From f84f04350bf5239e8d00dc3f7acb989398e15a11 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Tue, 16 Feb 2021 10:37:46 +0000
Subject: [PATCH] conf: add support for VNC power control setting
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The <graphics type="vnc" .... powerControl="yes"/> option instructs the
VNC server to enable an extension that lets the client perform a
graceful shutdown, reboot and hard reset.

This is enabled by default since it cannot be assumed that the VNC
client user has administrator rights over the guest OS. In the case
where the VNC user is a guest administrator though, it is reasonable
to allow direct power control host side too.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 docs/formatdomain.rst         |  5 +++++
 docs/schemas/domaincommon.rng |  5 +++++
 src/conf/domain_conf.c        | 15 +++++++++++++++
 src/conf/domain_conf.h        |  1 +
 4 files changed, 26 insertions(+)

diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index b434ada8f0..0123c84c96 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -5791,6 +5791,11 @@ interaction with the admin.
       ``autoport`` having no effect due to security reasons) :since:`Since
       1.0.6` .
 
+      For VNC, the ``powerControl`` attribute can be used to enable VM shutdown,
+      reboot and reset power control features for the VNC client. This is
+      appropriate if the authenticated VNC client user already has administrator
+      privileges in the guest :since:`Since 7.1.0`.
+
       Although VNC doesn't support OpenGL natively, it can be paired with
       graphics type ``egl-headless`` (see below) which will instruct QEMU to
       open and use drm nodes for OpenGL rendering.
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index d73db65742..6dfd551e98 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -3663,6 +3663,11 @@
                   </choice>
                 </attribute>
               </optional>
+              <optional>
+                <attribute name="powerControl">
+                  <ref name="virYesNo"/>
+                </attribute>
+              </optional>
             </group>
             <group>
               <optional>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 8bc68f435b..4da2b7642b 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -13149,6 +13149,7 @@ virDomainGraphicsDefParseXMLVNC(virDomainGraphicsDefPtr def,
     g_autofree char *websocketGenerated = virXMLPropString(node, "websocketGenerated");
     g_autofree char *sharePolicy = virXMLPropString(node, "sharePolicy");
     g_autofree char *autoport = virXMLPropString(node, "autoport");
+    g_autofree char *powerControl = virXMLPropString(node, "powerControl");
 
     if (virDomainGraphicsListensParseXML(def, node, ctxt, flags) < 0)
         return -1;
@@ -13205,6 +13206,16 @@ virDomainGraphicsDefParseXMLVNC(virDomainGraphicsDefPtr def,
         }
     }
 
+    if (powerControl) {
+        int powerControlVal = virTristateBoolTypeFromString(powerControl);
+        if (powerControlVal < 0) {
+            virReportError(VIR_ERR_INTERNAL_ERROR,
+                           _("cannot parse vnc power control '%s'"), powerControl);
+            return -1;
+        }
+        def->data.vnc.powerControl = powerControlVal;
+    }
+
     def->data.vnc.keymap = virXMLPropString(node, "keymap");
 
     if (virDomainGraphicsAuthDefParseXML(node, &def->data.vnc.auth,
@@ -27116,6 +27127,10 @@ virDomainGraphicsDefFormat(virBufferPtr buf,
                               virDomainGraphicsVNCSharePolicyTypeToString(
                               def->data.vnc.sharePolicy));
 
+        if (def->data.vnc.powerControl)
+            virBufferAsprintf(buf, " powerControl='%s'",
+                              virTristateBoolTypeToString(def->data.vnc.powerControl));
+
         virDomainGraphicsAuthDefFormatAttr(buf, &def->data.vnc.auth, flags);
         break;
 
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 930eed60de..881d64bae9 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1712,6 +1712,7 @@ struct _virDomainGraphicsDef {
             char *keymap;
             virDomainGraphicsAuthDef auth;
             int sharePolicy;
+            virTristateBool powerControl;
         } vnc;
         struct {
             char *display;