From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 238016A3D1 for ; Thu, 4 Mar 2021 14:31:41 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 115451B164 for ; Thu, 4 Mar 2021 14:31:11 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 015911B156 for ; Thu, 4 Mar 2021 14:31:10 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id BA856462A3 for ; Thu, 4 Mar 2021 14:31:09 +0100 (CET) To: pve-devel@lists.proxmox.com References: <20210304125209.24078-1-s.reiter@proxmox.com> <20210304125209.24078-5-s.reiter@proxmox.com> From: Stefan Reiter Message-ID: <351c417b-a104-3d30-526e-48b66a9d7518@proxmox.com> Date: Thu, 4 Mar 2021 14:31:08 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: <20210304125209.24078-5-s.reiter@proxmox.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.023 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -0.001 Looks like a legit reply (A) RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH qemu-server 4/7] add postinst with Windows device incompatibility workaround X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Mar 2021 13:31:41 -0000 I suppose we should also detect old QEMU versions, so we don't set 5.1 machine versions for QEMU < 5.1. Unlikely, but easy to detect: print "QEMU version too old for workaround" if !min_version(PVE::QemuServer::kvm_user_version(), 5, 1); or similar... I can send a v2 if required. On 04/03/2021 13:52, Stefan Reiter wrote: > ...for QEMU 5.2 > > Add a postinst with some inline perl (to avoid having to install a > seperate file to run) that conservatively does its best to set the > machine version for all VMs the bug might affect to 5.1. > > Signed-off-by: Stefan Reiter > --- > > Requires Fabian's #3301 series: > https://lists.proxmox.com/pipermail/pve-devel/2021-March/047175.html > > I did it as inline perl because I wasn't sure where to put a file containing > this to be able to execute it from postinst without cluttering the machine after > it is done. Feel free to extract it somewhere else if you see fit. > > Might also make sense to update the link from the forum for "more details" to > the cover of this series, or something else... > > debian/postinst | 95 +++++++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 95 insertions(+) > create mode 100755 debian/postinst > > diff --git a/debian/postinst b/debian/postinst > new file mode 100755 > index 0000000..c93dd5d > --- /dev/null > +++ b/debian/postinst > @@ -0,0 +1,95 @@ > +#!/bin/sh > + > +# Abort if any command returns an error value > +set -e > + > +# This script is called as the last step of the installation of the > +# package. All the package's files are in place, dpkg has already > +# done its automatic conffile handling, and all the packages we depend > +# of are already fully installed and configured. > + > +case "$1" in > + configure) > + if test -n "$2"; then > + if dpkg --compare-versions "$2" 'lt' '6.3-6'; then > + echo > + perl <<"EOPERL" > + > +use warnings; > +use strict; > + > +use PVE::Cluster; > +use PVE::QemuConfig; > +use PVE::QemuServer; > +use PVE::QemuServer::Helpers qw(min_version); > + > +print "Pinning Windows VM machine versions to 5.1\n"; > +print "See https://forum.proxmox.com/threads/warning-latest-patch-just-broke-all-my-windows-vms-6-3-4-patch-inside.84915/ for details\n"; > + > +PVE::Cluster::check_cfs_is_mounted(); > +PVE::Cluster::cfs_update(); > + > +my $vms = PVE::QemuServer::vmstatus(undef, 1); > +foreach my $vmid (sort keys %$vms) { > + my $running = defined($vms->{$vmid}->{pid}) ? 1 : 0; > + eval { > + PVE::QemuConfig->lock_config($vmid, sub { > + my $conf = PVE::QemuConfig->load_config($vmid); > + PVE::QemuConfig->check_lock($conf); > + > + return if !$conf->{ostype} || !PVE::QemuServer::windows_version($conf->{ostype}); > + > + if ($running) { > + my $cur_machine = $vms->{$vmid}->{'running-machine'}; > + $cur_machine =~ s/pc(-i440fx|-q35)?-//; > + if (min_version($cur_machine, 5, 2)) { > + print "$vmid: [skip] already running with machine version '$cur_machine'\n"; > + return; > + } > + } > + > + if ($conf->{machine} && $conf->{machine} =~ m/^pc-/) { > + print "$vmid: [skip] already pinned to '$conf->{machine}'\n"; > + return; > + } > + > + if ($conf->{pending}->{machine}) { > + print "$vmid: [skip] machine changed in pending\n"; > + return; > + } > + > + my $cur = $conf->{machine} || "i440fx"; > + $cur = "i440fx" if $cur eq "pc"; > + my $new = "pc-$cur-5.1"; > + > + my $notice = ""; > + if ($running) { > + $conf->{pending}->{machine} = $new; > + $notice = " (after restart)"; > + } else { > + $conf->{machine} = $new; > + } > + > + PVE::QemuConfig->write_config($vmid, $conf); > + print "$vmid: [ OK ] now pinned to '$new'$notice\n"; > + }); > + }; > + warn "$vmid: [warn] failed to update: $@\n" if $@; > +} > + > +print "If you want to upgrade to the newest version, set the machine back to 'latest' in the GUI, or 'pc'/'q35' on the CLI.\n"; > + > +EOPERL > + echo > + fi > + fi > + ;; > + > + abort-upgrade|abort-remove|abort-deconfigure) > + ;; > + > + *) echo "$0: didn't understand being called with \`$1'" 1>&2 > + exit 0;; > +esac > + > +exit 0 >