Bug 693645 - RFE: add spice option to enable/disable copy paste
Summary: RFE: add spice option to enable/disable copy paste
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: qemu-kvm
Version: 6.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Hans de Goede
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On: 693638
Blocks: 693510 693661
TreeView+ depends on / blocked
 
Reported: 2011-04-05 07:54 UTC by Hans de Goede
Modified: 2013-01-09 23:44 UTC (History)
8 users (show)

Fixed In Version: qemu-kvm-0.12.1.2-2.165.el6
Doc Type: Enhancement
Doc Text:
Newer spice client and agent versions allow copy and pasting from client to guest, but this may not be desirable in all environments. qemu-kvm-0.12.1.2-2.165.el6 adds a new -spice commandline argument "disable-copy-paste" which allows turning off copy and paste support for the virtual machine being started.
Clone Of:
Environment:
Last Closed: 2011-12-06 15:45:14 UTC
Target Upstream Version:


Attachments (Terms of Use)
Patch adding spice disable-copy-paste option (1.97 KB, patch)
2011-04-05 07:55 UTC, Hans de Goede
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1531 normal SHIPPED_LIVE Moderate: qemu-kvm security, bug fix, and enhancement update 2011-12-06 01:23:30 UTC

Description Hans de Goede 2011-04-05 07:54:00 UTC
From a security pov copy and paste between the guest and the client is not
always desirable. So we need to be able to enable/disable this. The best place
to do this from an administration pov is on the hypervisor, and thus on the qemu cmdline.

I already have patches for spice-server to add a function call which will allow the qemu spice code to enable/disable copy paste, see bug 693638. This bug is for getting the qemu bits of this functionality into place.

I've a patch for this which I'll attach.

Comment 1 Hans de Goede 2011-04-05 07:55:17 UTC
Created attachment 489934 [details]
Patch adding spice disable-copy-paste option

Comment 7 juzhang 2011-06-07 11:06:45 UTC
Mark qa_ack+
Talked to Hans via irc

If you want to test it via qemu-kvm, please add options disable-copy-paste and newer spice-server

-spice port=5932,disable-ticketing,disable-copy-paste

Comment 10 Qunfang Zhang 2011-09-06 02:02:44 UTC
Tested on qemu-kvm-0.12.1.2-2.160.el6, there's no "disable-copy-paste" spice 
option.
Boot with "disable-copy-paste" spice option, QEMU prompts: 
qemu-kvm: -spice port=5930,disable-ticketing,disable-copy-paste: Invalid parameter 'disable-copy-paste'
parse error: port=5930,disable-ticketing,disable-copy-paste

Verified passed on qemu-kvm-0.12.1.2-2.184.el6.
1. Boot RHEL6.2&win7 guest with the following command:

/usr/libexec/qemu-kvm -M rhel6.2.0 -cpu cpu64-rhel6,+x2apic -enable-kvm -m 2048 -smp 2,sockets=2,cores=1,threads=1 -name RHEL6.2-64 -uuid 2b379603-6f73-497c-bbdc-d3dc948248e8 -monitor stdio -rtc base=localtime -boot c -device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x4 -drive file=/home/win7-32-virtio.qcow2,if=none,id=ide-drive-0,format=qcow2,cache=none,werror=stop,rerror=stop -device ide-drive,bus=ide.0,unit=0,drive=ide-drive-0,id=ide0 -netdev tap,id=hostnet0,script=/etc/qemu-ifup -device e1000,netdev=hostnet0,id=net0,mac=00:1a:4a:10:84:09,bus=pci.0,addr=0x3 -chardev socket,id=charchannel0,path=/tmp/foo,server,nowait -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=com.redhat.rhevm.vdsm -chardev spicevmc,id=charchannel1,name=vdagent -device virtserialport,bus=virtio-serial0.0,nr=2,chardev=charchannel1,id=channel1,name=com.redhat.spice.0 -usb -spice port=5930,disable-ticketing,disable-copy-paste -k en-us -vga qxl -global qxl-vga.vram_size=67108864

2. Install qxl driver, spice vdagent, and virtio-serial (win) driver inside guest. 

3.Copy-paste some string between external host and guest, failed. Can not copy-paste.

4.Shutdown guest, boot guest again while removing "disable-copy-paste" option.

5.Copy-paste some string between external host and guest, succeed. The content is well copied and pasted.

So, this issue is verified pass.

Comment 12 Hans de Goede 2011-11-18 09:16:58 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Newer spice client and agent versions allow copy and pasting from client to guest, but this may not be desirable in all environments.

qemu-kvm-0.12.1.2-2.165.el6 adds a new -spice commandline argument "disable-copy-paste" which allows turning off copy and paste support for the virtual machine being started.

Comment 13 errata-xmlrpc 2011-12-06 15:45:14 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2011-1531.html


Note You need to log in before you can comment on or make changes to this bug.