From a1ee3a084c79772cd2b0c809f1e538547ccea5e8 Mon Sep 17 00:00:00 2001
From: Rajesh Tailor <ratailor@redhat.com>
Date: Sun, 6 May 2018 14:31:02 +0530
Subject: [PATCH] Lift restriction of choices for 'cpu_model_extra_flags'

Commit c12e3580 (Handle libvirt/cpu_model_extra_flags option)
added support for handling invididual CPU feature flags, but
restricted the options only to "PCID".

In this change, we lift the restriction of choices, and allow
to specify multiple CPU feature flags for all three CPU modes
for the libvirt driver: 'custom', 'host-model' and 'host-passthrough'.

NOTE: The related changes are done in change:
Id4f2cad2e0b0c34a7a68d0b3a6f69b44816f4cd9

Change-Id: I688436ca4449e1865549acc7481ef1978644c528
---
 manifests/compute/libvirt.pp                   | 18 +++++++++++++-----
 .../extra_cpu_flags-2de6915770ac9514.yaml      | 10 ++++++----
 spec/classes/nova_compute_libvirt_spec.rb      | 10 ++++++++--
 3 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/manifests/compute/libvirt.pp b/manifests/compute/libvirt.pp
index 9ae8cd585..a495386d9 100644
--- a/manifests/compute/libvirt.pp
+++ b/manifests/compute/libvirt.pp
@@ -35,8 +35,8 @@
 #
 # [*libvirt_cpu_model_extra_flags*]
 #   (optional) This allows specifying granular CPU feature flags when
-#   specifying CPU models. Only valid, if cpu_mode and cpu_model
-#   attributes are specified and only if cpu_mode="custom".
+#   specifying CPU models. Only has effect if cpu_mode is not set
+#   to 'none'.
 #   Defaults to undef
 #
 # [*libvirt_snapshot_image_format*]
@@ -264,19 +264,27 @@ class nova::compute::libvirt (
     validate_string($libvirt_cpu_model)
     nova_config {
       'libvirt/cpu_model': value => $libvirt_cpu_model;
-      'libvirt/cpu_model_extra_flags': value => $libvirt_cpu_model_extra_flags;
     }
   } else {
     nova_config {
       'libvirt/cpu_model': ensure => absent;
-      'libvirt/cpu_model_extra_flags': ensure => absent;
     }
     if $libvirt_cpu_model {
       warning('$libvirt_cpu_model requires that $libvirt_cpu_mode => "custom" and will be ignored')
     }
+  }
 
+  if $libvirt_cpu_mode_real != 'none' {
+    validate_string($libvirt_cpu_model_extra_flags)
+    nova_config {
+      'libvirt/cpu_model_extra_flags': value => $libvirt_cpu_model_extra_flags;
+    }
+  } else {
+    nova_config {
+      'libvirt/cpu_model_extra_flags': ensure => absent;
+    }
     if $libvirt_cpu_model_extra_flags {
-      warning('$libvirt_cpu_model_extra_flags requires that $libvirt_cpu_mode => "custom" and will be ignored')
+      warning('$libvirt_cpu_model_extra_flags requires that $libvirt_cpu_mode is not set to "none" and will be ignored')
     }
   }
 
diff --git a/releasenotes/notes/extra_cpu_flags-2de6915770ac9514.yaml b/releasenotes/notes/extra_cpu_flags-2de6915770ac9514.yaml
index fc94448f1..6db7c968d 100644
--- a/releasenotes/notes/extra_cpu_flags-2de6915770ac9514.yaml
+++ b/releasenotes/notes/extra_cpu_flags-2de6915770ac9514.yaml
@@ -1,10 +1,12 @@
 ---
 features:
   - |
-    This allows for specifying granular CPU feature flags, when
-    specifying CPU models. It should be set only if ``cpu_mode``
-    and ``cpu_model`` conf parameter are set and ``cpu_mode``
-    parameter value is set to "custom".
+    The libvirt driver now allows specifying individual CPU feature
+    flags for guest, via a new configuration parameter
+    ``[libvirt]/cpu_model_extra_flags`` -- this is valid in combination
+    with all the three possible values for ``[libvirt]/cpu_mode``:
+    ``custom``, ``host-model`` and ``host-passthrough``. The
+    ``cpu_model_extra_flags`` allows specifying multiple CPU flags.
     The recent "Meltdown" CVE fixes have resulted in critical
     performance penalty which impacts every Nova guest within
     certain CPU models.
diff --git a/spec/classes/nova_compute_libvirt_spec.rb b/spec/classes/nova_compute_libvirt_spec.rb
index 1e8e150ff..811c38254 100644
--- a/spec/classes/nova_compute_libvirt_spec.rb
+++ b/spec/classes/nova_compute_libvirt_spec.rb
@@ -13,6 +13,12 @@ describe 'nova::compute::libvirt' do
 
     describe 'with default parameters' do
 
+      let :params do
+        {
+          :libvirt_cpu_model_extra_flags  => 'pcid,pdpe1gb',
+        }
+      end
+
       it { is_expected.to contain_class('nova::params')}
 
       it {
@@ -46,7 +52,7 @@ describe 'nova::compute::libvirt' do
       it { is_expected.to contain_nova_config('libvirt/virt_type').with_value('kvm')}
       it { is_expected.to contain_nova_config('libvirt/cpu_mode').with_value('host-model')}
       it { is_expected.to contain_nova_config('libvirt/cpu_model').with_ensure('absent')}
-      it { is_expected.to contain_nova_config('libvirt/cpu_model_extra_flags').with_ensure('absent')}
+      it { is_expected.to contain_nova_config('libvirt/cpu_model_extra_flags').with_ensure('pcid,pdpe1gb')}
       it { is_expected.to contain_nova_config('libvirt/snapshot_image_format').with_ensure('absent')}
       it { is_expected.to contain_nova_config('libvirt/disk_cachemodes').with_ensure('absent')}
       it { is_expected.to contain_nova_config('libvirt/inject_password').with_value(false)}
@@ -96,7 +102,7 @@ describe 'nova::compute::libvirt' do
       it { is_expected.to contain_nova_config('libvirt/virt_type').with_value('qemu')}
       it { is_expected.to contain_nova_config('libvirt/cpu_mode').with_value('host-passthrough')}
       it { is_expected.to contain_nova_config('libvirt/cpu_model').with_ensure('absent')}
-      it { is_expected.to contain_nova_config('libvirt/cpu_model_extra_flags').with_ensure('absent')}
+      it { is_expected.to contain_nova_config('libvirt/cpu_model_extra_flags').with_ensure('pcid')}
       it { is_expected.to contain_nova_config('libvirt/snapshot_image_format').with_ensure('absent')}
       it { is_expected.to contain_nova_config('libvirt/disk_cachemodes').with_value('file=directsync,block=none')}
       it { is_expected.to contain_nova_config('libvirt/hw_disk_discard').with_value('unmap')}