[libvirt][PATCH v15 4/9] conf: expose SGX feature in domain capabilities

Wednesday, 31 August 2022

From: Haibin Huang <haibin.huang(a)intel.com&gt;

Extend hypervisor capabilities to include sgx feature. When available,
the hypervisor supports launching an VM with SGX on Intel platfrom.
The SGX feature tag privides additional details like section size and
sgx1 or sgx2.

Signed-off-by: Haibin Huang <haibin.huang(a)intel.com&gt;
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt;
Signed-off-by: Haibin Huang <haibin.huang(a)intel.com&gt;
---
 docs/formatdomaincaps.rst                     | 40 +++++++++++++++++++
 src/conf/domain_capabilities.c                | 35 ++++++++++++++++
 src/conf/schemas/domaincaps.rng               | 37 +++++++++++++++++
 src/qemu/qemu_capabilities.c                  | 16 ++++++++
 tests/domaincapsdata/bhyve_basic.x86_64.xml   |  1 +
 tests/domaincapsdata/bhyve_fbuf.x86_64.xml    |  1 +
 tests/domaincapsdata/bhyve_uefi.x86_64.xml    |  1 +
 tests/domaincapsdata/empty.xml                |  1 +
 tests/domaincapsdata/libxl-xenfv.xml          |  1 +
 tests/domaincapsdata/libxl-xenpv.xml          |  1 +
 .../domaincapsdata/qemu_4.2.0-q35.x86_64.xml  |  1 +
 .../domaincapsdata/qemu_4.2.0-tcg.x86_64.xml  |  1 +
 .../qemu_4.2.0-virt.aarch64.xml               |  1 +
 tests/domaincapsdata/qemu_4.2.0.aarch64.xml   |  1 +
 tests/domaincapsdata/qemu_4.2.0.ppc64.xml     |  1 +
 tests/domaincapsdata/qemu_4.2.0.s390x.xml     |  1 +
 tests/domaincapsdata/qemu_4.2.0.x86_64.xml    |  1 +
 .../domaincapsdata/qemu_5.0.0-q35.x86_64.xml  |  1 +
 .../domaincapsdata/qemu_5.0.0-tcg.x86_64.xml  |  1 +
 .../qemu_5.0.0-virt.aarch64.xml               |  1 +
 tests/domaincapsdata/qemu_5.0.0.aarch64.xml   |  1 +
 tests/domaincapsdata/qemu_5.0.0.ppc64.xml     |  1 +
 tests/domaincapsdata/qemu_5.0.0.x86_64.xml    |  1 +
 .../domaincapsdata/qemu_5.1.0-q35.x86_64.xml  |  1 +
 .../domaincapsdata/qemu_5.1.0-tcg.x86_64.xml  |  1 +
 tests/domaincapsdata/qemu_5.1.0.sparc.xml     |  1 +
 tests/domaincapsdata/qemu_5.1.0.x86_64.xml    |  1 +
 .../domaincapsdata/qemu_5.2.0-q35.x86_64.xml  |  1 +
 .../domaincapsdata/qemu_5.2.0-tcg.x86_64.xml  |  1 +
 .../qemu_5.2.0-virt.aarch64.xml               |  1 +
 tests/domaincapsdata/qemu_5.2.0.aarch64.xml   |  1 +
 tests/domaincapsdata/qemu_5.2.0.ppc64.xml     |  1 +
 tests/domaincapsdata/qemu_5.2.0.s390x.xml     |  1 +
 tests/domaincapsdata/qemu_5.2.0.x86_64.xml    |  1 +
 .../domaincapsdata/qemu_6.0.0-q35.x86_64.xml  |  1 +
 .../domaincapsdata/qemu_6.0.0-tcg.x86_64.xml  |  1 +
 .../qemu_6.0.0-virt.aarch64.xml               |  1 +
 tests/domaincapsdata/qemu_6.0.0.aarch64.xml   |  1 +
 tests/domaincapsdata/qemu_6.0.0.s390x.xml     |  1 +
 tests/domaincapsdata/qemu_6.0.0.x86_64.xml    |  1 +
 .../domaincapsdata/qemu_6.1.0-q35.x86_64.xml  |  1 +
 .../domaincapsdata/qemu_6.1.0-tcg.x86_64.xml  |  1 +
 tests/domaincapsdata/qemu_6.1.0.x86_64.xml    |  1 +
 .../domaincapsdata/qemu_6.2.0-q35.x86_64.xml  |  1 +
 .../domaincapsdata/qemu_6.2.0-tcg.x86_64.xml  |  1 +
 .../qemu_6.2.0-virt.aarch64.xml               |  1 +
 tests/domaincapsdata/qemu_6.2.0.aarch64.xml   |  1 +
 tests/domaincapsdata/qemu_6.2.0.ppc64.xml     |  1 +
 tests/domaincapsdata/qemu_6.2.0.x86_64.xml    |  1 +
 .../domaincapsdata/qemu_7.0.0-q35.x86_64.xml  |  9 +++++
 .../domaincapsdata/qemu_7.0.0-tcg.x86_64.xml  |  9 +++++
 .../qemu_7.0.0-virt.aarch64.xml               |  1 +
 tests/domaincapsdata/qemu_7.0.0.aarch64.xml   |  1 +
 tests/domaincapsdata/qemu_7.0.0.ppc64.xml     |  1 +
 tests/domaincapsdata/qemu_7.0.0.x86_64.xml    |  9 +++++
 .../domaincapsdata/qemu_7.1.0-q35.x86_64.xml  |  1 +
 .../domaincapsdata/qemu_7.1.0-tcg.x86_64.xml  |  1 +
 tests/domaincapsdata/qemu_7.1.0.x86_64.xml    |  1 +
 58 files changed, 206 insertions(+)

diff --git a/docs/formatdomaincaps.rst b/docs/formatdomaincaps.rst
index 70f46b972a..954d1f4d41 100644
--- a/docs/formatdomaincaps.rst
+++ b/docs/formatdomaincaps.rst
@@ -554,6 +554,16 @@ capabilities. All features occur as children of the main ``features``
element.
          <cbitpos>47</cbitpos>
          <reduced-phys-bits>1</reduced-phys-bits>
        </sev>
+       <sgx supported='yes'>
+         <flc>no</flc>
+         <sgx1>yes</sgx1>
+         <sgx2>no</sgx2>
+         <section_size unit='KiB'>2</section_size>
+         <sections>
+           <section node='0' size='262144' unit='KiB'/>
+           <section node='1' size='262144' unit='KiB'/>
+         </sections>
+       </sgx>
      </features>
    </domainCapabilities>
 
@@ -633,3 +643,33 @@ in domain XML <formatdomain.html#launch-security>`__
 ``maxESGuests``
    The maximum number of SEV-ES guests that can be launched on the host. This
    value may be configurable in the firmware for some hosts.
+
+SGX capabilities
+^^^^^^^^^^^^^^^^
+
+Intel Software Guard Extensions (Intel SGX) capabilities are exposed under the
+``sgx`` element.
+
+Intel SGX helps protect data in use via unique application isolation technology.
+Protect selected code and data from modification using hardened enclaves with
+Intel SGX.
+
+For more details on the SGX feature, please follow resources in the SGX developer's
+document store. In order to use SGX with libvirt have a look at `SGX in domain XML
+<formatdomain.html#memory-devices>`__
+
+``flc``
+   FLC (Flexible Launch Control), not strictly part of SGX2, but was not part of
+   original SGX hardware either.
+
+``sgx1``
+   the sgx version 1.
+
+``sgx2``
+   The sgx version 2.
+
+``section_size``
+   The size of the SGX enclave page cache (called EPC).
+
+``sections``
+   The sections of the SGX enclave page cache (called EPC).
diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c
index 869b5d68e6..d456e5d60e 100644
--- a/src/conf/domain_capabilities.c
+++ b/src/conf/domain_capabilities.c
@@ -99,6 +99,7 @@ virDomainCapsDispose(void *obj)
     virObjectUnref(caps->cpu.custom);
     virCPUDefFree(caps->cpu.hostModel);
     virSEVCapabilitiesFree(caps->sev);
+    virSGXCapabilitiesFree(caps->sgx);
 
     values = &caps->os.loader.values;
     for (i = 0; i < values->nvalues; i++)
@@ -621,6 +622,39 @@ virDomainCapsFeatureSEVFormat(virBuffer *buf,
     virBufferAddLit(buf, "</sev>\n");
 }
 
+static void
+virDomainCapsFeatureSGXFormat(virBuffer *buf,
+                              const virSGXCapability *sgx)
+{
+    if (!sgx) {
+        virBufferAddLit(buf, "<sgx supported='no'/>\n");
+        return;
+    }
+
+    virBufferAddLit(buf, "<sgx supported='yes'>\n");
+    virBufferAdjustIndent(buf, 2);
+    virBufferAsprintf(buf, "<flc>%s</flc>\n", sgx->flc ?
"yes" : "no");
+    virBufferAsprintf(buf, "<sgx1>%s</sgx1>\n", sgx->sgx1 ?
"yes" : "no");
+    virBufferAsprintf(buf, "<sgx2>%s</sgx2>\n", sgx->sgx2 ?
"yes" : "no");
+
+    if (sgx->nSgxSections > 0) {
+        size_t i;
+
+        virBufferAddLit(buf, "<sections>\n");
+
+        for (i = 0; i < sgx->nSgxSections; i++) {
+            virBufferAdjustIndent(buf, 2);
+            virBufferAsprintf(buf, "<section node='%d' ",
sgx->sgxSections[i].node);
+            virBufferAsprintf(buf, "size='%llu' ",
sgx->sgxSections[i].size);
+            virBufferAddLit(buf, "unit='KiB'/>\n");
+            virBufferAdjustIndent(buf, -2);
+        }
+        virBufferAddLit(buf, "</sections>\n");
+    }
+
+    virBufferAdjustIndent(buf, -2);
+    virBufferAddLit(buf, "</sgx>\n");
+}
 
 static void
 virDomainCapsFormatFeatures(const virDomainCaps *caps,
@@ -641,6 +675,7 @@ virDomainCapsFormatFeatures(const virDomainCaps *caps,
     }
 
     virDomainCapsFeatureSEVFormat(&childBuf, caps->sev);
+    virDomainCapsFeatureSGXFormat(&childBuf, caps->sgx);
 
     virXMLFormatElement(buf, "features", NULL, &childBuf);
 }
diff --git a/src/conf/schemas/domaincaps.rng b/src/conf/schemas/domaincaps.rng
index 9cbc2467ab..e0d4209679 100644
--- a/src/conf/schemas/domaincaps.rng
+++ b/src/conf/schemas/domaincaps.rng
@@ -270,6 +270,9 @@
       <optional>
         <ref name="sev"/>
       </optional>
+      <optional>
+        <ref name="sgx"/>
+      </optional>
     </element>
   </define>
 
@@ -330,6 +333,40 @@
     </element>
   </define>
 
+  <define name="sgx">
+    <element name="sgx">
+      <ref name="supported"/>
+      <optional>
+        <element name="flc">
+          <ref name="virYesNo"/>
+        </element>
+        <element name="sgx1">
+          <ref name="virYesNo"/>
+        </element>
+        <element name="sgx2">
+          <ref name="virYesNo"/>
+        </element>
+        <optional>
+          <element name="sections">
+            <zeroOrMore>
+              <element name="section">
+                <attribute name="node">
+                  <data type="unsignedInt"/>
+                </attribute>
+                <attribute name="size">
+                  <data type="unsignedLong"/>
+                </attribute>
+                <attribute name="unit">
+                  <value>KiB</value>
+                </attribute>
+              </element>
+            </zeroOrMore>
+          </element>
+        </optional>
+      </optional>
+    </element>
+  </define>
+
   <define name="value">
     <zeroOrMore>
       <element name="value">
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index e0fe1521c4..e309a56e69 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -6681,6 +6681,21 @@ virQEMUCapsFillDomainFeatureS390PVCaps(virQEMUCaps *qemuCaps,
     }
 }
 
+/**
+ * virQEMUCapsFillDomainFeatureSGXCaps:
+ * @qemuCaps: QEMU capabilities
+ * @domCaps: domain capabilities
+ *
+ * Take the information about SGX capabilities that has been obtained
+ * using the 'query-sgx-capabilities' QMP command and stored in @qemuCaps
+ * and convert it to a form suitable for @domCaps.
+ */
+static void
+virQEMUCapsFillDomainFeatureSGXCaps(virQEMUCaps *qemuCaps,
+                                    virDomainCaps *domCaps)
+{
+    virQEMUCapsSGXInfoCopy(&domCaps->sgx, qemuCaps->sgxCapabilities);
+}
 
 int
 virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps,
@@ -6733,6 +6748,7 @@ virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps,
     virQEMUCapsFillDomainFeatureGICCaps(qemuCaps, domCaps);
     virQEMUCapsFillDomainFeatureSEVCaps(qemuCaps, domCaps);
     virQEMUCapsFillDomainFeatureS390PVCaps(qemuCaps, domCaps);
+    virQEMUCapsFillDomainFeatureSGXCaps(qemuCaps, domCaps);
 
     return 0;
 }
diff --git a/tests/domaincapsdata/bhyve_basic.x86_64.xml
b/tests/domaincapsdata/bhyve_basic.x86_64.xml
index 745f325531..dd054577c0 100644
--- a/tests/domaincapsdata/bhyve_basic.x86_64.xml
+++ b/tests/domaincapsdata/bhyve_basic.x86_64.xml
@@ -33,5 +33,6 @@
     <vmcoreinfo supported='no'/>
     <genid supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/bhyve_fbuf.x86_64.xml
b/tests/domaincapsdata/bhyve_fbuf.x86_64.xml
index bb11c02ae9..0b1d9c17d7 100644
--- a/tests/domaincapsdata/bhyve_fbuf.x86_64.xml
+++ b/tests/domaincapsdata/bhyve_fbuf.x86_64.xml
@@ -50,5 +50,6 @@
     <vmcoreinfo supported='no'/>
     <genid supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/bhyve_uefi.x86_64.xml
b/tests/domaincapsdata/bhyve_uefi.x86_64.xml
index dfd2360d74..69fff197a7 100644
--- a/tests/domaincapsdata/bhyve_uefi.x86_64.xml
+++ b/tests/domaincapsdata/bhyve_uefi.x86_64.xml
@@ -42,5 +42,6 @@
     <vmcoreinfo supported='no'/>
     <genid supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/empty.xml b/tests/domaincapsdata/empty.xml
index d3e2d89b60..97752ca04a 100644
--- a/tests/domaincapsdata/empty.xml
+++ b/tests/domaincapsdata/empty.xml
@@ -13,5 +13,6 @@
   </devices>
   <features>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/libxl-xenfv.xml b/tests/domaincapsdata/libxl-xenfv.xml
index cc5b3847e2..c71d759517 100644
--- a/tests/domaincapsdata/libxl-xenfv.xml
+++ b/tests/domaincapsdata/libxl-xenfv.xml
@@ -76,5 +76,6 @@
     <vmcoreinfo supported='no'/>
     <genid supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/libxl-xenpv.xml b/tests/domaincapsdata/libxl-xenpv.xml
index 325f1e50b3..8ae2370b7e 100644
--- a/tests/domaincapsdata/libxl-xenpv.xml
+++ b/tests/domaincapsdata/libxl-xenpv.xml
@@ -66,5 +66,6 @@
     <vmcoreinfo supported='no'/>
     <genid supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml
index 0ec4c570ac..0ad10127bc 100644
--- a/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml
@@ -224,5 +224,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml
index 4e0cb08b72..7c81afd411 100644
--- a/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml
@@ -239,5 +239,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml
b/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml
index 05d606967b..1a87fc417b 100644
--- a/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml
+++ b/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml
@@ -177,5 +177,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_4.2.0.aarch64.xml
b/tests/domaincapsdata/qemu_4.2.0.aarch64.xml
index f19ad5e6db..943c3605d8 100644
--- a/tests/domaincapsdata/qemu_4.2.0.aarch64.xml
+++ b/tests/domaincapsdata/qemu_4.2.0.aarch64.xml
@@ -171,5 +171,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_4.2.0.ppc64.xml
b/tests/domaincapsdata/qemu_4.2.0.ppc64.xml
index 8ea7ad5714..2f347aa542 100644
--- a/tests/domaincapsdata/qemu_4.2.0.ppc64.xml
+++ b/tests/domaincapsdata/qemu_4.2.0.ppc64.xml
@@ -144,5 +144,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_4.2.0.s390x.xml
b/tests/domaincapsdata/qemu_4.2.0.s390x.xml
index fb162ea578..8150e5119a 100644
--- a/tests/domaincapsdata/qemu_4.2.0.s390x.xml
+++ b/tests/domaincapsdata/qemu_4.2.0.s390x.xml
@@ -247,5 +247,6 @@
     <backup supported='no'/>
     <s390-pv supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_4.2.0.x86_64.xml
b/tests/domaincapsdata/qemu_4.2.0.x86_64.xml
index d8793bb38a..d55072f6cf 100644
--- a/tests/domaincapsdata/qemu_4.2.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_4.2.0.x86_64.xml
@@ -224,5 +224,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml
index 036e446c64..335c14e643 100644
--- a/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml
@@ -226,5 +226,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml
index 4df4e86cf1..e5cb80bc4f 100644
--- a/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml
@@ -241,5 +241,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml
b/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml
index bb8500baa6..9b67bab7a7 100644
--- a/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml
+++ b/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml
@@ -189,5 +189,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.0.0.aarch64.xml
b/tests/domaincapsdata/qemu_5.0.0.aarch64.xml
index e7227d092f..24ff712b2c 100644
--- a/tests/domaincapsdata/qemu_5.0.0.aarch64.xml
+++ b/tests/domaincapsdata/qemu_5.0.0.aarch64.xml
@@ -183,5 +183,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.0.0.ppc64.xml
b/tests/domaincapsdata/qemu_5.0.0.ppc64.xml
index cac329fd08..99d02cb578 100644
--- a/tests/domaincapsdata/qemu_5.0.0.ppc64.xml
+++ b/tests/domaincapsdata/qemu_5.0.0.ppc64.xml
@@ -150,5 +150,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.0.0.x86_64.xml
b/tests/domaincapsdata/qemu_5.0.0.x86_64.xml
index e901d12918..f30dd29cb3 100644
--- a/tests/domaincapsdata/qemu_5.0.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.0.0.x86_64.xml
@@ -226,5 +226,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml
index df1572c901..c168522e43 100644
--- a/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml
@@ -227,5 +227,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml
index 3a6dc7b5fc..63023b608c 100644
--- a/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml
@@ -241,5 +241,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.1.0.sparc.xml
b/tests/domaincapsdata/qemu_5.1.0.sparc.xml
index 5c1c0c4680..ae8474a696 100644
--- a/tests/domaincapsdata/qemu_5.1.0.sparc.xml
+++ b/tests/domaincapsdata/qemu_5.1.0.sparc.xml
@@ -113,5 +113,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.1.0.x86_64.xml
b/tests/domaincapsdata/qemu_5.1.0.x86_64.xml
index e0e8e0ed12..b57e846c96 100644
--- a/tests/domaincapsdata/qemu_5.1.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.1.0.x86_64.xml
@@ -227,5 +227,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.2.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_5.2.0-q35.x86_64.xml
index 6a49f568be..e94668a9e6 100644
--- a/tests/domaincapsdata/qemu_5.2.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.2.0-q35.x86_64.xml
@@ -227,5 +227,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.2.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_5.2.0-tcg.x86_64.xml
index f41f47c346..3b3cee8899 100644
--- a/tests/domaincapsdata/qemu_5.2.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.2.0-tcg.x86_64.xml
@@ -241,5 +241,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.2.0-virt.aarch64.xml
b/tests/domaincapsdata/qemu_5.2.0-virt.aarch64.xml
index dfd792c031..2fe1bf3a89 100644
--- a/tests/domaincapsdata/qemu_5.2.0-virt.aarch64.xml
+++ b/tests/domaincapsdata/qemu_5.2.0-virt.aarch64.xml
@@ -189,5 +189,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.2.0.aarch64.xml
b/tests/domaincapsdata/qemu_5.2.0.aarch64.xml
index e7227d092f..24ff712b2c 100644
--- a/tests/domaincapsdata/qemu_5.2.0.aarch64.xml
+++ b/tests/domaincapsdata/qemu_5.2.0.aarch64.xml
@@ -183,5 +183,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.2.0.ppc64.xml
b/tests/domaincapsdata/qemu_5.2.0.ppc64.xml
index 88e4837ec3..724bb899dc 100644
--- a/tests/domaincapsdata/qemu_5.2.0.ppc64.xml
+++ b/tests/domaincapsdata/qemu_5.2.0.ppc64.xml
@@ -150,5 +150,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.2.0.s390x.xml
b/tests/domaincapsdata/qemu_5.2.0.s390x.xml
index 2a2ca8abcf..496c08dd34 100644
--- a/tests/domaincapsdata/qemu_5.2.0.s390x.xml
+++ b/tests/domaincapsdata/qemu_5.2.0.s390x.xml
@@ -249,5 +249,6 @@
     <backup supported='no'/>
     <s390-pv supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_5.2.0.x86_64.xml
b/tests/domaincapsdata/qemu_5.2.0.x86_64.xml
index 0a6f72df7e..f29152100e 100644
--- a/tests/domaincapsdata/qemu_5.2.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_5.2.0.x86_64.xml
@@ -227,5 +227,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml
index 40df34edf0..196568c26f 100644
--- a/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml
@@ -234,5 +234,6 @@
       <maxGuests>59</maxGuests>
       <maxESGuests>450</maxESGuests>
     </sev>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml
index e563b0cb59..5657a65c47 100644
--- a/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml
@@ -248,5 +248,6 @@
       <maxGuests>59</maxGuests>
       <maxESGuests>450</maxESGuests>
     </sev>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0-virt.aarch64.xml
b/tests/domaincapsdata/qemu_6.0.0-virt.aarch64.xml
index 958c40437f..0a16fe8d51 100644
--- a/tests/domaincapsdata/qemu_6.0.0-virt.aarch64.xml
+++ b/tests/domaincapsdata/qemu_6.0.0-virt.aarch64.xml
@@ -191,5 +191,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0.aarch64.xml
b/tests/domaincapsdata/qemu_6.0.0.aarch64.xml
index 4164bf49f7..38e4a1e05c 100644
--- a/tests/domaincapsdata/qemu_6.0.0.aarch64.xml
+++ b/tests/domaincapsdata/qemu_6.0.0.aarch64.xml
@@ -185,5 +185,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='no'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0.s390x.xml
b/tests/domaincapsdata/qemu_6.0.0.s390x.xml
index 13fa3a637e..ccb6536dfc 100644
--- a/tests/domaincapsdata/qemu_6.0.0.s390x.xml
+++ b/tests/domaincapsdata/qemu_6.0.0.s390x.xml
@@ -250,5 +250,6 @@
     <backup supported='no'/>
     <s390-pv supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0.x86_64.xml
b/tests/domaincapsdata/qemu_6.0.0.x86_64.xml
index eb60a2105f..0a45267cf5 100644
--- a/tests/domaincapsdata/qemu_6.0.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.0.0.x86_64.xml
@@ -234,5 +234,6 @@
       <maxGuests>59</maxGuests>
       <maxESGuests>450</maxESGuests>
     </sev>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.1.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_6.1.0-q35.x86_64.xml
index 0480a086c6..c75d5d3476 100644
--- a/tests/domaincapsdata/qemu_6.1.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.1.0-q35.x86_64.xml
@@ -230,5 +230,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.1.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_6.1.0-tcg.x86_64.xml
index 7baecb0c73..4fbb5a26c9 100644
--- a/tests/domaincapsdata/qemu_6.1.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.1.0-tcg.x86_64.xml
@@ -243,5 +243,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.1.0.x86_64.xml
b/tests/domaincapsdata/qemu_6.1.0.x86_64.xml
index 9cbe93ad46..572d2e242d 100644
--- a/tests/domaincapsdata/qemu_6.1.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.1.0.x86_64.xml
@@ -230,5 +230,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.2.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_6.2.0-q35.x86_64.xml
index 07b951b81f..a6e2e8f349 100644
--- a/tests/domaincapsdata/qemu_6.2.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.2.0-q35.x86_64.xml
@@ -230,5 +230,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.2.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_6.2.0-tcg.x86_64.xml
index 367e656b31..2709dfe28b 100644
--- a/tests/domaincapsdata/qemu_6.2.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.2.0-tcg.x86_64.xml
@@ -244,5 +244,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.2.0-virt.aarch64.xml
b/tests/domaincapsdata/qemu_6.2.0-virt.aarch64.xml
index 99c0fc03fd..ba4d50575b 100644
--- a/tests/domaincapsdata/qemu_6.2.0-virt.aarch64.xml
+++ b/tests/domaincapsdata/qemu_6.2.0-virt.aarch64.xml
@@ -193,5 +193,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.2.0.aarch64.xml
b/tests/domaincapsdata/qemu_6.2.0.aarch64.xml
index 8e04508694..9bf6cd7527 100644
--- a/tests/domaincapsdata/qemu_6.2.0.aarch64.xml
+++ b/tests/domaincapsdata/qemu_6.2.0.aarch64.xml
@@ -187,5 +187,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.2.0.ppc64.xml
b/tests/domaincapsdata/qemu_6.2.0.ppc64.xml
index 0bbe501383..17b19aaf57 100644
--- a/tests/domaincapsdata/qemu_6.2.0.ppc64.xml
+++ b/tests/domaincapsdata/qemu_6.2.0.ppc64.xml
@@ -149,5 +149,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.2.0.x86_64.xml
b/tests/domaincapsdata/qemu_6.2.0.x86_64.xml
index f363cf1b79..85f9252f63 100644
--- a/tests/domaincapsdata/qemu_6.2.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.2.0.x86_64.xml
@@ -230,5 +230,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.0.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_7.0.0-q35.x86_64.xml
index 136dadaeb4..896fa105e4 100644
--- a/tests/domaincapsdata/qemu_7.0.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_7.0.0-q35.x86_64.xml
@@ -231,5 +231,14 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='yes'>
+      <flc>no</flc>
+      <sgx1>yes</sgx1>
+      <sgx2>no</sgx2>
+      <sections>
+        <section node='0' size='262144' unit='KiB'/>
+        <section node='1' size='262144' unit='KiB'/>
+      </sections>
+    </sgx>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.0.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_7.0.0-tcg.x86_64.xml
index c684759356..e5a32f8682 100644
--- a/tests/domaincapsdata/qemu_7.0.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_7.0.0-tcg.x86_64.xml
@@ -245,5 +245,14 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='yes'>
+      <flc>no</flc>
+      <sgx1>yes</sgx1>
+      <sgx2>no</sgx2>
+      <sections>
+        <section node='0' size='262144' unit='KiB'/>
+        <section node='1' size='262144' unit='KiB'/>
+      </sections>
+    </sgx>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.0.0-virt.aarch64.xml
b/tests/domaincapsdata/qemu_7.0.0-virt.aarch64.xml
index 1d6f29db9f..a6b9abfd49 100644
--- a/tests/domaincapsdata/qemu_7.0.0-virt.aarch64.xml
+++ b/tests/domaincapsdata/qemu_7.0.0-virt.aarch64.xml
@@ -192,5 +192,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.0.0.aarch64.xml
b/tests/domaincapsdata/qemu_7.0.0.aarch64.xml
index 73097470f8..f499ba8001 100644
--- a/tests/domaincapsdata/qemu_7.0.0.aarch64.xml
+++ b/tests/domaincapsdata/qemu_7.0.0.aarch64.xml
@@ -186,5 +186,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.0.0.ppc64.xml
b/tests/domaincapsdata/qemu_7.0.0.ppc64.xml
index 7765c941c5..46572233d0 100644
--- a/tests/domaincapsdata/qemu_7.0.0.ppc64.xml
+++ b/tests/domaincapsdata/qemu_7.0.0.ppc64.xml
@@ -150,5 +150,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.0.0.x86_64.xml
b/tests/domaincapsdata/qemu_7.0.0.x86_64.xml
index 0f9a65ef1b..0e95afbefa 100644
--- a/tests/domaincapsdata/qemu_7.0.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_7.0.0.x86_64.xml
@@ -231,5 +231,14 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='yes'>
+      <flc>no</flc>
+      <sgx1>yes</sgx1>
+      <sgx2>no</sgx2>
+      <sections>
+        <section node='0' size='262144' unit='KiB'/>
+        <section node='1' size='262144' unit='KiB'/>
+      </sections>
+    </sgx>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.1.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_7.1.0-q35.x86_64.xml
index 30082712f4..6195d94e16 100644
--- a/tests/domaincapsdata/qemu_7.1.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_7.1.0-q35.x86_64.xml
@@ -230,5 +230,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.1.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_7.1.0-tcg.x86_64.xml
index bcca02f0a4..61097e9431 100644
--- a/tests/domaincapsdata/qemu_7.1.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_7.1.0-tcg.x86_64.xml
@@ -243,5 +243,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_7.1.0.x86_64.xml
b/tests/domaincapsdata/qemu_7.1.0.x86_64.xml
index f377b8e3a9..c9364815f6 100644
--- a/tests/domaincapsdata/qemu_7.1.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_7.1.0.x86_64.xml
@@ -230,5 +230,6 @@
     <backingStoreInput supported='yes'/>
     <backup supported='yes'/>
     <sev supported='no'/>
+    <sgx supported='no'/>
   </features>
 </domainCapabilities>
-- 
2.25.1


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt][PATCH v15 4/9] conf: expose SGX feature in domain capabilities