On 1/25/23 01:08, Michal Prívozník wrote:
On 1/17/23 02:46, zhenwei pi wrote:
Support virtio-crypto device, also support cryptodev types: - builtin - lkcf
Finally, we can launch a VM(QEMU) with one or more crypto devices by libvirt.
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> --- src/qemu/qemu_command.c | 110 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 109 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index bb7031f66d..996a13a77b 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -926,6 +926,12 @@ qemuBuildVirtioDevGetConfigDev(const virDomainDeviceDef *device, } break;
+ case VIR_DOMAIN_DEVICE_CRYPTO: { + *baseName = "virtio-crypto"; + *virtioOptions = device->data.crypto->virtio; + break; + } + case VIR_DOMAIN_DEVICE_LEASE: case VIR_DOMAIN_DEVICE_SOUND: case VIR_DOMAIN_DEVICE_WATCHDOG: @@ -942,7 +948,6 @@ qemuBuildVirtioDevGetConfigDev(const virDomainDeviceDef *device, case VIR_DOMAIN_DEVICE_MEMORY: case VIR_DOMAIN_DEVICE_IOMMU: case VIR_DOMAIN_DEVICE_AUDIO: - case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: default: break; @@ -9894,6 +9899,106 @@ qemuBuildVsockCommandLine(virCommand *cmd, }
+static int +qemuBuildCryptoBackendProps(virDomainCryptoDef *crypto, + virJSONValue **props) +{ + g_autofree char *objAlias = NULL; + + objAlias = g_strdup_printf("obj%s", crypto->info.alias); + + switch ((virDomainCryptoBackend) crypto->backend) { + case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN: + if (qemuMonitorCreateObjectProps(props, "cryptodev-backend-builtin", + objAlias, NULL) < 0) + return -1; + + break; + + case VIR_DOMAIN_CRYPTO_BACKEND_LKCF: + if (qemuMonitorCreateObjectProps(props, "cryptodev-backend-lkcf", + objAlias, NULL) < 0) + return -1; + + break; + + case VIR_DOMAIN_CRYPTO_BACKEND_LAST: + break; + }
This can be simplified a bit:
const char *backend = NULL;
switch(crypto->backend) { case ..._BUILTIN: backend = "...-builtin"; break; case ..._LKCF: backend = "...-lkcf"; break; case ..._LAST: break; }
Hi Michal The *builtin* and *lkcf* driver uses no more parameters currently, and the simplified code seems fine. I suppose that other new drivers may be added into QEMU in future, and the new driver may use complex parameters. To avoid trunk of changes in this *switch-case*, I chose the original style in the v1/v2 version.
if (qemuMonitorCreateObjectProps, props, backend, objAlias, ...
+ + if (virJSONValueObjectAdd(props, + "p:queues", crypto->queues,
... and this can be moved into the call too then.
+ NULL) < 0) + return -1; + + + return 0; +}
What I'm missing in this patch is a xml2argv test case (to verify the cmd line generator), e.g.:
diff --git c/tests/qemuxml2argvtest.c i/tests/qemuxml2argvtest.c index 8c52feb83c..3e58a73e41 100644 --- c/tests/qemuxml2argvtest.c +++ i/tests/qemuxml2argvtest.c @@ -2983,6 +2983,8 @@ mymain(void)
DO_TEST_CAPS_VER("sgx-epc", "7.0.0");
+ DO_TEST_CAPS_LATEST("crypto-builtin"); + if (getenv("LIBVIRT_SKIP_CLEANUP") == NULL) virFileDeleteTree(fakerootdir);
And then "writing" corresponding .args file. Okay, nobody really writes it by hand, we all just:
libvirt.git/_build/tests $ VIR_TEST_REGENERATE_OUTPUT=1 ./qemuxml2argvtest
and then inspect generated file (tests/qemuxml2argvdata/crypto-builtin.x86_64-latest.args), thoroughly.
Michal
-- zhenwei pi