9:29 p.m.
Support a new device type 'crypto'.
Signed-off-by: zhenwei pi <pizhenwei(a)bytedance.com>
---
src/conf/domain_conf.c | 191 +++++++++++++++++++++++++++++++++
src/conf/domain_conf.h | 40 +++++++
src/conf/domain_postparse.c | 1 +
src/conf/domain_validate.c | 18 ++++
src/conf/virconftypes.h | 2 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_command.c | 1 +
src/qemu/qemu_domain.c | 3 +
src/qemu/qemu_domain_address.c | 26 +++++
src/qemu/qemu_driver.c | 5 +
src/qemu/qemu_hotplug.c | 3 +
src/qemu/qemu_validate.c | 22 ++++
12 files changed, 313 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 6c088ff295..74448fe627 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -332,6 +332,7 @@ VIR_ENUM_IMPL(virDomainDevice,
"iommu",
"vsock",
"audio",
+ "crypto",
);
VIR_ENUM_IMPL(virDomainDiskDevice,
@@ -1314,6 +1315,22 @@ VIR_ENUM_IMPL(virDomainVsockModel,
"virtio-non-transitional",
);
+VIR_ENUM_IMPL(virDomainCryptoModel,
+ VIR_DOMAIN_CRYPTO_MODEL_LAST,
+ "virtio",
+);
+
+VIR_ENUM_IMPL(virDomainCryptoType,
+ VIR_DOMAIN_CRYPTO_TYPE_LAST,
+ "qemu",
+);
+
+VIR_ENUM_IMPL(virDomainCryptoBackend,
+ VIR_DOMAIN_CRYPTO_BACKEND_LAST,
+ "builtin",
+ "lkcf",
+);
+
VIR_ENUM_IMPL(virDomainDiskDiscard,
VIR_DOMAIN_DISK_DISCARD_LAST,
"default",
@@ -3464,6 +3481,9 @@ void virDomainDeviceDefFree(virDomainDeviceDef *def)
case VIR_DOMAIN_DEVICE_AUDIO:
virDomainAudioDefFree(def->data.audio);
break;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ virDomainCryptoDefFree(def->data.crypto);
+ break;
case VIR_DOMAIN_DEVICE_LAST:
case VIR_DOMAIN_DEVICE_NONE:
break;
@@ -3807,6 +3827,10 @@ void virDomainDefFree(virDomainDef *def)
virDomainPanicDefFree(def->panics[i]);
g_free(def->panics);
+ for (i = 0; i < def->ncryptos; i++)
+ virDomainCryptoDefFree(def->cryptos[i]);
+ g_free(def->cryptos);
+
virDomainIOMMUDefFree(def->iommu);
g_free(def->idmap.uidmap);
@@ -4360,6 +4384,8 @@ virDomainDeviceGetInfo(const virDomainDeviceDef *device)
return &device->data.iommu->info;
case VIR_DOMAIN_DEVICE_VSOCK:
return &device->data.vsock->info;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ return &device->data.crypto->info;
/* The following devices do not contain virDomainDeviceInfo */
case VIR_DOMAIN_DEVICE_LEASE:
@@ -4462,6 +4488,9 @@ virDomainDeviceSetData(virDomainDeviceDef *device,
case VIR_DOMAIN_DEVICE_AUDIO:
device->data.audio = devicedata;
break;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ device->data.crypto = devicedata;
+ break;
case VIR_DOMAIN_DEVICE_NONE:
case VIR_DOMAIN_DEVICE_LAST:
break;
@@ -4673,6 +4702,13 @@ virDomainDeviceInfoIterateFlags(virDomainDef *def,
return rc;
}
+ device.type = VIR_DOMAIN_DEVICE_CRYPTO;
+ for (i = 0; i < def->ncryptos; i++) {
+ device.data.crypto = def->cryptos[i];
+ if ((rc = cb(def, &device, &def->cryptos[i]->info, opaque)) != 0)
+ return rc;
+ }
+
/* If the flag below is set, make sure @cb can handle @info being NULL */
if (iteratorFlags & DOMAIN_DEVICE_ITERATE_MISSING_INFO) {
device.type = VIR_DOMAIN_DEVICE_GRAPHICS;
@@ -4731,6 +4767,7 @@ virDomainDeviceInfoIterateFlags(virDomainDef *def,
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_VSOCK:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
break;
}
#endif
@@ -13417,6 +13454,94 @@ virDomainVsockDefParseXML(virDomainXMLOption *xmlopt,
return g_steal_pointer(&vsock);
}
+
+static virDomainCryptoDef *
+virDomainCryptoDefParseXML(virDomainXMLOption *xmlopt,
+ xmlNodePtr node,
+ xmlXPathContextPtr ctxt,
+ unsigned int flags)
+{
+ virDomainCryptoDef *def;
+ VIR_XPATH_NODE_AUTORESTORE(ctxt)
+ int nbackends;
+ g_autofree xmlNodePtr *backends = NULL;
+ g_autofree char *model = NULL;
+ g_autofree char *backend = NULL;
+ g_autofree char *type = NULL;
+
+ def = g_new0(virDomainCryptoDef, 1);
+
+ if (!(model = virXMLPropString(node, "model"))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s", _("missing crypto device
model"));
+ goto error;
+ }
+
+ if ((def->model = virDomainCryptoModelTypeFromString(model)) < 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("unknown crypto model
'%s'"), model);
+ goto error;
+ }
+
+ if (!(type = virXMLPropString(node, "type"))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s", _("missing crypto device
type"));
+ goto error;
+ }
+
+ if ((def->type = virDomainCryptoTypeTypeFromString(type)) < 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("unknown crypto type
'%s'"), model);
+ goto error;
+ }
+
+ ctxt->node = node;
+
+ if ((nbackends = virXPathNodeSet("./backend", ctxt, &backends)) <
0)
+ goto error;
+
+ if (nbackends != 1) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("only one crypto backend is supported"));
+ goto error;
+ }
+
+ if (!(backend = virXMLPropString(backends[0], "model"))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("missing crypto device backend model"));
+ goto error;
+ }
+
+ if ((def->backend = virDomainCryptoBackendTypeFromString(backend)) < 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("unknown crypto backend model '%s'"),
backend);
+ goto error;
+ }
+
+ if (virXMLPropUInt(backends[0], "queues", 10, VIR_XML_PROP_NONE,
&def->queues) < 0) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("parsing crypto device queues failed"));
+ goto error;
+ }
+
+ switch ((virDomainCryptoBackend) def->backend) {
+ case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN:
+ case VIR_DOMAIN_CRYPTO_BACKEND_LKCF:
+ case VIR_DOMAIN_CRYPTO_BACKEND_LAST:
+ break;
+ }
+
+ if (virDomainDeviceInfoParseXML(xmlopt, node, ctxt, &def->info, flags) <
0)
+ goto error;
+
+ if (virDomainVirtioOptionsParseXML(virXPathNode("./driver", ctxt),
+ &def->virtio) < 0)
+ goto error;
+
+ return def;
+
+ error:
+ g_clear_pointer(&def, virDomainCryptoDefFree);
+ return NULL;
+}
+
+
virDomainDeviceDef *
virDomainDeviceDefParse(const char *xmlStr,
const virDomainDef *def,
@@ -13578,6 +13703,11 @@ virDomainDeviceDefParse(const char *xmlStr,
flags)))
return NULL;
break;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ if (!(dev->data.crypto = virDomainCryptoDefParseXML(xmlopt, node, ctxt,
+ flags)))
+ return NULL;
+ break;
case VIR_DOMAIN_DEVICE_NONE:
case VIR_DOMAIN_DEVICE_LAST:
break;
@@ -18670,6 +18800,21 @@ virDomainDefParseXML(xmlXPathContextPtr ctxt,
}
VIR_FREE(nodes);
+ /* Parse the crypto devices */
+ if ((n = virXPathNodeSet("./devices/crypto", ctxt, &nodes)) < 0)
+ return NULL;
+ if (n)
+ def->cryptos = g_new0(virDomainCryptoDef *, n);
+ for (i = 0; i < n; i++) {
+ virDomainCryptoDef *crypto = virDomainCryptoDefParseXML(xmlopt, nodes[i],
+ ctxt, flags);
+ if (!crypto)
+ return NULL;
+
+ def->cryptos[def->ncryptos++] = crypto;
+ }
+ VIR_FREE(nodes);
+
/* Parse the TPM devices */
if ((n = virXPathNodeSet("./devices/tpm", ctxt, &nodes)) < 0)
return NULL;
@@ -21210,6 +21355,7 @@ virDomainDefCheckABIStabilityFlags(virDomainDef *src,
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_VSOCK:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
break;
}
#endif
@@ -24562,6 +24708,47 @@ virDomainRNGDefFree(virDomainRNGDef *def)
}
+static int
+virDomainCryptoDefFormat(virBuffer *buf,
+ virDomainCryptoDef *def,
+ unsigned int flags)
+{
+ const char *model = virDomainCryptoModelTypeToString(def->model);
+ const char *type = virDomainCryptoTypeTypeToString(def->model);
+ const char *backend = virDomainCryptoBackendTypeToString(def->backend);
+ g_auto(virBuffer) driverAttrBuf = VIR_BUFFER_INITIALIZER;
+
+ virBufferAsprintf(buf, "<crypto model='%s'
type='%s'>\n", model, type);
+ virBufferAdjustIndent(buf, 2);
+ virBufferAsprintf(buf, "<backend model='%s'", backend);
+ if (def->queues)
+ virBufferAsprintf(buf, " queues='%d'", def->queues);
+ virBufferAddLit(buf, "/>\n");
+
+ virDomainVirtioOptionsFormat(&driverAttrBuf, def->virtio);
+
+ virXMLFormatElement(buf, "driver", &driverAttrBuf, NULL);
+
+ virDomainDeviceInfoFormat(buf, &def->info, flags);
+
+ virBufferAdjustIndent(buf, -2);
+ virBufferAddLit(buf, "</crypto>\n");
+
+ return 0;
+}
+
+void
+virDomainCryptoDefFree(virDomainCryptoDef *def)
+{
+ if (!def)
+ return;
+
+ virDomainDeviceInfoClear(&def->info);
+ g_free(def->virtio);
+ g_free(def);
+}
+
+
static int
virDomainMemorySourceDefFormat(virBuffer *buf,
virDomainMemoryDef *def)
@@ -27261,6 +27448,10 @@ virDomainDefFormatInternalSetRootName(virDomainDef *def,
return -1;
}
+ for (n = 0; n < def->ncryptos; n++) {
+ if (virDomainCryptoDefFormat(buf, def->cryptos[n], flags))
+ return -1;
+ }
if (def->iommu)
virDomainIOMMUDefFormat(buf, def->iommu);
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 1404c55053..9062250d60 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -86,6 +86,7 @@ typedef enum {
VIR_DOMAIN_DEVICE_IOMMU,
VIR_DOMAIN_DEVICE_VSOCK,
VIR_DOMAIN_DEVICE_AUDIO,
+ VIR_DOMAIN_DEVICE_CRYPTO,
VIR_DOMAIN_DEVICE_LAST
} virDomainDeviceType;
@@ -118,6 +119,7 @@ struct _virDomainDeviceDef {
virDomainIOMMUDef *iommu;
virDomainVsockDef *vsock;
virDomainAudioDef *audio;
+ virDomainCryptoDef *crypto;
} data;
};
@@ -2858,6 +2860,34 @@ struct _virDomainVsockDef {
virDomainVirtioOptions *virtio;
};
+typedef enum {
+ VIR_DOMAIN_CRYPTO_MODEL_VIRTIO,
+
+ VIR_DOMAIN_CRYPTO_MODEL_LAST
+} virDomainCryptoModel;
+
+typedef enum {
+ VIR_DOMAIN_CRYPTO_TYPE_QEMU,
+
+ VIR_DOMAIN_CRYPTO_TYPE_LAST
+} virDomainCryptoType;
+
+typedef enum {
+ VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN,
+ VIR_DOMAIN_CRYPTO_BACKEND_LKCF,
+
+ VIR_DOMAIN_CRYPTO_BACKEND_LAST
+} virDomainCryptoBackend;
+
+struct _virDomainCryptoDef {
+ virDomainCryptoModel model;
+ virDomainCryptoType type;
+ virDomainCryptoBackend backend;
+ unsigned int queues;
+ virDomainDeviceInfo info;
+ virDomainVirtioOptions *virtio;
+};
+
struct _virDomainVirtioOptions {
virTristateSwitch iommu;
virTristateSwitch ats;
@@ -3023,6 +3053,9 @@ struct _virDomainDef {
size_t nsysinfo;
virSysinfoDef **sysinfo;
+ size_t ncryptos;
+ virDomainCryptoDef **cryptos;
+
/* At maximum 2 TPMs on the domain if a TPM Proxy is present. */
size_t ntpms;
virDomainTPMDef **tpms;
@@ -3274,6 +3307,7 @@ struct _virDomainXMLPrivateDataCallbacks {
virDomainXMLPrivateDataNewFunc vcpuNew;
virDomainXMLPrivateDataNewFunc chrSourceNew;
virDomainXMLPrivateDataNewFunc vsockNew;
+ virDomainXMLPrivateDataNewFunc cryptoNew;
virDomainXMLPrivateDataNewFunc graphicsNew;
virDomainXMLPrivateDataNewFunc networkNew;
virDomainXMLPrivateDataNewFunc videoNew;
@@ -3440,6 +3474,9 @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainIOMMUDef,
virDomainIOMMUDefFree);
virDomainVsockDef *virDomainVsockDefNew(virDomainXMLOption *xmlopt);
void virDomainVsockDefFree(virDomainVsockDef *vsock);
G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainVsockDef, virDomainVsockDefFree);
+virDomainCryptoDef *virDomainCryptoDefNew(virDomainXMLOption *xmlopt);
+void virDomainCryptoDefFree(virDomainCryptoDef *crypto);
+G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainCryptoDef, virDomainCryptoDefFree);
void virDomainNetTeamingInfoFree(virDomainNetTeamingInfo *teaming);
G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainNetTeamingInfo, virDomainNetTeamingInfoFree);
void virDomainNetDefFree(virDomainNetDef *def);
@@ -4089,6 +4126,9 @@ VIR_ENUM_DECL(virDomainMemorySource);
VIR_ENUM_DECL(virDomainMemoryAllocation);
VIR_ENUM_DECL(virDomainIOMMUModel);
VIR_ENUM_DECL(virDomainVsockModel);
+VIR_ENUM_DECL(virDomainCryptoModel);
+VIR_ENUM_DECL(virDomainCryptoType);
+VIR_ENUM_DECL(virDomainCryptoBackend);
VIR_ENUM_DECL(virDomainShmemModel);
VIR_ENUM_DECL(virDomainShmemRole);
VIR_ENUM_DECL(virDomainLaunchSecurity);
diff --git a/src/conf/domain_postparse.c b/src/conf/domain_postparse.c
index 9a3e8f494c..c4184a2c28 100644
--- a/src/conf/domain_postparse.c
+++ b/src/conf/domain_postparse.c
@@ -730,6 +730,7 @@ virDomainDeviceDefPostParseCommon(virDomainDeviceDef *dev,
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
ret = 0;
break;
diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index 2c63a0b343..6651906d73 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -2412,6 +2412,21 @@ virDomainVsockDefValidate(const virDomainVsockDef *vsock)
}
+static int
+virDomainCryptoDefValidate(const virDomainCryptoDef *crypto)
+{
+ switch (crypto->model) {
+ case VIR_DOMAIN_CRYPTO_MODEL_VIRTIO:
+ break;
+ case VIR_DOMAIN_CRYPTO_MODEL_LAST:
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+
+
static int
virDomainInputDefValidate(const virDomainInputDef *input,
const virDomainDef *def)
@@ -2836,6 +2851,9 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
case VIR_DOMAIN_DEVICE_VSOCK:
return virDomainVsockDefValidate(dev->data.vsock);
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ return virDomainCryptoDefValidate(dev->data.crypto);
+
case VIR_DOMAIN_DEVICE_INPUT:
return virDomainInputDefValidate(dev->data.input, def);
diff --git a/src/conf/virconftypes.h b/src/conf/virconftypes.h
index 154805091a..2d7ae66f4b 100644
--- a/src/conf/virconftypes.h
+++ b/src/conf/virconftypes.h
@@ -248,6 +248,8 @@ typedef struct _virDomainVirtioSerialOpts virDomainVirtioSerialOpts;
typedef struct _virDomainVsockDef virDomainVsockDef;
+typedef struct _virDomainCryptoDef virDomainCryptoDef;
+
typedef struct _virDomainWatchdogDef virDomainWatchdogDef;
typedef struct _virDomainXMLOption virDomainXMLOption;
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index ae746a2d51..3e7de95446 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -301,6 +301,7 @@ virDomainControllerRemove;
virDomainControllerTypeToString;
virDomainCpuPlacementModeTypeFromString;
virDomainCpuPlacementModeTypeToString;
+virDomainCryptoDefFree;
virDomainDefAddController;
virDomainDefAddImplicitDevices;
virDomainDefAddUSBController;
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index ee2e873b95..4c001f72a5 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -941,6 +941,7 @@ qemuBuildVirtioDevGetConfigDev(const virDomainDeviceDef *device,
case VIR_DOMAIN_DEVICE_MEMORY:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
default:
break;
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 5c05032ce3..3509deb863 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -5917,6 +5917,7 @@ qemuDomainDeviceDefPostParse(virDomainDeviceDef *dev,
case VIR_DOMAIN_DEVICE_RNG:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
ret = 0;
break;
@@ -10039,6 +10040,7 @@ qemuDomainPrepareChardevSourceOne(virDomainDeviceDef *dev,
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_VSOCK:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
break;
}
@@ -11781,6 +11783,7 @@ qemuDomainDeviceBackendChardevForeachOne(virDomainDeviceDef *dev,
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_VSOCK:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
/* no chardev backend */
break;
}
diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
index b8d1969fbe..9529bd9a8d 100644
--- a/src/qemu/qemu_domain_address.c
+++ b/src/qemu/qemu_domain_address.c
@@ -405,6 +405,12 @@ qemuDomainPrimeVirtioDeviceAddresses(virDomainDef *def,
def->vsock->info.type = type;
}
}
+
+ for (i = 0; i < def->ncryptos; i++) {
+ /* All <crypto> devices accepted by the qemu driver are virtio */
+ if (def->cryptos[i]->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE)
+ def->cryptos[i]->info.type = type;
+ }
}
@@ -544,6 +550,7 @@ qemuDomainDeviceSupportZPCI(virDomainDeviceDef *device)
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_VSOCK:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
break;
case VIR_DOMAIN_DEVICE_NONE:
@@ -1045,6 +1052,15 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDeviceDef *dev,
}
break;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ switch (dev->data.crypto->model) {
+ case VIR_DOMAIN_CRYPTO_MODEL_VIRTIO:
+ return pciFlags;
+ case VIR_DOMAIN_CRYPTO_MODEL_LAST:
+ return 0;
+ }
+ break;
+
/* These devices don't ever connect with PCI */
case VIR_DOMAIN_DEVICE_NVRAM:
case VIR_DOMAIN_DEVICE_TPM:
@@ -2428,6 +2444,16 @@ qemuDomainAssignDevicePCISlots(virDomainDef *def,
}
}
+ /* the qemu driver only accepts virtio crypto devices */
+ for (i = 0; i < def->ncryptos; i++) {
+ if (!virDeviceInfoPCIAddressIsWanted(&def->cryptos[i]->info))
+ continue;
+
+ if (qemuDomainPCIAddressReserveNextAddr(addrs, &def->cryptos[i]->info)
< 0)
+ return -1;
+ }
+
+
return 0;
}
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index d509582719..ed9e32447b 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -6762,6 +6762,7 @@ qemuDomainAttachDeviceLive(virDomainObj *vm,
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("live attach of device '%s' is not
supported"),
@@ -7073,6 +7074,7 @@ qemuDomainUpdateDeviceLive(virDomainObj *vm,
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_VSOCK:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("live update of device '%s' is not
supported"),
@@ -7284,6 +7286,7 @@ qemuDomainAttachDeviceConfig(virDomainDef *vmdef,
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("persistent attach of device '%s' is not
supported"),
@@ -7489,6 +7492,7 @@ qemuDomainDetachDeviceConfig(virDomainDef *vmdef,
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("persistent detach of device '%s' is not
supported"),
@@ -7614,6 +7618,7 @@ qemuDomainUpdateDeviceConfig(virDomainDef *vmdef,
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_VSOCK:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("persistent update of device '%s' is not
supported"),
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 6e300f547c..bfb6409051 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -5016,6 +5016,7 @@ qemuDomainRemoveAuditDevice(virDomainObj *vm,
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
/* libvirt doesn't yet support detaching these devices */
break;
@@ -5119,6 +5120,7 @@ qemuDomainRemoveDevice(virQEMUDriver *driver,
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("don't know how to remove a %s device"),
@@ -5972,6 +5974,7 @@ qemuDomainDetachDeviceLive(virDomainObj *vm,
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("live detach of device '%s' is not
supported"),
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index c687df0bfc..765906c914 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -4504,6 +4504,25 @@ qemuValidateDomainDeviceDefAudio(virDomainAudioDef *audio,
}
+static int
+qemuValidateDomainDeviceDefCrypto(virDomainCryptoDef *crypto,
+ const virDomainDef *def G_GNUC_UNUSED,
+ virQEMUCaps *qemuCaps G_GNUC_UNUSED)
+{
+ switch (crypto->type) {
+ case VIR_DOMAIN_CRYPTO_TYPE_QEMU:
+ break;
+
+ case VIR_DOMAIN_CRYPTO_TYPE_LAST:
+ default:
+ virReportEnumRangeError(virDomainCryptoType, crypto->type);
+ return -1;
+ }
+
+ return 0;
+}
+
+
static int
qemuSoundCodecTypeToCaps(int type)
{
@@ -5211,6 +5230,9 @@ qemuValidateDomainDeviceDef(const virDomainDeviceDef *dev,
case VIR_DOMAIN_DEVICE_AUDIO:
return qemuValidateDomainDeviceDefAudio(dev->data.audio, def, qemuCaps);
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ return qemuValidateDomainDeviceDefCrypto(dev->data.crypto, def, qemuCaps);
+
case VIR_DOMAIN_DEVICE_LEASE:
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_NONE:
--
2.34.1