Browse Source

Re-enable SMAP for VMs

Buggy Linux version is no longer present in any supported template (the
last one was Debian jessie).

QubesOS/qubes-issues#2881
Marek Marczykowski-Górecki 3 years ago
parent
commit
8f38753bdb
2 changed files with 0 additions and 22 deletions
  1. 0 20
      qubes/tests/vm/qubesvm.py
  2. 0 2
      templates/libvirt/xen.xml

+ 0 - 20
qubes/tests/vm/qubesvm.py

@@ -832,8 +832,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenfv">hvm</type>
@@ -889,8 +887,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenfv">hvm</type>
@@ -956,8 +952,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenfv">hvm</type>
@@ -1026,8 +1020,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenpvh">xenpvh</type>
@@ -1096,8 +1088,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenpvh">xenpvh</type>
@@ -1167,8 +1157,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenfv">hvm</type>
@@ -1248,8 +1236,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenfv">hvm</type>
@@ -1329,8 +1315,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenfv">hvm</type>
@@ -1431,8 +1415,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenfv">hvm</type>
@@ -1505,8 +1487,6 @@ class TC_90_QubesVM(QubesVMTestsMixin, qubes.tests.QubesTestCase):
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
         </cpu>
         <os>
             <type arch="x86_64" machine="xenfv">hvm</type>

+ 0 - 2
templates/libvirt/xen.xml

@@ -17,8 +17,6 @@
             <!-- disable nested HVM -->
             <feature name='vmx' policy='disable'/>
             <feature name='svm' policy='disable'/>
-            <!-- disable SMAP inside VM, because of Linux bug -->
-            <feature name='smap' policy='disable'/>
             {% if vm.app.host.cpu_family_model in [(6, 58), (6, 62)] -%}
                 <feature name='rdrand' policy='disable'/>
             {% endif -%}