2:05 a.m.
since v1:
- added a launch security subtype for SEV to avoid having a 'type' XML
attribute
Erik Skultety (2):
Add support for domain launch security
Add support for SEV in domain capabilities XML
domain.go | 162 ++++++++++++++++++++++++++++++++++++++++++++++++-
domain_capabilities.go | 7 +++
2 files changed, 168 insertions(+), 1 deletion(-)
--
2.14.4
2:05 a.m.
New subject: [libvirt] [libvirt-go-xml PATCH v2 1/2] Add support for domain launch security
Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
---
domain.go | 162 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 161 insertions(+), 1 deletion(-)
diff --git a/domain.go b/domain.go
index aeeb24a..c910962 100644
--- a/domain.go
+++ b/domain.go
@@ -1863,6 +1863,18 @@ type DomainFeatureCapability struct {
State string `xml:"state,attr,omitempty"`
}
+type DomainLaunchSecurity struct {
+ SEV *DomainLaunchSecuritySEV `xml:"-"`
+}
+
+type DomainLaunchSecuritySEV struct {
+ CBitPos *uint `xml:"cbitpos"`
+ ReducedPhysBits *uint `xml:"reducedPhysBits"`
+ Policy *uint `xml:"policy"`
+ DHCert string `xml:"dhCert"`
+ Session string `xml:"sesion"`
+}
+
type DomainFeatureCapabilities struct {
Policy string `xml:"policy,attr,omitempty"`
AuditControl *DomainFeatureCapability `xml:"audit_control"`
@@ -2182,7 +2194,8 @@ type Domain struct {
QEMUCommandline *DomainQEMUCommandline
LXCNamespace *DomainLXCNamespace
VMWareDataCenterPath *DomainVMWareDataCenterPath
- KeyWrap *DomainKeyWrap `xml:"keywrap"`
+ KeyWrap *DomainKeyWrap `xml:"keywrap"`
+ LaunchSecurity *DomainLaunchSecurity `xml:"launchSecurity"`
}
func (d *Domain) Unmarshal(doc string) error {
@@ -4864,3 +4877,150 @@ func (d *DomainCPU) Marshal() (string, error) {
}
return string(doc), nil
}
+
+func (a *DomainLaunchSecuritySEV) MarshalXML (e *xml.Encoder, start xml.StartElement)
error {
+ e.EncodeToken(start)
+ cbitpos := xml.StartElement{
+ Name: xml.Name{Local: "cbitpos"},
+ }
+ e.EncodeToken(cbitpos)
+ e.EncodeToken(xml.CharData(fmt.Sprintf("%d", *a.CBitPos)))
+ e.EncodeToken(cbitpos.End())
+
+ reducedPhysBits := xml.StartElement{
+ Name: xml.Name{Local: "reducedPhysBits"},
+ }
+ e.EncodeToken(reducedPhysBits)
+ e.EncodeToken(xml.CharData(fmt.Sprintf("%d", *a.ReducedPhysBits)))
+ e.EncodeToken(reducedPhysBits.End())
+
+ if a.Policy != nil {
+ policy := xml.StartElement{
+ Name: xml.Name{Local: "policy"},
+ }
+ e.EncodeToken(policy)
+ e.EncodeToken(xml.CharData(fmt.Sprintf("0x%04x", *a.Policy)))
+ e.EncodeToken(policy.End())
+ }
+
+ dhcert := xml.StartElement{
+ Name: xml.Name{Local: "dhCert"},
+ }
+ e.EncodeToken(dhcert)
+ e.EncodeToken(xml.CharData(fmt.Sprintf("%s", a.DHCert)))
+ e.EncodeToken(dhcert.End())
+
+ session := xml.StartElement{
+ Name: xml.Name{Local: "session"},
+ }
+ e.EncodeToken(session)
+ e.EncodeToken(xml.CharData(fmt.Sprintf("%s", a.Session)))
+ e.EncodeToken(session.End())
+
+ e.EncodeToken(start.End())
+
+ return nil
+}
+
+func (a *DomainLaunchSecuritySEV) UnmarshalXML(d *xml.Decoder, start xml.StartElement)
error {
+ for {
+ tok, err := d.Token()
+ if err == io.EOF {
+ break
+ }
+ if err != nil {
+ return err
+ }
+
+ switch tok := tok.(type) {
+ case xml.StartElement:
+ if tok.Name.Local == "policy" {
+ data, err := d.Token()
+ if err != nil {
+ return err
+ }
+ switch data := data.(type) {
+ case xml.CharData:
+ if err := unmarshalUintAttr(string(data), &a.Policy, 16); err != nil {
+ return err
+ }
+ }
+ } else if tok.Name.Local == "cbitpos" {
+ data, err := d.Token()
+ if err != nil {
+ return err
+ }
+ switch data := data.(type) {
+ case xml.CharData:
+ if err := unmarshalUintAttr(string(data), &a.CBitPos, 10); err != nil {
+ return err
+ }
+ }
+ } else if tok.Name.Local == "reducedPhysBits" {
+ data, err := d.Token()
+ if err != nil {
+ return err
+ }
+ switch data := data.(type) {
+ case xml.CharData:
+ if err := unmarshalUintAttr(string(data), &a.ReducedPhysBits, 10); err != nil {
+ return err
+ }
+ }
+ } else if tok.Name.Local == "dhCert" {
+ data, err := d.Token()
+ if err != nil {
+ return err
+ }
+ switch data := data.(type) {
+ case xml.CharData:
+ a.DHCert = string(data)
+ }
+ } else if tok.Name.Local == "session" {
+ data, err := d.Token()
+ if err != nil {
+ return err
+ }
+ switch data := data.(type) {
+ case xml.CharData:
+ a.Session = string(data)
+ }
+ }
+ }
+ }
+ return nil
+}
+
+func (a *DomainLaunchSecurity) MarshalXML(e *xml.Encoder, start xml.StartElement) error
{
+
+ if a.SEV != nil {
+ start.Attr = append(start.Attr, xml.Attr{
+ xml.Name{Local: "type"}, "sev",
+ })
+ return e.EncodeElement(a.SEV, start)
+ } else {
+ return nil
+ }
+
+}
+
+func (a *DomainLaunchSecurity) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error
{
+ var typ string
+ for _, attr := range start.Attr {
+ if attr.Name.Local == "type" {
+ typ = attr.Value
+ }
+ }
+
+ if typ == "" {
+ d.Skip()
+ return nil
+ }
+
+ if typ == "sev" {
+ a.SEV = &DomainLaunchSecuritySEV{}
+ return d.DecodeElement(a.SEV, &start)
+ }
+
+ return nil
+}
--
2.14.4
7:15 a.m.
New subject: [libvirt] [libvirt-go-xml PATCH v2 1/2] Add support for domain launch security
On Mon, Jun 18, 2018 at 09:05:59AM +0200, Erik Skultety wrote:
Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
---
domain.go | 162 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 161 insertions(+), 1 deletion(-)
Reviewed-by: Daniel P. Berrangé <berrange(a)redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
2:06 a.m.
New subject: [libvirt] [libvirt-go-xml PATCH v2 2/2] Add support for SEV in domain capabilities XML
Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
Reviewed-by: Daniel P. Berrangé
---
domain_capabilities.go | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/domain_capabilities.go b/domain_capabilities.go
index 3f5a752..0faa06a 100644
--- a/domain_capabilities.go
+++ b/domain_capabilities.go
@@ -106,6 +106,7 @@ type DomainCapsFeatures struct {
GIC *DomainCapsFeatureGIC `xml:"gic"`
VMCoreInfo *DomainCapsFeatureVMCoreInfo `xml:"vmcoreinfo"`
GenID *DomainCapsFeatureGenID `xml:"genid"`
+ SEV *DomainCapsFeatureSEV `xml:"sev"`
}
type DomainCapsFeatureGIC struct {
@@ -121,6 +122,12 @@ type DomainCapsFeatureGenID struct {
Supported string `xml:"supported,attr"`
}
+type DomainCapsFeatureSEV struct {
+ Supported string `xml:"supported,attr"`
+ CBitPos uint `xml:"cbitpos,omitempty"`
+ ReducedPhysBits uint `xml:"reducedPhysBits,omitempty"`
+}
+
func (c *DomainCaps) Unmarshal(doc string) error {
return xml.Unmarshal([]byte(doc), c)
}
--
2.14.4
7:15 a.m.
New subject: [libvirt] [libvirt-go-xml PATCH v2 2/2] Add support for SEV in domain capabilities XML
On Mon, Jun 18, 2018 at 09:06:00AM +0200, Erik Skultety wrote:
Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
Reviewed-by: Daniel P. Berrangé
Lost my email address here.
Reviewed-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
domain_capabilities.go | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/domain_capabilities.go b/domain_capabilities.go
index 3f5a752..0faa06a 100644
--- a/domain_capabilities.go
+++ b/domain_capabilities.go
@@ -106,6 +106,7 @@ type DomainCapsFeatures struct {
GIC *DomainCapsFeatureGIC `xml:"gic"`
VMCoreInfo *DomainCapsFeatureVMCoreInfo `xml:"vmcoreinfo"`
GenID *DomainCapsFeatureGenID `xml:"genid"`
+ SEV *DomainCapsFeatureSEV `xml:"sev"`
}
type DomainCapsFeatureGIC struct {
@@ -121,6 +122,12 @@ type DomainCapsFeatureGenID struct {
Supported string `xml:"supported,attr"`
}
+type DomainCapsFeatureSEV struct {
+ Supported string `xml:"supported,attr"`
+ CBitPos uint `xml:"cbitpos,omitempty"`
+ ReducedPhysBits uint `xml:"reducedPhysBits,omitempty"`
+}
+
func (c *DomainCaps) Unmarshal(doc string) error {
return xml.Unmarshal([]byte(doc), c)
}
--
2.14.4
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
7:31 a.m.
New subject: [libvirt] [libvirt-go-xml PATCH v2 2/2] Add support for SEV in domain capabilities XML
On Mon, Jun 18, 2018 at 01:15:54PM +0100, Daniel P. Berrangé wrote:
On Mon, Jun 18, 2018 at 09:06:00AM +0200, Erik Skultety wrote:
> Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
> Reviewed-by: Daniel P. Berrangé
Lost my email address here.
Oops, fixed.
Thanks a lot for your help and guidance introducing the bindings.
Erik
2349
days inactive
2349
days old
5 comments
2 participants
participants (2)
-
Daniel P. Berrangé -
Erik Skultety