Re: [libvirt] [PATCH v5 01/10] qemu: provide support to query the SEV capability
On 04/02/2018 10:18 AM, Brijesh Singh wrote:
QEMU version >= 2.12 provides support for launching an encrypted
VMs on
AMD x86 platform using Secure Encrypted Virtualization (SEV) feature.
This patch adds support to query the SEV capability from the qemu.
Reviewed-by: "Daniel P. Berrangé" <berrange(a)redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh(a)amd.com>
---
src/conf/domain_capabilities.h | 13 ++++
src/qemu/qemu_capabilities.c | 38 +++++++++++
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_capspriv.h | 4 ++
src/qemu/qemu_monitor.c | 9 +++
src/qemu/qemu_monitor.h | 3 +
src/qemu/qemu_monitor_json.c | 73 ++++++++++++++++++++++
src/qemu/qemu_monitor_json.h | 3 +
.../caps_2.12.0.x86_64.replies | 10 +++
tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 3 +-
10 files changed, 156 insertions(+), 1 deletion(-)
Should have noted the first time - should have 2 blank lines around new
methods...
e.g.:
diff --git a/src/qemu/qemu_capabilities.c
b/src/qemu/qemu_capabilities.c
index e54dde6..0f6e6fb 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -466,6 +466,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
/* 285 */
"virtio-mouse-ccw",
"virtio-tablet-ccw",
+ "sev-guest",
);
@@ -532,6 +533,8 @@ struct _virQEMUCaps {
size_t ngicCapabilities;
virGICCapability *gicCapabilities;
+ virSEVCapability *sevCapabilities;
+
virQEMUCapsHostCPUData kvmCPU;
virQEMUCapsHostCPUData tcgCPU;
};
@@ -1705,6 +1708,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] = {
{ "virtio-keyboard-ccw", QEMU_CAPS_DEVICE_VIRTIO_KEYBOARD_CCW },
{ "virtio-mouse-ccw", QEMU_CAPS_DEVICE_VIRTIO_MOUSE_CCW },
{ "virtio-tablet-ccw", QEMU_CAPS_DEVICE_VIRTIO_TABLET_CCW },
+ { "sev-guest", QEMU_CAPS_SEV_GUEST },
};
static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBalloon[] = {
@@ -2784,6 +2788,21 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps,
qemuCaps->ngicCapabilities = ncapabilities;
}
Extra blank line here...
+void
+virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps,
+ virSEVCapability *capabilities)
+{
+ virSEVCapability *cap = qemuCaps->sevCapabilities;
+
+ if (cap) {
+ VIR_FREE(cap->pdh);
+ VIR_FREE(cap->cert_chain);
+ }
+
+ VIR_FREE(qemuCaps->sevCapabilities);
+
+ qemuCaps->sevCapabilities = capabilities;
+}
and here
static int
virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps,
@@ -3287,6 +3306,19 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr qemuCaps,
return 0;
}
and here
+static int
+virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps,
+ qemuMonitorPtr mon)
+{
+ virSEVCapability *caps = NULL;
+
+ if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0)
+ return -1;
+
+ virQEMUCapsSetSEVCapabilities(qemuCaps, caps);
+
+ return 0;
+}
and here
bool
virQEMUCapsCPUFilterFeatures(const char *name,
[...]
John
(I would normally fix it for you; however, I have more questions and
comments as I've gone on, so if a v6 will be needed, then you'd need to
fix. I may be able to alter for you depending on some decisions in the
middle patches).