Signed-off-by: Tim Wiederhake <twiederh@xxxxxxxxxx>
---
src/cpu/cpu.c | 37 +++++++++++++++++++++++++++++++++++++
src/cpu/cpu.h | 6 ++++++
src/libvirt_private.syms | 1 +
3 files changed, 44 insertions(+)
diff --git a/src/cpu/cpu.c b/src/cpu/cpu.c
index dfedf5bbf0..3fd7035f7a 100644
--- a/src/cpu/cpu.c
+++ b/src/cpu/cpu.c
@@ -690,6 +690,43 @@ virCPUCheckFeature(virArch arch,
}
+/**
+ * virCPUCheckForbiddenFeatures:
+ *
+ * @guest: CPU definition
+ * @host: CPU definition
+ *
+ * Checks that @host enables no feature explicitly disabled by @guest.
+ *
+ * Returns 0 on success or -1 on error.
+ */
+int
+virCPUCheckForbiddenFeatures(virCPUDefPtr guest, const virCPUDef *host)
+{
+ size_t i;
+ for (i = 0; i < guest->nfeatures; ++i) {
+ virCPUFeatureDefPtr feature;
+
+ if (guest->features[i].policy != VIR_CPU_FEATURE_FORBID)
+ continue;
+
+ feature = virCPUDefFindFeature(host, guest->features[i].name);
+ if (!feature)
+ continue;
+
+ if (feature->policy == VIR_CPU_FEATURE_DISABLE)
+ continue;
+
+ virReportError(VIR_ERR_CPU_INCOMPATIBLE,
+ _("Host CPU provides forbidden feature '%s'"),
+ guest->features[i].name);
+ return -1;
+ }
+
+ return 0;
+}
+
+
/**
* virCPUDataCheckFeature:
*
diff --git a/src/cpu/cpu.h b/src/cpu/cpu.h
index ff4fb7e103..0b00f0b98d 100644
--- a/src/cpu/cpu.h
+++ b/src/cpu/cpu.h
@@ -228,6 +228,12 @@ virCPUCheckFeature(virArch arch,
ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
+int
+virCPUCheckForbiddenFeatures(virCPUDefPtr guest,
+ const virCPUDef *host)
+ ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2);
+
+
int
virCPUDataCheckFeature(const virCPUData *data,
const char *feature)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 526dcee11a..fa8859a6e3 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1420,6 +1420,7 @@ cpuEncode;
virCPUArchIsSupported;
virCPUBaseline;
virCPUCheckFeature;
+virCPUCheckForbiddenFeatures;
virCPUCompare;
virCPUCompareXML;
virCPUConvertLegacy;
--
2.26.2
