$v2\n"
+                        if $v1 ne $v2;
+                }
+            }
+        }
+
         my $storecfg = PVE::Storage::config();
         my $target_storage = extract_param($param, 'target-storage');
         my $storagemap =
-- 
2.47.3