5:37 a.m.
There are limits on the number of SEV/SEV-ES guests that can
be run on machines, which may be influenced by firmware
settings. This is important to expose to users.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
docs/formatdomaincaps.html.in | 6 ++++++
docs/schemas/domaincaps.rng | 6 ++++++
src/conf/domain_capabilities.c | 4 ++++
src/conf/domain_capabilities.h | 2 ++
tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml | 2 ++
tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml | 2 ++
tests/domaincapsdata/qemu_2.12.0.x86_64.xml | 2 ++
tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml | 2 ++
tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml | 2 ++
tests/domaincapsdata/qemu_6.0.0.x86_64.xml | 2 ++
10 files changed, 30 insertions(+)
diff --git a/docs/formatdomaincaps.html.in b/docs/formatdomaincaps.html.in
index 915ece8e3e..35b8bf3def 100644
--- a/docs/formatdomaincaps.html.in
+++ b/docs/formatdomaincaps.html.in
@@ -681,6 +681,12 @@
<dt><code>reducedPhysBits</code></dt>
<dd>When memory encryption is enabled, we lose certain bits in physical
address space. The number of bits we lose is hypervisor dependent.</dd>
+ <dt><code>maxGuests</code></dt>
+ <dd>The maximum number of SEV guests that can be launched on the host.
+ This value may be configurable in the firmware for some hosts.</dd>
+ <dt><code>maxESGuests</code></dt>
+ <dd>The maximum number of SEV-ES guests that can be launched on the host.
+ This value may be configurable in the firmware for some hosts.</dd>
</dl>
</body>
diff --git a/docs/schemas/domaincaps.rng b/docs/schemas/domaincaps.rng
index 1b6122507f..b40ee0f35a 100644
--- a/docs/schemas/domaincaps.rng
+++ b/docs/schemas/domaincaps.rng
@@ -323,6 +323,12 @@
<element name="reducedPhysBits">
<data type="unsignedInt"/>
</element>
+ <element name="maxGuests">
+ <data type="unsignedInt"/>
+ </element>
+ <element name="maxESGuests">
+ <data type="unsignedInt"/>
+ </element>
</optional>
</element>
</define>
diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c
index fef1326190..c394a7a390 100644
--- a/src/conf/domain_capabilities.c
+++ b/src/conf/domain_capabilities.c
@@ -597,6 +597,10 @@ virDomainCapsFeatureSEVFormat(virBuffer *buf,
virBufferAsprintf(buf, "<cbitpos>%d</cbitpos>\n",
sev->cbitpos);
virBufferAsprintf(buf,
"<reducedPhysBits>%d</reducedPhysBits>\n",
sev->reduced_phys_bits);
+ virBufferAsprintf(buf, "<maxGuests>%d</maxGuests>\n",
+ sev->max_guests);
+ virBufferAsprintf(buf, "<maxESGuests>%d</maxESGuests>\n",
+ sev->max_es_guests);
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "</sev>\n");
}
diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h
index 2fcad87fd8..1d2f4ac7a5 100644
--- a/src/conf/domain_capabilities.h
+++ b/src/conf/domain_capabilities.h
@@ -187,6 +187,8 @@ struct _virSEVCapability {
char *cert_chain;
unsigned int cbitpos;
unsigned int reduced_phys_bits;
+ unsigned int max_guests;
+ unsigned int max_es_guests;
};
typedef enum {
diff --git a/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml
index 9f41dfaf2b..26816ff066 100644
--- a/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml
@@ -205,6 +205,8 @@
<sev supported='yes'>
<cbitpos>47</cbitpos>
<reducedPhysBits>1</reducedPhysBits>
+ <maxGuests>0</maxGuests>
+ <maxESGuests>0</maxESGuests>
</sev>
</features>
</domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml
index d5f9d8ebe3..5840a8b921 100644
--- a/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml
@@ -215,6 +215,8 @@
<sev supported='yes'>
<cbitpos>47</cbitpos>
<reducedPhysBits>1</reducedPhysBits>
+ <maxGuests>0</maxGuests>
+ <maxESGuests>0</maxESGuests>
</sev>
</features>
</domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_2.12.0.x86_64.xml
b/tests/domaincapsdata/qemu_2.12.0.x86_64.xml
index dc2c3ec4dd..21d1b6946e 100644
--- a/tests/domaincapsdata/qemu_2.12.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_2.12.0.x86_64.xml
@@ -205,6 +205,8 @@
<sev supported='yes'>
<cbitpos>47</cbitpos>
<reducedPhysBits>1</reducedPhysBits>
+ <maxGuests>0</maxGuests>
+ <maxESGuests>0</maxESGuests>
</sev>
</features>
</domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml
b/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml
index 90acb29775..3415d44019 100644
--- a/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml
@@ -227,6 +227,8 @@
<sev supported='yes'>
<cbitpos>47</cbitpos>
<reducedPhysBits>1</reducedPhysBits>
+ <maxGuests>0</maxGuests>
+ <maxESGuests>0</maxESGuests>
</sev>
</features>
</domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml
b/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml
index 768cba5a41..f58be3af6c 100644
--- a/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml
@@ -233,6 +233,8 @@
<sev supported='yes'>
<cbitpos>47</cbitpos>
<reducedPhysBits>1</reducedPhysBits>
+ <maxGuests>0</maxGuests>
+ <maxESGuests>0</maxESGuests>
</sev>
</features>
</domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_6.0.0.x86_64.xml
b/tests/domaincapsdata/qemu_6.0.0.x86_64.xml
index 7a95c530f9..0a2615c519 100644
--- a/tests/domaincapsdata/qemu_6.0.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_6.0.0.x86_64.xml
@@ -227,6 +227,8 @@
<sev supported='yes'>
<cbitpos>47</cbitpos>
<reducedPhysBits>1</reducedPhysBits>
+ <maxGuests>0</maxGuests>
+ <maxESGuests>0</maxESGuests>
</sev>
</features>
</domainCapabilities>
--
2.33.1