Re: [PATCH v2 4/5] qemu: command: support crypto device
On 1/17/23 02:46, zhenwei pi wrote:
Support virtio-crypto device, also support cryptodev types:
- builtin
- lkcf
Finally, we can launch a VM(QEMU) with one or more crypto devices by
libvirt.
Signed-off-by: zhenwei pi <pizhenwei(a)bytedance.com>
---
src/qemu/qemu_command.c | 110 +++++++++++++++++++++++++++++++++++++++-
1 file changed, 109 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index bb7031f66d..996a13a77b 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -926,6 +926,12 @@ qemuBuildVirtioDevGetConfigDev(const virDomainDeviceDef *device,
}
break;
+ case VIR_DOMAIN_DEVICE_CRYPTO: {
+ *baseName = "virtio-crypto";
+ *virtioOptions = device->data.crypto->virtio;
+ break;
+ }
+
case VIR_DOMAIN_DEVICE_LEASE:
case VIR_DOMAIN_DEVICE_SOUND:
case VIR_DOMAIN_DEVICE_WATCHDOG:
@@ -942,7 +948,6 @@ qemuBuildVirtioDevGetConfigDev(const virDomainDeviceDef *device,
case VIR_DOMAIN_DEVICE_MEMORY:
case VIR_DOMAIN_DEVICE_IOMMU:
case VIR_DOMAIN_DEVICE_AUDIO:
- case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
default:
break;
@@ -9894,6 +9899,106 @@ qemuBuildVsockCommandLine(virCommand *cmd,
}
+static int
+qemuBuildCryptoBackendProps(virDomainCryptoDef *crypto,
+ virJSONValue **props)
+{
+ g_autofree char *objAlias = NULL;
+
+ objAlias = g_strdup_printf("obj%s", crypto->info.alias);
+
+ switch ((virDomainCryptoBackend) crypto->backend) {
+ case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN:
+ if (qemuMonitorCreateObjectProps(props, "cryptodev-backend-builtin",
+ objAlias, NULL) < 0)
+ return -1;
+
+ break;
+
+ case VIR_DOMAIN_CRYPTO_BACKEND_LKCF:
+ if (qemuMonitorCreateObjectProps(props, "cryptodev-backend-lkcf",
+ objAlias, NULL) < 0)
+ return -1;
+
+ break;
+
+ case VIR_DOMAIN_CRYPTO_BACKEND_LAST:
+ break;
+ }
This can be simplified a bit:
const char *backend = NULL;
switch(crypto->backend) {
case ..._BUILTIN: backend = "...-builtin"; break;
case ..._LKCF: backend = "...-lkcf"; break;
case ..._LAST: break;
}
if (qemuMonitorCreateObjectProps, props, backend, objAlias, ...
+
+ if (virJSONValueObjectAdd(props,
+ "p:queues", crypto->queues,
... and this can be moved into the call too then.
+ NULL) < 0)
+ return -1;
+
+
+ return 0;
+}
What I'm missing in this patch is a xml2argv test case (to verify the
cmd line generator), e.g.:
diff --git c/tests/qemuxml2argvtest.c i/tests/qemuxml2argvtest.c
index 8c52feb83c..3e58a73e41 100644
--- c/tests/qemuxml2argvtest.c
+++ i/tests/qemuxml2argvtest.c
@@ -2983,6 +2983,8 @@ mymain(void)
DO_TEST_CAPS_VER("sgx-epc", "7.0.0");
+ DO_TEST_CAPS_LATEST("crypto-builtin");
+
if (getenv("LIBVIRT_SKIP_CLEANUP") == NULL)
virFileDeleteTree(fakerootdir);
And then "writing" corresponding .args file. Okay, nobody really writes
it by hand, we all just:
libvirt.git/_build/tests $ VIR_TEST_REGENERATE_OUTPUT=1 ./qemuxml2argvtest
and then inspect generated file
(tests/qemuxml2argvdata/crypto-builtin.x86_64-latest.args), thoroughly.
Michal