From: Marc-Andrà Lureau <marcandre.lureau@xxxxxxxxxx> >From a security pov copy and paste between the guest and the client is not always desirable. So we need to be able to enable/disable this. The best place to do this from an administration pov is on the hypervisor, so the qemu cmdline is getting a spice disable-copy-paste option, see bug 693645. Example qemu invocation: qemu -spice port=5932,disable-ticketing,disable-copy-paste https://bugzilla.redhat.com/show_bug.cgi?id=693661 --- docs/formatdomain.html.in | 8 +++++++- docs/schemas/domain.rng | 8 ++++++++ src/conf/domain_conf.c | 11 +++++++++++ src/conf/domain_conf.h | 1 + src/qemu/qemu_command.c | 2 ++ .../qemuxml2argv-graphics-spice-compression.xml | 2 +- .../qemuxml2argv-graphics-spice-qxl-vga.xml | 2 +- .../qemuxml2argv-graphics-spice-timeout.xml | 2 +- .../qemuxml2argv-graphics-spice.args | 2 +- .../qemuxml2argv-graphics-spice.xml | 2 +- 10 files changed, 34 insertions(+), 6 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 98fb2b4..61af08e 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -1833,7 +1833,7 @@ qemu-kvm -net nic,model=? /dev/null and <span class="since">since 0.8.8</span>: <code>smartcard</code>. </p> <pre> - <graphics type='spice' port='-1' tlsPort='-1' autoport='yes'> + <graphics type='spice' port='-1' tlsPort='-1' autoport='yes' disableCopyPaste='no'> <channel name='main' mode='secure'/> <channel name='record' mode='insecure'/> <image compression='auto_glz'/> @@ -1862,6 +1862,12 @@ qemu-kvm -net nic,model=? /dev/null of <code>filter</code>, <code>all</code> or <code>off</code>, <span class="since">since 0.9.2</span>. </p> + <p> + Copy & Paste from guest to client (via Spice agent) + can be disabled by setting + the <code>disableCopyPaste</code> property + to <code>yes</code>, <span class="since">since 0.9.2</span>. + </> </dd> <dt><code>"rdp"</code></dt> <dd> diff --git a/docs/schemas/domain.rng b/docs/schemas/domain.rng index 0be0371..b2333d5 100644 --- a/docs/schemas/domain.rng +++ b/docs/schemas/domain.rng @@ -1293,6 +1293,14 @@ <data type="dateTime"/> </attribute> </optional> + <optional> + <attribute name="disableCopyPaste"> + <choice> + <value>yes</value> + <value>no</value> + </choice> + </attribute> + </optional> <interleave> <zeroOrMore> <element name="channel"> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 65d4f89..61377c3 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -4099,6 +4099,7 @@ virDomainGraphicsDefParseXML(xmlNodePtr node, int flags) { char *port = virXMLPropString(node, "port"); char *tlsPort; char *autoport; + char *disableCopyPaste; if (port) { if (virStrToLong_i(port, NULL, 10, &def->data.spice.port) < 0) { @@ -4143,6 +4144,13 @@ virDomainGraphicsDefParseXML(xmlNodePtr node, int flags) { !def->data.spice.listenAddr[0]) VIR_FREE(def->data.spice.listenAddr); + if ((disableCopyPaste = virXMLPropString(node, "disableCopyPaste")) != NULL) { + if (STREQ(disableCopyPaste, "yes")) { + def->data.spice.disableCopyPaste = true; + } + VIR_FREE(disableCopyPaste); + } + if (virDomainGraphicsAuthDefParseXML(node, &def->data.spice.auth) < 0) goto error; @@ -9190,6 +9198,9 @@ virDomainGraphicsDefFormat(virBufferPtr buf, virBufferEscapeString(buf, " keymap='%s'", def->data.spice.keymap); + virBufferAsprintf(buf, " disableCopyPaste='%s'", + def->data.spice.disableCopyPaste ? "yes" : "no"); + virDomainGraphicsAuthDefFormatAttr(buf, &def->data.spice.auth, flags); break; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 41c8136..9566d51 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -757,6 +757,7 @@ struct _virDomainGraphicsDef { int zlib; int playback; int streaming; + bool disableCopyPaste; } spice; } data; }; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index cb81354..8261088 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4161,6 +4161,8 @@ qemuBuildCommandLine(virConnectPtr conn, if (def->graphics[0]->data.spice.streaming) virBufferAsprintf(&opt, ",streaming-video=%s", virDomainGraphicsSpiceStreamingModeTypeToString(def->graphics[0]->data.spice.streaming)); + if (def->graphics[0]->data.spice.disableCopyPaste) + virBufferAddLit(&opt, ",disable-copy-paste"); virCommandAddArg(cmd, "-spice"); virCommandAddArgBuffer(cmd, &opt); diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-compression.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-compression.xml index 64a6890..e502216 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-compression.xml +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-compression.xml @@ -21,7 +21,7 @@ </disk> <controller type='ide' index='0'/> <input type='mouse' bus='ps2'/> - <graphics type='spice' port='5903' tlsPort='5904' autoport='no' listen='127.0.0.1'> + <graphics type='spice' port='5903' tlsPort='5904' autoport='no' listen='127.0.0.1' disableCopyPaste='no'> <image compression='auto_glz'/> <jpeg compression='auto'/> <zlib compression='auto'/> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-qxl-vga.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-qxl-vga.xml index a38550c..0075d26 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-qxl-vga.xml +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-qxl-vga.xml @@ -21,7 +21,7 @@ </disk> <controller type='ide' index='0'/> <input type='mouse' bus='ps2'/> - <graphics type='spice' port='5903' tlsPort='5904' autoport='no' listen='127.0.0.1'> + <graphics type='spice' port='5903' tlsPort='5904' autoport='no' listen='127.0.0.1' disableCopyPaste='no'> <channel name='main' mode='secure'/> <channel name='inputs' mode='insecure'/> </graphics> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml index 4c0c57e..6b13d6b 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-timeout.xml @@ -71,7 +71,7 @@ </console> <input type='tablet' bus='usb'/> <input type='mouse' bus='ps2'/> - <graphics type='spice' port='5900' autoport='no' passwd='sercet' passwdValidTo='2011-05-31T16:11:22'/> + <graphics type='spice' port='5900' autoport='no' disableCopyPaste='no' passwd='sercet' passwdValidTo='2011-05-31T16:11:22'/> <sound model='ac97'> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </sound> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args index 084a100..c9fdb99 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.args @@ -4,6 +4,6 @@ unix:/tmp/test-monitor,server,nowait -no-acpi -boot c -hda \ /dev/HostVG/QEMUGuest1 -usb -spice port=5903,tls-port=5904,addr=127.0.0.1,\ x509-dir=/etc/pki/libvirt-spice,tls-channel=main,plaintext-channel=inputs,\ image-compression=auto_glz,jpeg-wan-compression=auto,zlib-glz-wan-compression=auto,\ -playback-compression=on,streaming-video=filter -vga \ +playback-compression=on,streaming-video=filter,disable-copy-paste -vga \ qxl -global qxl.vram_size=18874368 -device qxl,id=video1,vram_size=33554432,bus=pci.0,addr=0x4 \ -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 diff --git a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml index 0d3dd48..4b5840c 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml +++ b/tests/qemuxml2argvdata/qemuxml2argv-graphics-spice.xml @@ -21,7 +21,7 @@ </disk> <controller type='ide' index='0'/> <input type='mouse' bus='ps2'/> - <graphics type='spice' port='5903' tlsPort='5904' autoport='no' listen='127.0.0.1'> + <graphics type='spice' port='5903' tlsPort='5904' autoport='no' listen='127.0.0.1' disableCopyPaste='yes'> <channel name='main' mode='secure'/> <channel name='inputs' mode='insecure'/> <image compression='auto_glz'/> -- 1.7.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list