9:52 p.m.
-----Original Message-----
From: Tim Wiederhake <twiederh(a)redhat.com>
Sent: Monday, July 5, 2021 7:32 PM
To: Huang, Haibin <haibin.huang(a)intel.com>
Cc: libvir-list(a)redhat.com; Ding, Jian-feng <jian-feng.ding(a)intel.com>; Yang,
Lin A <lin.a.yang(a)intel.com>; Lu, Lianhao <lianhao.lu(a)intel.com>
Subject: Re: [libvirt][PATCH v4 4/4] Support to query SGX capability
On Thu, 2021-07-01 at 20:10 +0800, Haibin Huang wrote:
> 1.Add SGX feature in domain capabilities
> 2.Get sgx capabilities by query-sgx-capabilities
> 3.Transfer the B to KB for epc_size
> 4.Delete sgx1 and sgx2
> 5.add unit test for get capabilities
>
> Signed-off-by: Haibin Huang <haibin.huang(a)intel.com>
> ---
> src/conf/domain_capabilities.c | 29 ++++
> src/conf/domain_capabilities.h | 13 ++
> src/libvirt_private.syms | 2 +-
> src/qemu/qemu_capabilities.c | 146 ++++++++++++++++++
> src/qemu/qemu_capabilities.h | 6 +
> src/qemu/qemu_command.c | 2 +-
> src/qemu/qemu_monitor.c | 10 ++
> src/qemu/qemu_monitor.h | 3 +
> src/qemu/qemu_monitor_json.c | 91 +++++++++++
> src/qemu/qemu_monitor_json.h | 3 +
> tests/domaincapsdata/bhyve_basic.x86_64.xml | 1 +
> tests/domaincapsdata/bhyve_fbuf.x86_64.xml | 1 +
> tests/domaincapsdata/bhyve_uefi.x86_64.xml | 1 +
> tests/domaincapsdata/empty.xml | 1 +
> tests/domaincapsdata/libxl-xenfv.xml | 1 +
> tests/domaincapsdata/libxl-xenpv.xml | 1 +
> .../domaincapsdata/qemu_1.5.3-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_1.5.3-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_1.5.3.x86_64.xml | 1 +
> .../domaincapsdata/qemu_1.6.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_1.6.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_1.6.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_1.7.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_1.7.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_1.7.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.1.1-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.1.1-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_2.1.1.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.10.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.10.0-tcg.x86_64.xml | 1 +
> .../qemu_2.10.0-virt.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_2.10.0.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_2.10.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_2.10.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_2.10.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.11.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.11.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_2.11.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_2.11.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.12.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.12.0-tcg.x86_64.xml | 1 +
> .../qemu_2.12.0-virt.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_2.12.0.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_2.12.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_2.12.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_2.12.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.4.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.4.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_2.4.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.5.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.5.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_2.5.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.6.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.6.0-tcg.x86_64.xml | 1 +
> .../qemu_2.6.0-virt.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_2.6.0.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_2.6.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_2.6.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.7.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.7.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_2.7.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_2.7.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.8.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.8.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_2.8.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_2.8.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.9.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_2.9.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_2.9.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_2.9.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_2.9.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_3.0.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_3.0.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_3.0.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_3.0.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_3.0.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_3.1.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_3.1.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_3.1.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_3.1.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_4.0.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_4.0.0-tcg.x86_64.xml | 1 +
> .../qemu_4.0.0-virt.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_4.0.0.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_4.0.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_4.0.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_4.0.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_4.1.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_4.1.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_4.1.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_4.2.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_4.2.0-tcg.x86_64.xml | 1 +
> .../qemu_4.2.0-virt.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_4.2.0.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_4.2.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_4.2.0.s390x.xml | 1 +
> tests/domaincapsdata/qemu_4.2.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_5.0.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_5.0.0-tcg.x86_64.xml | 1 +
> .../qemu_5.0.0-virt.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_5.0.0.aarch64.xml | 1 +
> tests/domaincapsdata/qemu_5.0.0.ppc64.xml | 1 +
> tests/domaincapsdata/qemu_5.0.0.x86_64.xml | 1 +
> .../domaincapsdata/qemu_5.1.0-q35.x86_64.xml | 1 +
> .../domaincapsdata/qemu_5.1.0-tcg.x86_64.xml | 1 +
> tests/domaincapsdata/qemu_5.1.0.x86_64.xml | 1 +
> 106 files changed, 399 insertions(+), 2 deletions(-)
>
Can this be split up, so that the "mechanical" changes
(tests/domaincapsdata/qemu_*.xml) are separate from the functional
changes? E.g. start with a commit that introduces a dummy
"virDomainCapsFeatureSGXFormat" that always prints "<sgx
supported='no'/>" + the relevant changes in tests/; then, in a second
commit, the actual implementation?
[Haibin] ok, it is good point. I will adjust
it.
> diff --git a/src/conf/domain_capabilities.c
> b/src/conf/domain_capabilities.c
> index d61108e125..f83a462ca3 100644
> --- a/src/conf/domain_capabilities.c
> +++ b/src/conf/domain_capabilities.c
> @@ -91,6 +91,16 @@ virSEVCapabilitiesFree(virSEVCapability *cap)
> }
>
>
> +void
> +virSGXCapabilitiesFree(virSGXCapability *cap)
> +{
> + if (!cap)
> + return;
> +
> + VIR_FREE(cap);
> +}
> +
> +
> static void
> virDomainCapsDispose(void *obj)
> {
> @@ -101,6 +111,7 @@ virDomainCapsDispose(void *obj)
> virObjectUnref(caps->cpu.custom);
> virCPUDefFree(caps->cpu.hostModel);
> virSEVCapabilitiesFree(caps->sev);
> + virSGXCapabilitiesFree(caps->sgx);
>
> virDomainCapsStringValuesFree(&caps->os.loader.values);
> }
> @@ -564,6 +575,23 @@ virDomainCapsFeatureSEVFormat(virBufferPtr buf,
> return;
> }
>
> +static void
> +virDomainCapsFeatureSGXFormat(virBufferPtr buf,
> + virSGXCapabilityPtr const sgx)
> +{
> + if (!sgx) {
> + virBufferAddLit(buf, "<sgx supported='no'/>\n");
> + } else {
> + virBufferAddLit(buf, "<sgx supported='yes'>\n");
> + virBufferAdjustIndent(buf, 2);
> + virBufferAsprintf(buf, "<flc>%s</flc>\n", sgx->flc
? "yes" :
> "no");
> + virBufferAsprintf(buf, "<epc_size
> unit='KiB'>%d</epc_size>\n", sgx->epc_size);
> + virBufferAdjustIndent(buf, -2);
> + virBufferAddLit(buf, "</sgx>\n");
> + }
> +
> + return;
> +}
>
> static void
> virDomainCapsFormatFeatures(const virDomainCaps *caps,
> @@ -584,6 +612,7 @@ virDomainCapsFormatFeatures(const virDomainCaps
> *caps,
> }
>
> virDomainCapsFeatureSEVFormat(&childBuf, caps->sev);
> + virDomainCapsFeatureSGXFormat(&childBuf, caps->sgx);
>
> virXMLFormatElement(buf, "features", NULL, &childBuf);
> }
> diff --git a/src/conf/domain_capabilities.h
> b/src/conf/domain_capabilities.h
> index 685d5e2a44..d63f2d4219 100644
> --- a/src/conf/domain_capabilities.h
> +++ b/src/conf/domain_capabilities.h
> @@ -150,6 +150,13 @@ struct _virDomainCapsCPU {
> virDomainCapsCPUModelsPtr custom;
> };
>
> +typedef struct _virSGXCapability virSGXCapability;
> +typedef virSGXCapability *virSGXCapabilityPtr;
> +struct _virSGXCapability {
> + bool flc;
> + unsigned int epc_size;
> +};
> +
> typedef struct _virSEVCapability virSEVCapability;
> typedef virSEVCapability *virSEVCapabilityPtr;
> struct _virSEVCapability {
> @@ -191,6 +198,7 @@ struct _virDomainCaps {
>
> virDomainCapsFeatureGIC gic;
> virSEVCapabilityPtr sev;
> + virSGXCapabilityPtr sgx;
Requires change to docs/schema/.
[Haibin] ok, I got it, I think you mean
"docs/schemas/domaincaps.rng".
> /* add new domain features here */
>
> virTristateBool features[VIR_DOMAIN_CAPS_FEATURE_LAST];
> @@ -239,4 +247,9 @@ int virDomainCapsDeviceDefValidate(const
> virDomainCaps *caps,
> void
> virSEVCapabilitiesFree(virSEVCapability *capabilities);
>
> +void
> +virSGXCapabilitiesFree(virSGXCapability *capabilities);
> +
> G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSEVCapability,
> virSEVCapabilitiesFree);
> +
> +G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSGXCapability,
> virSGXCapabilitiesFree);
> diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
> index 01c2e710cd..ea7aa897cc 100644
> --- a/src/libvirt_private.syms
> +++ b/src/libvirt_private.syms
> @@ -215,6 +215,7 @@ virDomainCapsEnumSet;
> virDomainCapsFormat;
> virDomainCapsNew;
> virSEVCapabilitiesFree;
> +virSGXCapabilitiesFree;
>
>
> # conf/domain_conf.h
> @@ -1694,7 +1695,6 @@ virBitmapToDataBuf;
> virBitmapToString;
> virBitmapUnion;
>
> -
Please leave the second empty line.
[Haibin] ok
> # util/virbpf.h
> virBPFAttachProg;
> virBPFCreateMap;
> diff --git a/src/qemu/qemu_capabilities.c
> b/src/qemu/qemu_capabilities.c
> index ff6ba8c9e9..63f55480dd 100644
> --- a/src/qemu/qemu_capabilities.c
> +++ b/src/qemu/qemu_capabilities.c
> @@ -597,6 +597,9 @@ VIR_ENUM_IMPL(virQEMUCaps,
> "spapr-tpm-proxy",
> "numa.hmat",
> "blockdev-hostdev-scsi",
> +
> + /* 380 */
> + "sgx-epc",
> );
>
>
> @@ -698,11 +701,14 @@ struct _virQEMUCaps {
>
> virSEVCapability *sevCapabilities;
>
> + virSGXCapability *sgxCapabilities;
> +
> /* Capabilities which may differ depending on the accelerator. */
> virQEMUCapsAccel kvm;
> virQEMUCapsAccel tcg;
> };
>
> +
> struct virQEMUCapsSearchData {
> virArch arch;
> const char *binaryFilter;
> @@ -1323,6 +1329,7 @@ struct virQEMUCapsStringFlags
> virQEMUCapsObjectTypes[] = {
> { "tcg-accel", QEMU_CAPS_TCG },
> { "pvscsi", QEMU_CAPS_SCSI_PVSCSI },
> { "spapr-tpm-proxy", QEMU_CAPS_DEVICE_SPAPR_TPM_PROXY },
> + { "sgx-epc", QEMU_CAPS_SGX_EPC },
> };
>
>
> @@ -1870,6 +1877,23 @@ virQEMUCapsSEVInfoCopy(virSEVCapabilityPtr
*dst,
> }
>
>
> +static int
> +virQEMUCapsSGXInfoCopy(virSGXCapabilityPtr *dst,
> + virSGXCapabilityPtr src)
> +{
> + g_autoptr(virSGXCapability) tmp = NULL;
> +
> + if (VIR_ALLOC(tmp) < 0)
> + return -1;
If this were a simple "virSGXCapability *tmp = g_new0(...)"...
> +
> + tmp->flc = src->flc;
> + tmp->epc_size = src->epc_size;
> +
> + *dst = g_steal_pointer(&tmp);
> + return 0;
... the g_steal_pointer would not be necessary, and
"G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSGXCapability,
virSGXCapabilitiesFree);" would not be, either.
[Haibin] did you mean like
below
static int
virQEMUCapsSGXInfoCopy(virSGXCapabilityPtr *dst,
virSGXCapabilityPtr src)
{
virSGXCapability *tmp = g_new0(virSGXCapability, 1);
tmp->flc = src->flc;
tmp->epc_size = src->epc_size;
*dst = tmp;
return 0;
}
> +}
> +
> +
> static void
> virQEMUCapsAccelCopyMachineTypes(virQEMUCapsAccelPtr dst,
> virQEMUCapsAccelPtr src)
> @@ -1947,6 +1971,11 @@ virQEMUCapsPtr
> virQEMUCapsNewCopy(virQEMUCapsPtr qemuCaps)
> qemuCaps->sevCapabilities) < 0)
> goto error;
>
> + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC) &&
> + virQEMUCapsSGXInfoCopy(&ret->sgxCapabilities,
> + qemuCaps->sgxCapabilities) < 0)
> + goto error;
> +
> return ret;
>
> error:
> @@ -1987,6 +2016,7 @@ void virQEMUCapsDispose(void *obj)
> VIR_FREE(qemuCaps->gicCapabilities);
>
> virSEVCapabilitiesFree(qemuCaps->sevCapabilities);
> + virSGXCapabilitiesFree(qemuCaps->sgxCapabilities);
>
> virQEMUCapsAccelClear(&qemuCaps->kvm);
> virQEMUCapsAccelClear(&qemuCaps->tcg);
> @@ -2581,6 +2611,13 @@ virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr
> qemuCaps)
> }
>
>
> +virSGXCapabilityPtr
> +virQEMUCapsGetSGXCapabilities(virQEMUCapsPtr qemuCaps)
> +{
> + return qemuCaps->sgxCapabilities;
> +}
> +
> +
> static int
> virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps,
> qemuMonitorPtr mon)
> @@ -2640,6 +2677,7 @@
virQEMUCapsProbeQMPObjectTypes(virQEMUCapsPtr
> qemuCaps,
>
> if ((nvalues = qemuMonitorGetObjectTypes(mon, &values)) < 0)
> return -1;
> +
Unrelated change.
[Haibin] ok, delete it.
> virQEMUCapsProcessStringFlags(qemuCaps,
>
> G_N_ELEMENTS(virQEMUCapsObjectTypes),
> virQEMUCapsObjectTypes,
> @@ -3405,6 +3443,31 @@
> virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps,
> }
>
>
> +static int
> +virQEMUCapsProbeQMPSGXCapabilities(virQEMUCapsPtr qemuCaps,
> + qemuMonitorPtr mon)
> +{
> + int rc = -1;
> + virSGXCapability *caps = NULL;
> +
> + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC))
> + return 0;
> +
> + if ((rc = qemuMonitorGetSGXCapabilities(mon, &caps)) < 0)
> + return -1;
> +
> + /* SGX isn't actually supported */
> + if (rc == 0) {
> + virQEMUCapsClear(qemuCaps, QEMU_CAPS_SGX_EPC);
> + return 0;
> + }
> +
> + virSGXCapabilitiesFree(qemuCaps->sgxCapabilities);
> + qemuCaps->sgxCapabilities = caps;
> + return 0;
> +}
> +
> +
> /*
> * Filter for features which should never be passed to QEMU. Either
> because
> * QEMU never supported them or they were dropped as they never did
> anything
> @@ -4187,6 +4250,42 @@ virQEMUCapsParseSEVInfo(virQEMUCapsPtr
> qemuCaps, xmlXPathContextPtr ctxt)
> return 0;
> }
>
> +static int
> +virQEMUCapsParseSGXInfo(virQEMUCapsPtr qemuCaps, xmlXPathContextPtr
> ctxt)
> +{
> + g_autoptr(virSGXCapability) sgx = NULL;
> +
> + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC))
> + return 0;
> +
Using "virXPathNode()" + "virXMLProp*()" might save you some boiler
plate code and writing custom error messages.
Maybe that makes it a little bit
clearer
> + if (virXPathBoolean("boolean(./sgx)", ctxt) == 0) {
> + virReportError(VIR_ERR_XML_ERROR, "%s",
> + _("missing SGX platform data in QEMU "
> + "capabilities cache"));
> + return -1;
> + }
> +
> + if (VIR_ALLOC(sgx) < 0)
> + return -1;
> +
Prefer "g_new0".
[Haibin] ok
> + if (virXPathBoolean("boolean(./sgx/flc)", ctxt) == 0) {
> + virReportError(VIR_ERR_XML_ERROR, "%s",
> + _("missing SGX platform flc data in QEMU "
> + "capabilities cache"));
> + return -1;
> + }
> +
> + if (virXPathUInt("string(./sgx/epc_size)", ctxt,
&sgx->epc_size)
> < 0) {
> + virReportError(VIR_ERR_XML_ERROR, "%s",
> + _("missing or malformed SGX platform epc_size
> information "
> + "in QEMU capabilities cache"));
> + return -1;
> + }
> +
> + qemuCaps->sgxCapabilities = g_steal_pointer(&sgx);
> + return 0;
> +}
> +
>
> /*
> * Parsing a doc that looks like
> @@ -4425,6 +4524,9 @@ virQEMUCapsLoadCache(virArch hostArch,
> if (virQEMUCapsParseSEVInfo(qemuCaps, ctxt) < 0)
> goto cleanup;
>
> + if (virQEMUCapsParseSGXInfo(qemuCaps, ctxt) < 0)
> + goto cleanup;
> +
> virQEMUCapsInitHostCPUModel(qemuCaps, hostArch,
> VIR_DOMAIN_VIRT_KVM);
> virQEMUCapsInitHostCPUModel(qemuCaps, hostArch,
> VIR_DOMAIN_VIRT_QEMU);
>
> @@ -4601,6 +4703,19 @@ virQEMUCapsFormatSEVInfo(virQEMUCapsPtr
> qemuCaps, virBufferPtr buf)
> virBufferAddLit(buf, "</sev>\n");
> }
>
> +static void
> +virQEMUCapsFormatSGXInfo(virQEMUCapsPtr qemuCaps, virBufferPtr buf)
> +{
> + virSGXCapabilityPtr sgx =
> virQEMUCapsGetSGXCapabilities(qemuCaps);
> +
> + virBufferAddLit(buf, "<sgx>\n");
> + virBufferAdjustIndent(buf, 2);
> + virBufferAsprintf(buf, "<flc>%s</flc>\n", sgx->flc ?
"yes" :
> "no");
> + virBufferAsprintf(buf, "<epc_size>%u</epc_size>\n", sgx-
> >epc_size);
> + virBufferAdjustIndent(buf, -2);
> + virBufferAddLit(buf, "</sgx>\n");
> +}
> +
>
> char *
> virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps)
> @@ -4671,6 +4786,9 @@ virQEMUCapsFormatCache(virQEMUCapsPtr
qemuCaps)
> if (qemuCaps->sevCapabilities)
> virQEMUCapsFormatSEVInfo(qemuCaps, &buf);
>
> + if (qemuCaps->sgxCapabilities)
> + virQEMUCapsFormatSGXInfo(qemuCaps, &buf);
> +
> if (qemuCaps->kvmSupportsNesting)
> virBufferAddLit(&buf, "<kvmSupportsNesting/>\n");
>
> @@ -5323,6 +5441,8 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr
> qemuCaps,
> return -1;
> if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0)
> return -1;
> + if (virQEMUCapsProbeQMPSGXCapabilities(qemuCaps, mon) < 0)
> + return -1;
>
> virQEMUCapsInitProcessCaps(qemuCaps);
>
> @@ -6245,6 +6365,31 @@
> virQEMUCapsFillDomainFeatureGICCaps(virQEMUCapsPtr qemuCaps,
> }
>
>
> +/**
> + * virQEMUCapsFillDomainFeatureiSGXCaps:
> + * @qemuCaps: QEMU capabilities
> + * @domCaps: domain capabilities
> + *
> + * Take the information about SGX capabilities that has been
> obtained
> + * using the 'query-sgx-capabilities' QMP command and stored in
> @qemuCaps
> + * and convert it to a form suitable for @domCaps.
> + */
> +static void
> +virQEMUCapsFillDomainFeatureSGXCaps(virQEMUCapsPtr qemuCaps,
> + virDomainCapsPtr domCaps)
> +{
> + virSGXCapability *cap = qemuCaps->sgxCapabilities;
> +
> + if (!cap)
> + return;
> +
> + domCaps->sgx = g_new0(virSGXCapability, 1);
> +
> + domCaps->sgx->flc = cap->flc;
> + domCaps->sgx->epc_size = cap->epc_size;
> +}
> +
> +
> /**
> * virQEMUCapsFillDomainFeatureSEVCaps:
> * @qemuCaps: QEMU capabilities
> @@ -6316,6 +6461,7 @@ virQEMUCapsFillDomainCaps(virQEMUCapsPtr
> qemuCaps,
> virQEMUCapsFillDomainDeviceRNGCaps(qemuCaps, rng);
> virQEMUCapsFillDomainFeatureGICCaps(qemuCaps, domCaps);
> virQEMUCapsFillDomainFeatureSEVCaps(qemuCaps, domCaps);
> + virQEMUCapsFillDomainFeatureSGXCaps(qemuCaps, domCaps);
>
> return 0;
> }
> diff --git a/src/qemu/qemu_capabilities.h
> b/src/qemu/qemu_capabilities.h
> index 5d08941538..0e3af622a7 100644
> --- a/src/qemu/qemu_capabilities.h
> +++ b/src/qemu/qemu_capabilities.h
> @@ -578,6 +578,9 @@ typedef enum { /* virQEMUCapsFlags grouping
> marker for syntax-check */
> QEMU_CAPS_NUMA_HMAT, /* -numa hmat */
> QEMU_CAPS_BLOCKDEV_HOSTDEV_SCSI, /* -blockdev used for (i)SCSI
> hostdevs */
>
> + /* 380 */
> + QEMU_CAPS_SGX_EPC, /* -object sgx-epc,... */
> +
> QEMU_CAPS_LAST /* this must always be the last item */
> } virQEMUCapsFlags;
>
> @@ -759,5 +762,8 @@
virQEMUCapsCPUFeatureFromQEMU(virQEMUCapsPtr
> qemuCaps,
> virSEVCapabilityPtr
> virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCaps);
>
> +virSGXCapabilityPtr
> +virQEMUCapsGetSGXCapabilities(virQEMUCapsPtr qemuCaps);
> +
> virArch virQEMUCapsArchFromString(const char *arch);
> const char *virQEMUCapsArchToString(virArch arch);
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index fb05acbc94..9462b5a6c8 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -6405,7 +6405,7 @@ qemuBuildCpuModelArgStr(virQEMUDriverPtr
> driver,
>
> case VIR_CPU_MODE_CUSTOM:
> virBufferAdd(buf, cpu->model, -1);
> - if(def->sgx)
> + if (def->sgx)
> virBufferAdd(buf,
Fix in previous patch.
[Haibin] ok
> ",+sgx,+sgx-debug,+sgx1,+sgx-encls-c,+sgx-
> enclv,+sgx-exinfo,"
> "+sgx-kss,+sgx-mode64,+sgx-
> provisionkey,+sgx-tokenkey,+sgx2,"
> diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
> index 637361d24d..1e377ee8dc 100644
> --- a/src/qemu/qemu_monitor.c
> +++ b/src/qemu/qemu_monitor.c
> @@ -3870,6 +3870,16 @@ qemuMonitorGetSEVCapabilities(qemuMonitorPtr
> mon,
> }
>
>
> +int
> +qemuMonitorGetSGXCapabilities(qemuMonitorPtr mon,
> + virSGXCapability **capabilities)
> +{
> + QEMU_CHECK_MONITOR(mon);
> +
> + return qemuMonitorJSONGetSGXCapabilities(mon, capabilities);
> +}
> +
> +
> int
> qemuMonitorNBDServerStart(qemuMonitorPtr mon,
> const virStorageNetHostDef *server,
> diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
> index d20a15c202..76b3cd54c7 100644
> --- a/src/qemu/qemu_monitor.h
> +++ b/src/qemu/qemu_monitor.h
> @@ -836,6 +836,9 @@ int qemuMonitorGetGICCapabilities(qemuMonitorPtr
> mon,
> int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon,
> virSEVCapability **capabilities);
>
> +int qemuMonitorGetSGXCapabilities(qemuMonitorPtr mon,
> + virSGXCapability **capabilities);
> +
> typedef enum {
> QEMU_MONITOR_MIGRATE_BACKGROUND = 1 << 0,
> QEMU_MONITOR_MIGRATE_NON_SHARED_DISK = 1 << 1, /* migration
with
> non-shared storage with full disk copy */
> diff --git a/src/qemu/qemu_monitor_json.c
> b/src/qemu/qemu_monitor_json.c
> index 9cdf6c0f7f..06f0738ad8 100644
> --- a/src/qemu/qemu_monitor_json.c
> +++ b/src/qemu/qemu_monitor_json.c
> @@ -44,6 +44,7 @@
> # include "libvirt_qemu_probes.h"
> #endif
>
> +#define KB 1024
> #define VIR_FROM_THIS VIR_FROM_QEMU
>
> VIR_LOG_INIT("qemu.qemu_monitor_json");
> @@ -7056,6 +7057,96 @@
> qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon,
> }
>
>
> +/**
> + * qemuMonitorJSONGetSGXCapabilities:
> + * @mon: qemu monitor object
> + * @capabilities: pointer to pointer to a SGX capability structure
> to be filled
> + *
> + * This function queries and fills in INTEL's SGX platform-specific
> data.
> + * Note that from QEMU's POV both -object sgx-epc and query-sgx-
> capabilities
> + * can be present even if SGX is not available, which basically
> leaves us with
> + * checking for JSON "GenericError" in order to differentiate
> between compiled-in
> + * support and actual SGX support on the platform.
> + *
> + * Returns -1 on error, 0 if SGX is not supported, and 1 if SGX is
> supported on
> + * the platform.
> + */
> +int
> +qemuMonitorJSONGetSGXCapabilities(qemuMonitorPtr mon,
> + virSGXCapability **capabilities)
> +{
> + int ret = -1;
> + virJSONValuePtr cmd;
> + virJSONValuePtr reply = NULL;
> + virJSONValuePtr caps;
> + bool sgx = false;
> + bool flc = false;
> + unsigned int section_size = 0;
> + g_autoptr(virSGXCapability) capability = NULL;
> +
> + *capabilities = NULL;
> +
> + if (!(cmd = qemuMonitorJSONMakeCommand("query-sgx-capabilities",
> NULL)))
> + return -1;
> +
> + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0)
> + goto cleanup;
> +
> + /* QEMU has only compiled-in support of SGX */
> + if (qemuMonitorJSONHasError(reply, "GenericError")) {
> + ret = 0;
> + goto cleanup;
> + }
> +
> + if (qemuMonitorJSONCheckError(cmd, reply) < 0)
> + goto cleanup;
> +
> + caps = virJSONValueObjectGetObject(reply, "return");
> +
> + if (virJSONValueObjectGetBoolean(caps, "sgx", &sgx) < 0) {
> + virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> + _("query-sgx reply was missing"
> + " 'sgx' field"));
> + goto cleanup;
> + }
> + if (!sgx) {
> + VIR_WARN("sgx is not support %d\n", sgx);
> + ret = 0;
> + goto cleanup;
> + }
> +
> + if (virJSONValueObjectGetBoolean(caps, "flc", &flc) < 0) {
> + virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> + _("query-sgx-capabilities reply was missing"
> + " 'flc' field"));
> + goto cleanup;
> + }
> +
> + if (virJSONValueObjectGetNumberUint(caps, "section-size",
> §ion_size) < 0) {
> + virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
> + _("query-sgx-capabilities reply was missing"
> + " 'section-size' field"));
> + goto cleanup;
> + }
> +
> +
> + if (VIR_ALLOC(capability) < 0)
> + goto cleanup;
> +
> + capability->flc = flc;
> +
> + capability->epc_size = section_size/(KB);
> + *capabilities = g_steal_pointer(&capability);
> + ret = 1;
> +
> + cleanup:
> + virJSONValueFree(cmd);
> + virJSONValueFree(reply);
Using "g_autoptr(virJsonValue) cmd;" and "g_autoptr(virJsonValue)
reply;" would remove the need for "goto" and the label.
[Haibin] good point
Regards,
Tim
> +
> + return ret;
> +}
> +
> +
> /**
> * qemuMonitorJSONGetSEVCapabilities:
> * @mon: qemu monitor object
> diff --git a/src/qemu/qemu_monitor_json.h
> b/src/qemu/qemu_monitor_json.h
> index 098ab857be..b0c23e57ac 100644
> --- a/src/qemu/qemu_monitor_json.h
> +++ b/src/qemu/qemu_monitor_json.h
> @@ -159,6 +159,9 @@ int
> qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon,
> int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon,
> virSEVCapability
> **capabilities);
>
> +int qemuMonitorJSONGetSGXCapabilities(qemuMonitorPtr mon,
> + virSGXCapability
> **capabilities);
> +
> int qemuMonitorJSONMigrate(qemuMonitorPtr mon,
> unsigned int flags,
> const char *uri);
> diff --git a/tests/domaincapsdata/bhyve_basic.x86_64.xml
> b/tests/domaincapsdata/bhyve_basic.x86_64.xml
> index bdf2c4eee8..8998fb2cee 100644
> --- a/tests/domaincapsdata/bhyve_basic.x86_64.xml
> +++ b/tests/domaincapsdata/bhyve_basic.x86_64.xml
> @@ -32,5 +32,6 @@
> <vmcoreinfo supported='no'/>
> <genid supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/bhyve_fbuf.x86_64.xml
> b/tests/domaincapsdata/bhyve_fbuf.x86_64.xml
> index f998c457c1..e013463456 100644
> --- a/tests/domaincapsdata/bhyve_fbuf.x86_64.xml
> +++ b/tests/domaincapsdata/bhyve_fbuf.x86_64.xml
> @@ -49,5 +49,6 @@
> <vmcoreinfo supported='no'/>
> <genid supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/bhyve_uefi.x86_64.xml
> b/tests/domaincapsdata/bhyve_uefi.x86_64.xml
> index 18f90023d5..d6243db384 100644
> --- a/tests/domaincapsdata/bhyve_uefi.x86_64.xml
> +++ b/tests/domaincapsdata/bhyve_uefi.x86_64.xml
> @@ -41,5 +41,6 @@
> <vmcoreinfo supported='no'/>
> <genid supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/empty.xml
> b/tests/domaincapsdata/empty.xml
> index 6c3f5f54fd..df55215ed5 100644
> --- a/tests/domaincapsdata/empty.xml
> +++ b/tests/domaincapsdata/empty.xml
> @@ -12,5 +12,6 @@
> </devices>
> <features>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/libxl-xenfv.xml
> b/tests/domaincapsdata/libxl-xenfv.xml
> index 4efc137c97..160c220728 100644
> --- a/tests/domaincapsdata/libxl-xenfv.xml
> +++ b/tests/domaincapsdata/libxl-xenfv.xml
> @@ -75,5 +75,6 @@
> <vmcoreinfo supported='no'/>
> <genid supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/libxl-xenpv.xml
> b/tests/domaincapsdata/libxl-xenpv.xml
> index 70e598fe9e..cbd64fabfc 100644
> --- a/tests/domaincapsdata/libxl-xenpv.xml
> +++ b/tests/domaincapsdata/libxl-xenpv.xml
> @@ -65,5 +65,6 @@
> <vmcoreinfo supported='no'/>
> <genid supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.5.3-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_1.5.3-q35.x86_64.xml
> index 3ed96a3ee7..183f55a09d 100644
> --- a/tests/domaincapsdata/qemu_1.5.3-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.5.3-q35.x86_64.xml
> @@ -137,5 +137,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.5.3-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_1.5.3-tcg.x86_64.xml
> index 3b3d89a643..680751ab5e 100644
> --- a/tests/domaincapsdata/qemu_1.5.3-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.5.3-tcg.x86_64.xml
> @@ -133,5 +133,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.5.3.x86_64.xml
> b/tests/domaincapsdata/qemu_1.5.3.x86_64.xml
> index 20cd3a105a..f2737be495 100644
> --- a/tests/domaincapsdata/qemu_1.5.3.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.5.3.x86_64.xml
> @@ -137,5 +137,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.6.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_1.6.0-q35.x86_64.xml
> index a4b26b46cb..38f510c0b4 100644
> --- a/tests/domaincapsdata/qemu_1.6.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.6.0-q35.x86_64.xml
> @@ -137,5 +137,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.6.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_1.6.0-tcg.x86_64.xml
> index 6bff19bad5..970d2b7b83 100644
> --- a/tests/domaincapsdata/qemu_1.6.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.6.0-tcg.x86_64.xml
> @@ -133,5 +133,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.6.0.x86_64.xml
> b/tests/domaincapsdata/qemu_1.6.0.x86_64.xml
> index 16417a13d2..eaa3e872e4 100644
> --- a/tests/domaincapsdata/qemu_1.6.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.6.0.x86_64.xml
> @@ -137,5 +137,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.7.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_1.7.0-q35.x86_64.xml
> index 559b49491e..55460bb3eb 100644
> --- a/tests/domaincapsdata/qemu_1.7.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.7.0-q35.x86_64.xml
> @@ -137,5 +137,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.7.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_1.7.0-tcg.x86_64.xml
> index 97e71bffff..cf816e1315 100644
> --- a/tests/domaincapsdata/qemu_1.7.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.7.0-tcg.x86_64.xml
> @@ -133,5 +133,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_1.7.0.x86_64.xml
> b/tests/domaincapsdata/qemu_1.7.0.x86_64.xml
> index 472c073de9..e86e538268 100644
> --- a/tests/domaincapsdata/qemu_1.7.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_1.7.0.x86_64.xml
> @@ -137,5 +137,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.1.1-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.1.1-q35.x86_64.xml
> index a87f5b2a63..7a94784943 100644
> --- a/tests/domaincapsdata/qemu_2.1.1-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.1.1-q35.x86_64.xml
> @@ -138,5 +138,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.1.1-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.1.1-tcg.x86_64.xml
> index 192a505d77..413f46d5a6 100644
> --- a/tests/domaincapsdata/qemu_2.1.1-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.1.1-tcg.x86_64.xml
> @@ -134,5 +134,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.1.1.x86_64.xml
> b/tests/domaincapsdata/qemu_2.1.1.x86_64.xml
> index 15adfe0ee8..d087157b06 100644
> --- a/tests/domaincapsdata/qemu_2.1.1.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.1.1.x86_64.xml
> @@ -138,5 +138,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.10.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.10.0-q35.x86_64.xml
> index be2840d9b8..a70eb157d9 100644
> --- a/tests/domaincapsdata/qemu_2.10.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.10.0-q35.x86_64.xml
> @@ -161,5 +161,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.10.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.10.0-tcg.x86_64.xml
> index 1193f49bd6..1730dd81ab 100644
> --- a/tests/domaincapsdata/qemu_2.10.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.10.0-tcg.x86_64.xml
> @@ -176,5 +176,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.10.0-virt.aarch64.xml
> b/tests/domaincapsdata/qemu_2.10.0-virt.aarch64.xml
> index 4505d64e3a..0fded78a64 100644
> --- a/tests/domaincapsdata/qemu_2.10.0-virt.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_2.10.0-virt.aarch64.xml
> @@ -145,5 +145,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.10.0.aarch64.xml
> b/tests/domaincapsdata/qemu_2.10.0.aarch64.xml
> index 629833b745..d74e018aea 100644
> --- a/tests/domaincapsdata/qemu_2.10.0.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_2.10.0.aarch64.xml
> @@ -139,5 +139,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.10.0.ppc64.xml
> b/tests/domaincapsdata/qemu_2.10.0.ppc64.xml
> index 863afbc0df..ba102fd26f 100644
> --- a/tests/domaincapsdata/qemu_2.10.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_2.10.0.ppc64.xml
> @@ -111,5 +111,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.10.0.s390x.xml
> b/tests/domaincapsdata/qemu_2.10.0.s390x.xml
> index ce5c92edce..3c16cc8b05 100644
> --- a/tests/domaincapsdata/qemu_2.10.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_2.10.0.s390x.xml
> @@ -200,5 +200,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.10.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.10.0.x86_64.xml
> index 6596016d33..a47914a796 100644
> --- a/tests/domaincapsdata/qemu_2.10.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.10.0.x86_64.xml
> @@ -161,5 +161,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.11.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.11.0-q35.x86_64.xml
> index c2e148e0fc..f0348486fd 100644
> --- a/tests/domaincapsdata/qemu_2.11.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.11.0-q35.x86_64.xml
> @@ -159,5 +159,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.11.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.11.0-tcg.x86_64.xml
> index 7f66cf7b7e..e8282b30fc 100644
> --- a/tests/domaincapsdata/qemu_2.11.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.11.0-tcg.x86_64.xml
> @@ -171,5 +171,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.11.0.s390x.xml
> b/tests/domaincapsdata/qemu_2.11.0.s390x.xml
> index c5b48fdad5..2fdbe3ce5d 100644
> --- a/tests/domaincapsdata/qemu_2.11.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_2.11.0.s390x.xml
> @@ -199,5 +199,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.11.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.11.0.x86_64.xml
> index 38b6b20f77..de5404b2a4 100644
> --- a/tests/domaincapsdata/qemu_2.11.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.11.0.x86_64.xml
> @@ -159,5 +159,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml
> index 8d38d33369..e977a8937a 100644
> --- a/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml
> @@ -176,5 +176,6 @@
> <cbitpos>47</cbitpos>
> <reducedPhysBits>1</reducedPhysBits>
> </sev>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml
> index 9a89587115..3a4c85eb65 100644
> --- a/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml
> @@ -185,5 +185,6 @@
> <cbitpos>47</cbitpos>
> <reducedPhysBits>1</reducedPhysBits>
> </sev>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.12.0-virt.aarch64.xml
> b/tests/domaincapsdata/qemu_2.12.0-virt.aarch64.xml
> index 8ea58bfa25..f78722ea3c 100644
> --- a/tests/domaincapsdata/qemu_2.12.0-virt.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_2.12.0-virt.aarch64.xml
> @@ -147,5 +147,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.12.0.aarch64.xml
> b/tests/domaincapsdata/qemu_2.12.0.aarch64.xml
> index 667516e75e..c7de5ad674 100644
> --- a/tests/domaincapsdata/qemu_2.12.0.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_2.12.0.aarch64.xml
> @@ -141,5 +141,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.12.0.ppc64.xml
> b/tests/domaincapsdata/qemu_2.12.0.ppc64.xml
> index eac3e6a868..8d3377e937 100644
> --- a/tests/domaincapsdata/qemu_2.12.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_2.12.0.ppc64.xml
> @@ -111,5 +111,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.12.0.s390x.xml
> b/tests/domaincapsdata/qemu_2.12.0.s390x.xml
> index 01cc3d81ec..12ff7cfd95 100644
> --- a/tests/domaincapsdata/qemu_2.12.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_2.12.0.s390x.xml
> @@ -198,5 +198,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.12.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.12.0.x86_64.xml
> index 6e006a3ba3..2039b77790 100644
> --- a/tests/domaincapsdata/qemu_2.12.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.12.0.x86_64.xml
> @@ -176,5 +176,6 @@
> <cbitpos>47</cbitpos>
> <reducedPhysBits>1</reducedPhysBits>
> </sev>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.4.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.4.0-q35.x86_64.xml
> index 23e103927e..608118652a 100644
> --- a/tests/domaincapsdata/qemu_2.4.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.4.0-q35.x86_64.xml
> @@ -146,5 +146,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.4.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.4.0-tcg.x86_64.xml
> index 2a6296739c..411780d41e 100644
> --- a/tests/domaincapsdata/qemu_2.4.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.4.0-tcg.x86_64.xml
> @@ -142,5 +142,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.4.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.4.0.x86_64.xml
> index 7c6d78e510..6bd8627277 100644
> --- a/tests/domaincapsdata/qemu_2.4.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.4.0.x86_64.xml
> @@ -146,5 +146,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.5.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.5.0-q35.x86_64.xml
> index bb8bd9c5c5..fe465bcfaa 100644
> --- a/tests/domaincapsdata/qemu_2.5.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.5.0-q35.x86_64.xml
> @@ -146,5 +146,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.5.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.5.0-tcg.x86_64.xml
> index 8b022e9bd7..b4803039df 100644
> --- a/tests/domaincapsdata/qemu_2.5.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.5.0-tcg.x86_64.xml
> @@ -142,5 +142,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.5.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.5.0.x86_64.xml
> index a89990a42e..07eea7c96c 100644
> --- a/tests/domaincapsdata/qemu_2.5.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.5.0.x86_64.xml
> @@ -146,5 +146,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.6.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.6.0-q35.x86_64.xml
> index 251696a161..c490c36170 100644
> --- a/tests/domaincapsdata/qemu_2.6.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.6.0-q35.x86_64.xml
> @@ -146,5 +146,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.6.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.6.0-tcg.x86_64.xml
> index 7937fad971..3b53321be5 100644
> --- a/tests/domaincapsdata/qemu_2.6.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.6.0-tcg.x86_64.xml
> @@ -142,5 +142,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.6.0-virt.aarch64.xml
> b/tests/domaincapsdata/qemu_2.6.0-virt.aarch64.xml
> index 95053e9cbe..c1697eabf8 100644
> --- a/tests/domaincapsdata/qemu_2.6.0-virt.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_2.6.0-virt.aarch64.xml
> @@ -144,5 +144,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.6.0.aarch64.xml
> b/tests/domaincapsdata/qemu_2.6.0.aarch64.xml
> index 223e944c8a..121acd636f 100644
> --- a/tests/domaincapsdata/qemu_2.6.0.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_2.6.0.aarch64.xml
> @@ -138,5 +138,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.6.0.ppc64.xml
> b/tests/domaincapsdata/qemu_2.6.0.ppc64.xml
> index c97f232028..41217aa7b1 100644
> --- a/tests/domaincapsdata/qemu_2.6.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_2.6.0.ppc64.xml
> @@ -111,5 +111,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.6.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.6.0.x86_64.xml
> index f95f8fb46a..586855e7e3 100644
> --- a/tests/domaincapsdata/qemu_2.6.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.6.0.x86_64.xml
> @@ -146,5 +146,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.7.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.7.0-q35.x86_64.xml
> index 1e6c47f2d6..d8e523e904 100644
> --- a/tests/domaincapsdata/qemu_2.7.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.7.0-q35.x86_64.xml
> @@ -147,5 +147,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.7.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.7.0-tcg.x86_64.xml
> index 8b7c2ce8e6..ed92bee692 100644
> --- a/tests/domaincapsdata/qemu_2.7.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.7.0-tcg.x86_64.xml
> @@ -143,5 +143,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.7.0.s390x.xml
> b/tests/domaincapsdata/qemu_2.7.0.s390x.xml
> index ff3dd4939b..b8bc1245ec 100644
> --- a/tests/domaincapsdata/qemu_2.7.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_2.7.0.s390x.xml
> @@ -103,5 +103,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.7.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.7.0.x86_64.xml
> index da1b10c41b..c2df40d00e 100644
> --- a/tests/domaincapsdata/qemu_2.7.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.7.0.x86_64.xml
> @@ -147,5 +147,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.8.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.8.0-q35.x86_64.xml
> index 0a7493d86d..78acecdfd7 100644
> --- a/tests/domaincapsdata/qemu_2.8.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.8.0-q35.x86_64.xml
> @@ -147,5 +147,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.8.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.8.0-tcg.x86_64.xml
> index 100e8e059c..638bfea6f7 100644
> --- a/tests/domaincapsdata/qemu_2.8.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.8.0-tcg.x86_64.xml
> @@ -143,5 +143,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.8.0.s390x.xml
> b/tests/domaincapsdata/qemu_2.8.0.s390x.xml
> index 47b1aa46f7..233092be64 100644
> --- a/tests/domaincapsdata/qemu_2.8.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_2.8.0.s390x.xml
> @@ -184,5 +184,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.8.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.8.0.x86_64.xml
> index 6fa754c18a..deb094df40 100644
> --- a/tests/domaincapsdata/qemu_2.8.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.8.0.x86_64.xml
> @@ -147,5 +147,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.9.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_2.9.0-q35.x86_64.xml
> index 3df3c3738e..0669e56b1d 100644
> --- a/tests/domaincapsdata/qemu_2.9.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.9.0-q35.x86_64.xml
> @@ -156,5 +156,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.9.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_2.9.0-tcg.x86_64.xml
> index 08bb5fbad7..045c308f8e 100644
> --- a/tests/domaincapsdata/qemu_2.9.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.9.0-tcg.x86_64.xml
> @@ -175,5 +175,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.9.0.ppc64.xml
> b/tests/domaincapsdata/qemu_2.9.0.ppc64.xml
> index 3776b6ed9c..deca3b2373 100644
> --- a/tests/domaincapsdata/qemu_2.9.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_2.9.0.ppc64.xml
> @@ -111,5 +111,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.9.0.s390x.xml
> b/tests/domaincapsdata/qemu_2.9.0.s390x.xml
> index cf7e7781cc..263a2a9a71 100644
> --- a/tests/domaincapsdata/qemu_2.9.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_2.9.0.s390x.xml
> @@ -185,5 +185,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_2.9.0.x86_64.xml
> b/tests/domaincapsdata/qemu_2.9.0.x86_64.xml
> index a80ef28488..a553b5c7f2 100644
> --- a/tests/domaincapsdata/qemu_2.9.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_2.9.0.x86_64.xml
> @@ -156,5 +156,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.0.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_3.0.0-q35.x86_64.xml
> index cd37906bc7..b8e27b774d 100644
> --- a/tests/domaincapsdata/qemu_3.0.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_3.0.0-q35.x86_64.xml
> @@ -174,5 +174,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml
> index d3211e7a13..797b3496b8 100644
> --- a/tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml
> @@ -185,5 +185,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.0.0.ppc64.xml
> b/tests/domaincapsdata/qemu_3.0.0.ppc64.xml
> index 1b8ddd4ed0..e791c0619c 100644
> --- a/tests/domaincapsdata/qemu_3.0.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_3.0.0.ppc64.xml
> @@ -113,5 +113,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.0.0.s390x.xml
> b/tests/domaincapsdata/qemu_3.0.0.s390x.xml
> index 7a4e536fb5..c12e40ca10 100644
> --- a/tests/domaincapsdata/qemu_3.0.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_3.0.0.s390x.xml
> @@ -205,5 +205,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.0.0.x86_64.xml
> b/tests/domaincapsdata/qemu_3.0.0.x86_64.xml
> index 9fa4224760..7667232cb1 100644
> --- a/tests/domaincapsdata/qemu_3.0.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_3.0.0.x86_64.xml
> @@ -174,5 +174,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.1.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_3.1.0-q35.x86_64.xml
> index 82b1b6a095..f24b621b4a 100644
> --- a/tests/domaincapsdata/qemu_3.1.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_3.1.0-q35.x86_64.xml
> @@ -177,5 +177,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.1.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_3.1.0-tcg.x86_64.xml
> index 756b28034e..8ddcf7495d 100644
> --- a/tests/domaincapsdata/qemu_3.1.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_3.1.0-tcg.x86_64.xml
> @@ -188,5 +188,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.1.0.ppc64.xml
> b/tests/domaincapsdata/qemu_3.1.0.ppc64.xml
> index 6a2bc87947..b34c8e8e02 100644
> --- a/tests/domaincapsdata/qemu_3.1.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_3.1.0.ppc64.xml
> @@ -113,5 +113,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_3.1.0.x86_64.xml
> b/tests/domaincapsdata/qemu_3.1.0.x86_64.xml
> index ffc82f17c3..5440773513 100644
> --- a/tests/domaincapsdata/qemu_3.1.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_3.1.0.x86_64.xml
> @@ -177,5 +177,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.0.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_4.0.0-q35.x86_64.xml
> index c837de966f..2ccb7e850f 100644
> --- a/tests/domaincapsdata/qemu_4.0.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.0.0-q35.x86_64.xml
> @@ -177,5 +177,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.0.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_4.0.0-tcg.x86_64.xml
> index 0aa8aa18be..87a56371e1 100644
> --- a/tests/domaincapsdata/qemu_4.0.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.0.0-tcg.x86_64.xml
> @@ -189,5 +189,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.0.0-virt.aarch64.xml
> b/tests/domaincapsdata/qemu_4.0.0-virt.aarch64.xml
> index f5347aba9f..6a8a15cb82 100644
> --- a/tests/domaincapsdata/qemu_4.0.0-virt.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_4.0.0-virt.aarch64.xml
> @@ -154,5 +154,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.0.0.aarch64.xml
> b/tests/domaincapsdata/qemu_4.0.0.aarch64.xml
> index b879d7553c..2a6d6cb4ec 100644
> --- a/tests/domaincapsdata/qemu_4.0.0.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_4.0.0.aarch64.xml
> @@ -148,5 +148,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.0.0.ppc64.xml
> b/tests/domaincapsdata/qemu_4.0.0.ppc64.xml
> index 0642753f11..4831fe949d 100644
> --- a/tests/domaincapsdata/qemu_4.0.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_4.0.0.ppc64.xml
> @@ -114,5 +114,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.0.0.s390x.xml
> b/tests/domaincapsdata/qemu_4.0.0.s390x.xml
> index 632c26d689..7277154d38 100644
> --- a/tests/domaincapsdata/qemu_4.0.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_4.0.0.s390x.xml
> @@ -210,5 +210,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.0.0.x86_64.xml
> b/tests/domaincapsdata/qemu_4.0.0.x86_64.xml
> index 3f64bd4b66..e230e39773 100644
> --- a/tests/domaincapsdata/qemu_4.0.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.0.0.x86_64.xml
> @@ -177,5 +177,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.1.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_4.1.0-q35.x86_64.xml
> index 8bf41d6b49..4ea0c221e3 100644
> --- a/tests/domaincapsdata/qemu_4.1.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.1.0-q35.x86_64.xml
> @@ -182,5 +182,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.1.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_4.1.0-tcg.x86_64.xml
> index d6265ce243..fd8a2d29de 100644
> --- a/tests/domaincapsdata/qemu_4.1.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.1.0-tcg.x86_64.xml
> @@ -190,5 +190,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.1.0.x86_64.xml
> b/tests/domaincapsdata/qemu_4.1.0.x86_64.xml
> index 5010f879a6..db4fbb81d5 100644
> --- a/tests/domaincapsdata/qemu_4.1.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.1.0.x86_64.xml
> @@ -182,5 +182,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml
> index 6f72b67f68..dc1e0b1bcc 100644
> --- a/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml
> @@ -189,5 +189,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml
> index 7339a3f81c..298cd92d3d 100644
> --- a/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml
> @@ -196,5 +196,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml
> b/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml
> index ef57216562..8ede831af4 100644
> --- a/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml
> @@ -155,5 +155,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.2.0.aarch64.xml
> b/tests/domaincapsdata/qemu_4.2.0.aarch64.xml
> index 3cf2a6faf1..802631b704 100644
> --- a/tests/domaincapsdata/qemu_4.2.0.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_4.2.0.aarch64.xml
> @@ -149,5 +149,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.2.0.ppc64.xml
> b/tests/domaincapsdata/qemu_4.2.0.ppc64.xml
> index 0f2cf6da64..14923e14b5 100644
> --- a/tests/domaincapsdata/qemu_4.2.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_4.2.0.ppc64.xml
> @@ -115,5 +115,6 @@
> <backingStoreInput supported='no'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.2.0.s390x.xml
> b/tests/domaincapsdata/qemu_4.2.0.s390x.xml
> index ecd037438a..21cefb9ff4 100644
> --- a/tests/domaincapsdata/qemu_4.2.0.s390x.xml
> +++ b/tests/domaincapsdata/qemu_4.2.0.s390x.xml
> @@ -224,5 +224,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_4.2.0.x86_64.xml
> b/tests/domaincapsdata/qemu_4.2.0.x86_64.xml
> index f4a8321637..55b3e0d545 100644
> --- a/tests/domaincapsdata/qemu_4.2.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_4.2.0.x86_64.xml
> @@ -189,5 +189,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml
> index fc21b2ad62..0252950bb6 100644
> --- a/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml
> @@ -190,5 +190,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml
> index 110a79dd34..bcbbf8a8d8 100644
> --- a/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml
> @@ -196,5 +196,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml
> b/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml
> index b2b37c0f7b..fc110c1028 100644
> --- a/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml
> @@ -156,5 +156,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.0.0.aarch64.xml
> b/tests/domaincapsdata/qemu_5.0.0.aarch64.xml
> index 7377a2c4cf..d21e85f289 100644
> --- a/tests/domaincapsdata/qemu_5.0.0.aarch64.xml
> +++ b/tests/domaincapsdata/qemu_5.0.0.aarch64.xml
> @@ -150,5 +150,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.0.0.ppc64.xml
> b/tests/domaincapsdata/qemu_5.0.0.ppc64.xml
> index 9693aeb72e..f3ffaaeca9 100644
> --- a/tests/domaincapsdata/qemu_5.0.0.ppc64.xml
> +++ b/tests/domaincapsdata/qemu_5.0.0.ppc64.xml
> @@ -115,5 +115,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.0.0.x86_64.xml
> b/tests/domaincapsdata/qemu_5.0.0.x86_64.xml
> index aceca34c43..269976d0c4 100644
> --- a/tests/domaincapsdata/qemu_5.0.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_5.0.0.x86_64.xml
> @@ -190,5 +190,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml
> b/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml
> index e1762611c5..9044d839ad 100644
> --- a/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml
> @@ -202,5 +202,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml
> b/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml
> index 86f091d238..cec56619d6 100644
> --- a/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml
> @@ -196,5 +196,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>
> diff --git a/tests/domaincapsdata/qemu_5.1.0.x86_64.xml
> b/tests/domaincapsdata/qemu_5.1.0.x86_64.xml
> index 117f316b6a..b0b0d8b4a9 100644
> --- a/tests/domaincapsdata/qemu_5.1.0.x86_64.xml
> +++ b/tests/domaincapsdata/qemu_5.1.0.x86_64.xml
> @@ -202,5 +202,6 @@
> <backingStoreInput supported='yes'/>
> <backup supported='no'/>
> <sev supported='no'/>
> + <sgx supported='no'/>
> </features>
> </domainCapabilities>