3:07 a.m.
As virtio-crypto has been supported in QEMU 2.8 and the frontend
driver has been merged in linux 4.10, so it's necessary to support
virtio-crypto in libvirt.
---
Changes since v3:
- spilt the capabilities part into a separate patch. [Boris]
- include Boris's virtio-crypto ccw support(PATCH 6 & 8). [Boris]
- add the missing capabilities in caps_2.9.0.x86_64.xml. [Boris]
- fix Indentation and missing virDomainCryptoDefFree. [Marc]
Changes since v2:
- PATCH 1: modify docs as Martin & Boris's suggestion. [Martin & Boris]
- PATCH 2: add the missing 'ToString'. [Martin]
- PATCH 3: use virAsprintf instead of virBufferAsprintf. [Martin]
remove pointless virBufferCheckError. [Martin]
- rebase on master. [Longpeng]
Changes since v1:
- split patch [Martin]
- rebase on master [Martin]
- add docs/tests/schema [Martin]
- fix typos [Gonglei]
---
Boris Fiuczynski (2):
qemu: virtio-crypto: add ccw support
qemu: virtio-crypto: add test for ccw support
Longpeng(Mike) (6):
docs: schema: Add basic documentation for the virtual
docs: news: Add virtio-crypto devices
conf: Parse virtio-crypto in the domain XML
caps: Add qemu capabilities about virtio-crypto
qemu: Implement support for 'builtin' backend for virtio-crypto
tests: Add testcase for virtio-crypto parsing
docs/formatdomain.html.in | 61 ++++++
docs/news.xml | 10 +
docs/schemas/domaincommon.rng | 30 +++
src/conf/domain_conf.c | 213 ++++++++++++++++++++-
src/conf/domain_conf.h | 32 ++++
src/libvirt_private.syms | 5 +
src/qemu/qemu_alias.c | 20 ++
src/qemu/qemu_alias.h | 3 +
src/qemu/qemu_capabilities.c | 6 +
src/qemu/qemu_capabilities.h | 4 +
src/qemu/qemu_command.c | 130 +++++++++++++
src/qemu/qemu_command.h | 3 +
src/qemu/qemu_domain_address.c | 25 +++
src/qemu/qemu_driver.c | 6 +
src/qemu/qemu_hotplug.c | 1 +
tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml | 2 +
tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml | 2 +
tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml | 2 +
.../qemuxml2argv-virtio-crypto-builtin.xml | 26 +++
.../qemuxml2argv-virtio-crypto-ccw.args | 22 +++
.../qemuxml2argv-virtio-crypto-ccw.xml | 16 ++
.../qemuxml2argv-virtio-crypto.args | 22 +++
tests/qemuxml2argvtest.c | 6 +
.../qemuxml2xmlout-virtio-crypto-builtin.xml | 31 +++
tests/qemuxml2xmltest.c | 2 +
25 files changed, 679 insertions(+), 1 deletion(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.xml
--
1.8.3.1
3:07 a.m.
New subject: [libvirt] [PATCH v4 1/8] docs: schema: Add basic documentation for the virtual
This patch documents XML elements used for support of virtual
crypto devices.
In the devices section in the domain XML users may specify:
<crypto model='virtio'>
<backend type='builtin' queues='1'/>
</crypto>
to enable the crypto device for guests.
Signed-off-by: Longpeng(Mike) <longpeng2(a)huawei.com>
---
docs/formatdomain.html.in | 61 +++++++++++++++++++++++++++++++++++++++++++
docs/schemas/domaincommon.rng | 30 +++++++++++++++++++++
2 files changed, 91 insertions(+)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 36bea67..7c27ae7 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -7547,6 +7547,67 @@ qemu-kvm -net nic,model=? /dev/null
</dd>
</dl>
+ <h4><a name="elementCrypto">Crypto device</a></h4>
+
+ <p>
+ The virtual crypto device is a virtual crypto accelerator
+ card(provides crypto services, such as CIPHER, MAC, HASH,
+ and AEAD) for virtual machines and it can be added to the
+ guest via the <code>crypto</code> element.
+ <span class="since">Since 3.1.0, QEMU and KVM only</span>
+ </p>
+
+ <p>
+ Example: usage of the crypto device:
+ </p>
+<pre>
+ ...
+ <devices>
+ <crypto model='virtio'>
+ <backend type='builtin' queues='1'/>
+ </crypto>
+ </devices>
+ ...
+</pre>
+ <dl>
+ <dt><code>model</code></dt>
+ <dd>
+ <p>
+ The required <code>model</code> attribute specifies what
+ type of crypto device is provide.
+ Currently only 'virtio' is supported and it needs virtio-crypto
+ guest driver.
+ </p>
+ </dd>
+ <dt><code>backend</code></dt>
+ <dd>
+ <p>
+ The <code>backend</code> element specifies the type and
+ number of queues of the crypto device to be used for the
+ domain.
+ </p>
+ <dl>
+ <dt><code>type</code></dt>
+ <dd>
+ <p>
+ The required <code>type</code> element specifies the
+ type of the crypto device.
+ Currently only supports 'builtin' which uses QEMU's
+ crypto APIs to complete the crypto operations.
+ </p>
+ </dd>
+ <dt><code>queues</code></dt>
+ <dd>
+ <p>
+ The optional <code>queues</code> element specifies the
+ number of queues of the crypto device, the default number
+ of queues is 1.
+ </p>
+ </dd>
+ </dl>
+ </dd>
+ </dl>
+
<h3><a name="seclabel">Security label</a></h3>
<p>
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index bdf7103..6e3b0fd 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -4506,6 +4506,7 @@
<ref name="tpm"/>
<ref name="shmem"/>
<ref name="memorydev"/>
+ <ref name="crypto"/>
</choice>
</zeroOrMore>
<optional>
@@ -5052,6 +5053,35 @@
</optional>
</define>
+ <define name="crypto">
+ <element name="crypto">
+ <attribute name="model">
+ <choice>
+ <value>virtio</value>
+ </choice>
+ </attribute>
+ <ref name="crypto-backend"/>
+ <optional>
+ <ref name="address"/>
+ </optional>
+ </element>
+ </define>
+
+ <define name="crypto-backend">
+ <element name="backend">
+ <attribute name="type">
+ <choice>
+ <value>builtin</value>
+ </choice>
+ </attribute>
+ <optional>
+ <attribute name="queues">
+ <ref name="positiveInteger"/>
+ </attribute>
+ </optional>
+ </element>
+ </define>
+
<define name="usbmaster">
<element name="master">
<attribute name="startport">
--
1.8.3.1
4:33 p.m.
New subject: [libvirt] [PATCH v4 1/8] docs: schema: Add basic documentation for the virtual
On 07/07/2017 04:07 AM, Longpeng(Mike) wrote:
This patch documents XML elements used for support of virtual
crypto devices.
In the devices section in the domain XML users may specify:
<crypto model='virtio'>
<backend type='builtin' queues='1'/>
Add an example <address... > too.
</crypto>
to enable the crypto device for guests.
Signed-off-by: Longpeng(Mike) <longpeng2(a)huawei.com>
Is this the "legal name" that would be used for a commit? Generally we
prefer to see a more legal name rather than someone's email name.
There's plenty of examples in git history.
---
docs/formatdomain.html.in | 61 +++++++++++++++++++++++++++++++++++++++++++
docs/schemas/domaincommon.rng | 30 +++++++++++++++++++++
2 files changed, 91 insertions(+)
For some reason I'm only seeing this patch from the series come through.
Whether that's something specific to the RH email or in general, I'm not
sure. Similarly for your v3 series, just the first patch came through.
Since they were close together - I have to wonder if the RH email system
was having one it's clogged or senior moments and the patches are still
stuck in some queue somewhere. It's happened before, but usually
everything gets backed up, not just one series from one submittor.
I see from the archive you pinged on 7/25 looking for a review on the
series, but even that didn't come through. It's very strange. Still I
think you need to repost and adjust anyway.
Here's some thoughts looking just at the archives though...
Patches 1 & 3 have a "relationship" insomuch as as you're documenting
in
patch 1 before the domain_conf code exists. I think it's best to combine
them.
* For both, will the default of MODEL_VIRTIO and BACKEND_BUILTIN live
for perpetuity? Or is it possible that at some point a "default" or
"unknown" would be required? I ask only since both would be equal to
zero for the enum and VIR_ALLOC means default to zero. So sometimes
adding a "default" or "none" type entry ensures that something does
get
set and it's not some default as a result of the allocation algorithm
that takes over.
* When you add the XML parsing code, you should add the xml2xml tests.
That means grabbing qemuxml2xmltest.c and xml from patches 7 & 8 and
moving them into here.
* For new functions, make sure there's 2 blank lines before and after
the function... virDomainCryptoDefFree only has 1 before.
* For the queues parse, use virStrToLong_uip to ensure no negative is
supplied (per the rng below using positiveInteger)
Patch 2 should be the last patch as news is always last.
Patch 4 is going to need some merge conflict resolution. There is also
now some tests/qemucapabilitiesdata/*ppc* replies/xml that exist -
whether that relates here or not I'm not sure, but something that I
think may have been added since you last posted...
Patch 5...
* There's an error message that has "faile" instead of "failed".
* There's a switch for dev->data.crypto->model that uses
VIR_DOMAIN_RNG_MODEL_LAST for a case.
* Should the alias include the "virtio" in some way. Would it ever be
reasonable for a domain to use two different types for different
devices? Maybe virtio is supplied today and becomes legacy and who
knows what is the new sleek thing next year, but both are allowed so you
have to change the alias then.
* You may way to create an accessor that prints the "obj%s" alias since
it's formatted twice. It'll be useful if you support hotplug as well.
* What about hotplug? You either should support or explicitly deny. I'm
kind of surprised you didn't get build warnings because
VIR_DOMAIN_DEVICE_CRYPTO wasn't added to qemu_driver.c and
qemu_hotplug.c since the switch ((virDomainDeviceType) def->type) is there.
* This is when the qemuxml2argvtest should be adjusted.
Patch 6... Put the comma on the AddLit rather than the next
virBufferAsprintf.... although since PPC and CCW are supported from the
start, I'd say add them both at the same time. Although I do understand
and appreciate why they're separate. Still it's not "new" functionality
for CCW support, so just do it all at once.
Patch 7... Tests are usually added at the time the command is adjusted.
This looks merge-able with patches 3 and 5
Patch 8... Looks merge-able with patches 3 and 6
Couple more comments below...
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 36bea67..7c27ae7 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -7547,6 +7547,67 @@ qemu-kvm -net nic,model=? /dev/null
</dd>
</dl>
+ <h4><a name="elementCrypto">Crypto
device</a></h4>
+
+ <p>
+ The virtual crypto device is a virtual crypto accelerator
+ card(provides crypto services, such as CIPHER, MAC, HASH,
s/card(provides/card (provides)
+ and AEAD) for virtual machines and it can be added to the
+ guest via the <code>crypto</code> element.
+ <span class="since">Since 3.1.0, QEMU and KVM only</span>
It'd be 3.7.0 at the earliest
+ </p>
+
+ <p>
+ Example: usage of the crypto device:
+ </p>
+<pre>
+ ...
+ <devices>
+ <crypto model='virtio'>
+ <backend type='builtin' queues='1'/>
+ </crypto>
+ </devices>
+ ...
+</pre>
+ <dl>
+ <dt><code>model</code></dt>
+ <dd>
+ <p>
+ The required <code>model</code> attribute specifies what
+ type of crypto device is provide.
either "is provided" or "to provide"
+ Currently only 'virtio' is supported and it needs
virtio-crypto
+ guest driver.
+ </p>
+ </dd>
+ <dt><code>backend</code></dt>
+ <dd>
+ <p>
+ The <code>backend</code> element specifies the type and
+ number of queues of the crypto device to be used for the
s/of the crypto/for the crypto/
+ domain.
+ </p>
+ <dl>
+ <dt><code>type</code></dt>
+ <dd>
+ <p>
+ The required <code>type</code> element specifies the
+ type of the crypto device.
+ Currently only supports 'builtin' which uses QEMU's
+ crypto APIs to complete the crypto operations.
+ </p>
+ </dd>
+ <dt><code>queues</code></dt>
+ <dd>
+ <p>
+ The optional <code>queues</code> element specifies the
+ number of queues of the crypto device, the default number
+ of queues is 1.
Again for the crypto device reads better to me, but it's a bit redundant
with the first sentence.
This makes me wonder what happens if someone uses 100 or 1000 or ...
queues. Is there some maximum (I didn't check the qemu code). Beyond
that what use does increasing the number of queues have?
+ </p>
+ </dd>
+ </dl>
+ </dd>
+ </dl>
+
There's also an <address> that is required to be "pci" or
"ccw" - that
should be mentioned here. You can use a link from here to the device
address section IIRC.
Hopefully the next time posted, the series will show up for me too!
John
<h3><a name="seclabel">Security
label</a></h3>
<p>
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index bdf7103..6e3b0fd 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -4506,6 +4506,7 @@
<ref name="tpm"/>
<ref name="shmem"/>
<ref name="memorydev"/>
+ <ref name="crypto"/>
</choice>
</zeroOrMore>
<optional>
@@ -5052,6 +5053,35 @@
</optional>
</define>
+ <define name="crypto">
+ <element name="crypto">
+ <attribute name="model">
+ <choice>
+ <value>virtio</value>
+ </choice>
+ </attribute>
+ <ref name="crypto-backend"/>
+ <optional>
+ <ref name="address"/>
+ </optional>
+ </element>
+ </define>
+
+ <define name="crypto-backend">
+ <element name="backend">
+ <attribute name="type">
+ <choice>
+ <value>builtin</value>
+ </choice>
+ </attribute>
+ <optional>
+ <attribute name="queues">
+ <ref name="positiveInteger"/>
+ </attribute>
+ </optional>
+ </element>
+ </define>
+
<define name="usbmaster">
<element name="master">
<attribute name="startport">
3:07 a.m.
New subject: [libvirt] [PATCH v4 2/8] docs: news: Add virtio-crypto devices
Signed-off-by: Longpeng(Mike) <longpeng2(a)huawei.com>
---
docs/news.xml | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index a886e2c..b766984 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -35,6 +35,16 @@
<libvirt>
<release version="v3.6.0" date="unreleased">
<section title="New features">
+ <change>
+ <summary>
+ qemu: Add support for virtio-crypto device
+ </summary>
+ <description>
+ QEMU 2.8 introduced the support of virtio-crypto device, which is a
+ virtual crypto accelerator card for VMs. Users can now configure one
+ or more virtio-crypto devices for the VM in the XML.
+ </description>
+ </change>
</section>
<section title="Improvements">
</section>
--
1.8.3.1
3:07 a.m.
New subject: [libvirt] [PATCH v4 3/8] conf: Parse virtio-crypto in the domain XML
This patch parse the domain XML with virtio-crypto
support, the virtio-crypto XML looks like this:
<crypto model='virtio'>
<backend type='builtin' queues='1'/>
</crypto>
Signed-off-by: Longpeng(Mike) <longpeng2(a)huawei.com>
---
src/conf/domain_conf.c | 213 ++++++++++++++++++++++++++++++++++++++++-
src/conf/domain_conf.h | 32 +++++++
src/libvirt_private.syms | 5 +
src/qemu/qemu_domain_address.c | 1 +
src/qemu/qemu_driver.c | 6 ++
src/qemu/qemu_hotplug.c | 1 +
6 files changed, 257 insertions(+), 1 deletion(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index c3149f9..4c4568d 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -253,7 +253,8 @@ VIR_ENUM_IMPL(virDomainDevice, VIR_DOMAIN_DEVICE_LAST,
"tpm",
"panic",
"memory",
- "iommu")
+ "iommu",
+ "crypto")
VIR_ENUM_IMPL(virDomainDeviceAddress, VIR_DOMAIN_DEVICE_ADDRESS_TYPE_LAST,
"none",
@@ -830,6 +831,14 @@ VIR_ENUM_IMPL(virDomainRNGBackend,
"random",
"egd");
+VIR_ENUM_IMPL(virDomainCryptoModel,
+ VIR_DOMAIN_CRYPTO_MODEL_LAST,
+ "virtio");
+
+VIR_ENUM_IMPL(virDomainCryptoBackend,
+ VIR_DOMAIN_CRYPTO_BACKEND_LAST,
+ "builtin");
+
VIR_ENUM_IMPL(virDomainTPMModel, VIR_DOMAIN_TPM_MODEL_LAST,
"tpm-tis")
@@ -2617,6 +2626,9 @@ void virDomainDeviceDefFree(virDomainDeviceDefPtr def)
case VIR_DOMAIN_DEVICE_IOMMU:
VIR_FREE(def->data.iommu);
break;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ virDomainCryptoDefFree(def->data.crypto);
+ break;
case VIR_DOMAIN_DEVICE_LAST:
case VIR_DOMAIN_DEVICE_NONE:
break;
@@ -2866,6 +2878,10 @@ void virDomainDefFree(virDomainDefPtr def)
VIR_FREE(def->iommu);
+ for (i = 0; i < def->ncryptos; i++)
+ virDomainCryptoDefFree(def->cryptos[i]);
+ VIR_FREE(def->cryptos);
+
VIR_FREE(def->idmap.uidmap);
VIR_FREE(def->idmap.gidmap);
@@ -3453,6 +3469,8 @@ virDomainDeviceGetInfo(virDomainDeviceDefPtr device)
return &device->data.panic->info;
case VIR_DOMAIN_DEVICE_MEMORY:
return &device->data.memory->info;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ return &device->data.crypto->info;
/* The following devices do not contain virDomainDeviceInfo */
case VIR_DOMAIN_DEVICE_LEASE:
@@ -3768,6 +3786,13 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr def,
return -1;
}
+ device.type = VIR_DOMAIN_DEVICE_CRYPTO;
+ for (i = 0; i < def->ncryptos; i++) {
+ device.data.crypto = def->cryptos[i];
+ if (cb(def, &device, &def->cryptos[i]->info, opaque) < 0)
+ return -1;
+ }
+
/* Coverity is not very happy with this - all dead_error_condition */
#if !STATIC_ANALYSIS
/* This switch statement is here to trigger compiler warning when adding
@@ -3802,6 +3827,7 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr def,
case VIR_DOMAIN_DEVICE_RNG:
case VIR_DOMAIN_DEVICE_MEMORY:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
break;
}
#endif
@@ -5095,6 +5121,7 @@ virDomainDeviceDefValidateInternal(const virDomainDeviceDef *dev,
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_MEMORY:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_NONE:
case VIR_DOMAIN_DEVICE_LAST:
break;
@@ -13048,6 +13075,88 @@ virDomainRNGDefParseXML(virDomainXMLOptionPtr xmlopt,
}
+static virDomainCryptoDefPtr
+virDomainCryptoDefParseXML(xmlNodePtr node,
+ xmlXPathContextPtr ctxt,
+ unsigned int flags)
+{
+ char *model = NULL;
+ char *backend = NULL;
+ char *queues = NULL;
+ virDomainCryptoDefPtr def;
+ xmlNodePtr save = ctxt->node;
+ xmlNodePtr *backends = NULL;
+ int nbackends;
+
+ if (VIR_ALLOC(def) < 0)
+ return NULL;
+
+ if (!(model = virXMLPropString(node, "model"))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("missing Crypto device model"));
+ goto error;
+ }
+
+ if ((def->model = virDomainCryptoModelTypeFromString(model)) < 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("unknown Crypto model '%s'"), model);
+ goto error;
+ }
+
+ ctxt->node = node;
+
+ if ((nbackends = virXPathNodeSet("./backend", ctxt, &backends)) <
0)
+ goto error;
+
+ if (nbackends != 1) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("only one Crypto backend is supported"));
+ goto error;
+ }
+
+ if (!(backend = virXMLPropString(backends[0], "type"))) {
+ virReportError(VIR_ERR_XML_ERROR, "%s",
+ _("missing Crypto device backend type"));
+ goto error;
+ }
+
+ if ((def->backend = virDomainCryptoBackendTypeFromString(backend)) < 0) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("unknown Crypto backend model '%s'"),
backend);
+ goto error;
+ }
+
+ switch ((virDomainCryptoBackend) def->backend) {
+ case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN:
+ queues = virXMLPropString(backends[0], "queues");
+ if (queues && virStrToLong_ui(queues, NULL, 10, &def->queues) <
0) {
+ virReportError(VIR_ERR_XML_ERROR,
+ _("Malformed 'queues' value '%s'"),
queues);
+ }
+ break;
+
+ case VIR_DOMAIN_CRYPTO_BACKEND_LAST:
+ break;
+ }
+
+ if (virDomainDeviceInfoParseXML(node, NULL, &def->info, flags) < 0)
+ goto error;
+
+ cleanup:
+ VIR_FREE(model);
+ VIR_FREE(backend);
+ VIR_FREE(queues);
+ VIR_FREE(backends);
+ ctxt->node = save;
+ return def;
+
+ error:
+ virDomainCryptoDefFree(def);
+ def = NULL;
+ goto cleanup;
+}
+
+
static virDomainMemballoonDefPtr
virDomainMemballoonDefParseXML(xmlNodePtr node,
xmlXPathContextPtr ctxt,
@@ -14643,6 +14752,10 @@ virDomainDeviceDefParse(const char *xmlStr,
if (!(dev->data.iommu = virDomainIOMMUDefParseXML(node, ctxt)))
goto error;
break;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ if (!(dev->data.crypto = virDomainCryptoDefParseXML(node, ctxt, flags)))
+ goto error;
+ break;
case VIR_DOMAIN_DEVICE_NONE:
case VIR_DOMAIN_DEVICE_LAST:
break;
@@ -17709,6 +17822,22 @@ virDomainDefParseXML(xmlDocPtr xml,
}
VIR_FREE(nodes);
+ /* Parse the crypto devices */
+ if ((n = virXPathNodeSet("./devices/crypto", ctxt, &nodes)) < 0)
+ goto error;
+ if (n && VIR_ALLOC_N(def->cryptos, n) < 0)
+ goto error;
+ for (i = 0; i < n; i++) {
+ virDomainCryptoDefPtr crypto = virDomainCryptoDefParseXML(nodes[i],
+ ctxt,
+ flags);
+ if (!crypto)
+ goto error;
+
+ def->cryptos[def->ncryptos++] = crypto;
+ }
+ VIR_FREE(nodes);
+
if (virCPUDefParseXML(ctxt, "./cpu[1]", VIR_CPU_TYPE_GUEST,
&def->cpu) < 0)
goto error;
@@ -19815,6 +19944,25 @@ virDomainRNGDefCheckABIStability(virDomainRNGDefPtr src,
static bool
+virDomainCryptoDefCheckABIStability(virDomainCryptoDefPtr src,
+ virDomainCryptoDefPtr dst)
+{
+ if (src->model != dst->model) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Target Crypto model '%s' does not match source
'%s'"),
+ virDomainCryptoModelTypeToString(dst->model),
+ virDomainCryptoModelTypeToString(src->model));
+ return false;
+ }
+
+ if (!virDomainDeviceInfoCheckABIStability(&src->info, &dst->info))
+ return false;
+
+ return true;
+}
+
+
+static bool
virDomainHubDefCheckABIStability(virDomainHubDefPtr src,
virDomainHubDefPtr dst)
{
@@ -20718,6 +20866,17 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPtr src,
!xmlopt->abi.domain(src, dst))
goto error;
+ if (src->ncryptos != dst->ncryptos) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Target domain crypto device count %zu "
+ "does not match source %zu"), dst->ncryptos,
src->ncryptos);
+ goto error;
+ }
+
+ for (i = 0; i < src->ncryptos; i++)
+ if (!virDomainCryptoDefCheckABIStability(src->cryptos[i],
dst->cryptos[i]))
+ goto error;
+
/* Coverity is not very happy with this - all dead_error_condition */
#if !STATIC_ANALYSIS
/* This switch statement is here to trigger compiler warning when adding
@@ -20751,6 +20910,7 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPtr src,
case VIR_DOMAIN_DEVICE_SHMEM:
case VIR_DOMAIN_DEVICE_MEMORY:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
break;
}
#endif
@@ -23387,6 +23547,49 @@ virDomainRNGDefFree(virDomainRNGDefPtr def)
static int
+virDomainCryptoDefFormat(virBufferPtr buf,
+ virDomainCryptoDefPtr def,
+ unsigned int flags)
+{
+ const char *model = virDomainCryptoModelTypeToString(def->model);
+ const char *backend = virDomainCryptoBackendTypeToString(def->backend);
+
+ virBufferAsprintf(buf, "<crypto model='%s'>\n", model);
+ virBufferAdjustIndent(buf, 2);
+ virBufferAsprintf(buf, "<backend type='%s'", backend);
+
+ switch ((virDomainCryptoBackend) def->backend) {
+ case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN:
+ if (def->queues)
+ virBufferAsprintf(buf, " queues='%u'", def->queues);
+
+ virBufferAddLit(buf, "/>\n");
+ break;
+
+ case VIR_DOMAIN_CRYPTO_BACKEND_LAST:
+ break;
+ }
+
+ if (virDomainDeviceInfoFormat(buf, &def->info, flags) < 0)
+ return -1;
+
+ virBufferAdjustIndent(buf, -2);
+ virBufferAddLit(buf, "</crypto>\n");
+ return 0;
+}
+
+void
+virDomainCryptoDefFree(virDomainCryptoDefPtr def)
+{
+ if (!def)
+ return;
+
+ virDomainDeviceInfoClear(&def->info);
+ VIR_FREE(def);
+}
+
+
+static int
virDomainMemorySourceDefFormat(virBufferPtr buf,
virDomainMemoryDefPtr def)
{
@@ -25418,6 +25621,11 @@ virDomainDefFormatInternal(virDomainDefPtr def,
goto error;
}
+ for (n = 0; n < def->ncryptos; n++) {
+ if (virDomainCryptoDefFormat(buf, def->cryptos[n], flags))
+ goto error;
+ }
+
if (def->iommu)
virDomainIOMMUDefFormat(buf, def->iommu);
@@ -26500,6 +26708,9 @@ virDomainDeviceDefCopy(virDomainDeviceDefPtr src,
case VIR_DOMAIN_DEVICE_SHMEM:
rc = virDomainShmemDefFormat(&buf, src->data.shmem, flags);
break;
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ rc = virDomainCryptoDefFormat(&buf, src->data.crypto, flags);
+ break;
case VIR_DOMAIN_DEVICE_NONE:
case VIR_DOMAIN_DEVICE_SMARTCARD:
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 964bc02..3dd809a 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -159,6 +159,9 @@ typedef virDomainIOMMUDef *virDomainIOMMUDefPtr;
typedef struct _virDomainVirtioOptions virDomainVirtioOptions;
typedef virDomainVirtioOptions *virDomainVirtioOptionsPtr;
+typedef struct _virDomainCryptoDef virDomainCryptoDef;
+typedef virDomainCryptoDef *virDomainCryptoDefPtr;
+
/* Flags for the 'type' field in virDomainDeviceDef */
typedef enum {
VIR_DOMAIN_DEVICE_NONE = 0,
@@ -185,6 +188,7 @@ typedef enum {
VIR_DOMAIN_DEVICE_PANIC,
VIR_DOMAIN_DEVICE_MEMORY,
VIR_DOMAIN_DEVICE_IOMMU,
+ VIR_DOMAIN_DEVICE_CRYPTO,
VIR_DOMAIN_DEVICE_LAST
} virDomainDeviceType;
@@ -217,6 +221,7 @@ struct _virDomainDeviceDef {
virDomainPanicDefPtr panic;
virDomainMemoryDefPtr memory;
virDomainIOMMUDefPtr iommu;
+ virDomainCryptoDefPtr crypto;
} data;
};
@@ -2043,6 +2048,26 @@ struct _virDomainRNGDef {
};
typedef enum {
+ VIR_DOMAIN_CRYPTO_MODEL_VIRTIO,
+
+ VIR_DOMAIN_CRYPTO_MODEL_LAST
+} virDomainCryptoModel;
+
+typedef enum {
+ VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN,
+
+ VIR_DOMAIN_CRYPTO_BACKEND_LAST
+} virDomainCryptoBackend;
+
+struct _virDomainCryptoDef {
+ int model;
+ int backend;
+ unsigned int queues; /* Multiqueue virtio-crypto */
+
+ virDomainDeviceInfo info;
+};
+
+typedef enum {
VIR_DOMAIN_MEMORY_MODEL_NONE,
VIR_DOMAIN_MEMORY_MODEL_DIMM, /* dimm hotpluggable memory device */
VIR_DOMAIN_MEMORY_MODEL_NVDIMM, /* nvdimm memory device */
@@ -2380,6 +2405,9 @@ struct _virDomainDef {
size_t npanics;
virDomainPanicDefPtr *panics;
+ size_t ncryptos;
+ virDomainCryptoDefPtr *cryptos;
+
/* Only 1 */
virDomainWatchdogDefPtr watchdog;
virDomainMemballoonDefPtr memballoon;
@@ -2908,6 +2936,8 @@ int virDomainDefCompatibleDevice(virDomainDefPtr def,
void virDomainRNGDefFree(virDomainRNGDefPtr def);
+void virDomainCryptoDefFree(virDomainCryptoDefPtr def);
+
int virDomainDiskIndexByAddress(virDomainDefPtr def,
virPCIDeviceAddressPtr pci_controller,
unsigned int bus, unsigned int target,
@@ -3236,6 +3266,8 @@ VIR_ENUM_DECL(virDomainShutdownReason)
VIR_ENUM_DECL(virDomainShutoffReason)
VIR_ENUM_DECL(virDomainCrashedReason)
VIR_ENUM_DECL(virDomainPMSuspendedReason)
+VIR_ENUM_DECL(virDomainCryptoModel)
+VIR_ENUM_DECL(virDomainCryptoBackend)
const char *virDomainStateReasonToString(virDomainState state, int reason);
int virDomainStateReasonFromString(virDomainState state, const char *reason);
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 888412a..8d6bcb6 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -237,6 +237,11 @@ virDomainControllerRemove;
virDomainControllerTypeToString;
virDomainCpuPlacementModeTypeFromString;
virDomainCpuPlacementModeTypeToString;
+virDomainCryptoBackendTypeFromString;
+virDomainCryptoBackendTypeToString;
+virDomainCryptoDefFree;
+virDomainCryptoModelTypeFromString;
+virDomainCryptoModelTypeToString;
virDomainDefAddController;
virDomainDefAddImplicitDevices;
virDomainDefAddUSBController;
diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
index b5b863f..5209fbe 100644
--- a/src/qemu/qemu_domain_address.c
+++ b/src/qemu/qemu_domain_address.c
@@ -796,6 +796,7 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDeviceDefPtr dev,
case VIR_DOMAIN_DEVICE_LEASE:
case VIR_DOMAIN_DEVICE_GRAPHICS:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
case VIR_DOMAIN_DEVICE_NONE:
return 0;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index cdb727b..1c2342c 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -7526,6 +7526,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm,
case VIR_DOMAIN_DEVICE_TPM:
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("live attach of device '%s' is not
supported"),
@@ -7619,6 +7620,7 @@ qemuDomainDetachDeviceLive(virDomainObjPtr vm,
case VIR_DOMAIN_DEVICE_TPM:
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("live detach of device '%s' is not
supported"),
@@ -7735,6 +7737,7 @@ qemuDomainUpdateDeviceLive(virConnectPtr conn,
case VIR_DOMAIN_DEVICE_TPM:
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("live update of device '%s' is not
supported"),
@@ -7910,6 +7913,7 @@ qemuDomainAttachDeviceConfig(virDomainDefPtr vmdef,
case VIR_DOMAIN_DEVICE_TPM:
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("persistent attach of device '%s' is not
supported"),
@@ -8076,6 +8080,7 @@ qemuDomainDetachDeviceConfig(virDomainDefPtr vmdef,
case VIR_DOMAIN_DEVICE_TPM:
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("persistent detach of device '%s' is not
supported"),
@@ -8163,6 +8168,7 @@ qemuDomainUpdateDeviceConfig(virDomainDefPtr vmdef,
case VIR_DOMAIN_DEVICE_TPM:
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("persistent update of device '%s' is not
supported"),
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index b5b62df..c7db125 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -4325,6 +4325,7 @@ qemuDomainRemoveDevice(virQEMUDriverPtr driver,
case VIR_DOMAIN_DEVICE_TPM:
case VIR_DOMAIN_DEVICE_PANIC:
case VIR_DOMAIN_DEVICE_IOMMU:
+ case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
virReportError(VIR_ERR_OPERATION_UNSUPPORTED,
_("don't know how to remove a %s device"),
--
1.8.3.1
3:07 a.m.
New subject: [libvirt] [PATCH v4 4/8] caps: Add qemu capabilities about virtio-crypto
Two capabilities bits are added to track support for those:
QEMU_CAPS_DEVICE_VIRTIO_CRYPTO - for the device support and
QEMU_CAPS_OBJECT_CRYPTO_BUILTIN - for the backend support.
Signed-off-by: Longpeng(Mike) <longpeng2(a)huawei.com>
---
src/qemu/qemu_capabilities.c | 6 ++++++
src/qemu/qemu_capabilities.h | 4 ++++
tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml | 2 ++
tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml | 2 ++
tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml | 2 ++
5 files changed, 16 insertions(+)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 61c9a10..01005d5 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -430,6 +430,10 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
"virtio.iommu_platform",
"virtio.ats",
"loadparm",
+ "cryptodev-backend-builtin",
+
+ /* 265 */
+ "virtio-crypto",
);
@@ -1679,6 +1683,8 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] = {
{ "nvdimm", QEMU_CAPS_DEVICE_NVDIMM },
{ "pcie-root-port", QEMU_CAPS_DEVICE_PCIE_ROOT_PORT },
{ "qemu-xhci", QEMU_CAPS_DEVICE_QEMU_XHCI },
+ { "cryptodev-backend-builtin", QEMU_CAPS_OBJECT_CRYPTO_BUILTIN },
+ { "virtio-crypto-device", QEMU_CAPS_DEVICE_VIRTIO_CRYPTO },
};
static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBalloon[] = {
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 6e95876..50bb7a5 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -416,6 +416,10 @@ typedef enum {
QEMU_CAPS_VIRTIO_PCI_IOMMU_PLATFORM, /* virtio-*-pci.iommu_platform */
QEMU_CAPS_VIRTIO_PCI_ATS, /* virtio-*-pci.ats */
QEMU_CAPS_LOADPARM, /* -machine loadparm */
+ QEMU_CAPS_OBJECT_CRYPTO_BUILTIN, /* -object cryptodev-backend-builtin */
+
+ /* 265 */
+ QEMU_CAPS_DEVICE_VIRTIO_CRYPTO, /* -device virtio-crypto-pci */
QEMU_CAPS_LAST /* this must always be the last item */
} virQEMUCapsFlags;
diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
index 51be9bc..527c765 100644
--- a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
+++ b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml
@@ -134,6 +134,8 @@
<flag name='query-named-block-nodes'/>
<flag name='kernel-irqchip'/>
<flag name='kernel-irqchip.split'/>
+ <flag name='cryptodev-backend-builtin'/>
+ <flag name='virtio-crypto'/>
<version>2007093</version>
<kvmVersion>0</kvmVersion>
<package></package>
diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
index 01edbc8..f10833c 100644
--- a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml
@@ -207,6 +207,8 @@
<flag name='kernel-irqchip.split'/>
<flag name='intel-iommu.intremap'/>
<flag name='intel-iommu.eim'/>
+ <flag name='cryptodev-backend-builtin'/>
+ <flag name='virtio-crypto'/>
<version>2008000</version>
<kvmVersion>0</kvmVersion>
<package> (v2.8.0)</package>
diff --git a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
index 58dd9f6..af141cc 100644
--- a/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml
@@ -218,6 +218,8 @@
<flag name='intel-iommu.device-iotlb'/>
<flag name='virtio.iommu_platform'/>
<flag name='virtio.ats'/>
+ <flag name='cryptodev-backend-builtin'/>
+ <flag name='virtio-crypto'/>
<version>2009000</version>
<kvmVersion>0</kvmVersion>
<package> (v2.9.0)</package>
--
1.8.3.1
3:07 a.m.
New subject: [libvirt] [PATCH v4 5/8] qemu: Implement support for 'builtin' backend for virtio-crypto
This patch implements support for the virtio-crypto-pci device
and the builtin backend in qemu.
qemu is invoked with these additional parameters if the device
id enabled:
(to add the backend)
-object cryptodev-backend-builtin,id=objcrypto0,queues=1
(to add the device)
-device virtio-crypto-pci,cryptodev=objcrypto0,id=crypto0
Signed-off-by: Longpeng(Mike) <longpeng2(a)huawei.com>
---
src/qemu/qemu_alias.c | 20 +++++++
src/qemu/qemu_alias.h | 3 +
src/qemu/qemu_command.c | 126 +++++++++++++++++++++++++++++++++++++++++
src/qemu/qemu_command.h | 3 +
src/qemu/qemu_domain_address.c | 26 ++++++++-
5 files changed, 177 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index 914b2b9..2b6e049 100644
--- a/src/qemu/qemu_alias.c
+++ b/src/qemu/qemu_alias.c
@@ -332,6 +332,26 @@ qemuAssignDeviceRNGAlias(virDomainDefPtr def,
}
+int
+qemuAssignDeviceCryptoAlias(const virDomainDef *def,
+ virDomainCryptoDefPtr crypto)
+{
+ size_t i;
+ int maxidx = 0;
+ int idx;
+
+ for (i = 0; i < def->ncryptos; i++) {
+ if ((idx = qemuDomainDeviceAliasIndex(&def->cryptos[i]->info,
"crypto")) >= maxidx)
+ maxidx = idx + 1;
+ }
+
+ if (virAsprintf(&crypto->info.alias, "crypto%d", maxidx) < 0)
+ return -1;
+
+ return 0;
+}
+
+
/**
* qemuAssignDeviceMemoryAlias:
* @def: domain definition. Necessary only if @oldAlias is true.
diff --git a/src/qemu/qemu_alias.h b/src/qemu/qemu_alias.h
index 300fd4d..fe59928 100644
--- a/src/qemu/qemu_alias.h
+++ b/src/qemu/qemu_alias.h
@@ -57,6 +57,9 @@ int qemuAssignDeviceRedirdevAlias(virDomainDefPtr def,
int qemuAssignDeviceRNGAlias(virDomainDefPtr def,
virDomainRNGDefPtr rng);
+int qemuAssignDeviceCryptoAlias(const virDomainDef *def,
+ virDomainCryptoDefPtr crypto);
+
int qemuAssignDeviceMemoryAlias(virDomainDefPtr def,
virDomainMemoryDefPtr mems,
bool oldAlias);
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index c53ab97..5278edc 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -5992,6 +5992,129 @@ qemuBuildRNGCommandLine(virLogManagerPtr logManager,
static char *
+qemuBuildCryptoBackendStr(virDomainCryptoDefPtr crypto,
+ virQEMUCapsPtr qemuCaps)
+{
+ const char *type = NULL;
+ char *alias = NULL;
+ char *queue = NULL;
+ char *backstr = NULL;
+
+ if (virAsprintf(&alias, "obj%s", crypto->info.alias) < 0)
+ goto cleanup;
+
+ if (crypto->queues > 0) {
+ if (virAsprintf(&queue, "queues=%u", crypto->queues) < 0)
+ goto cleanup;
+ }
+
+ switch ((virDomainCryptoBackend)crypto->backend) {
+ case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN:
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_CRYPTO_BUILTIN)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("this qemu doesn't support the builtin
backend"));
+ goto cleanup;
+ }
+
+ type = "cryptodev-backend-builtin";
+ break;
+
+ case VIR_DOMAIN_CRYPTO_BACKEND_LAST:
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("unknown crypto backend"));
+ goto cleanup;
+ }
+
+ if (queue)
+ ignore_value(virAsprintf(&backstr, "%s,id=%s,%s", type, alias,
queue));
+ else
+ ignore_value(virAsprintf(&backstr, "%s,id=%s", type, alias));
+
+ cleanup:
+ VIR_FREE(alias);
+ return backstr;
+}
+
+
+char *
+qemuBuildCryptoDevStr(const virDomainDef *def,
+ virDomainCryptoDefPtr dev,
+ virQEMUCapsPtr qemuCaps)
+{
+ virBuffer buf = VIR_BUFFER_INITIALIZER;
+
+ if (dev->model != VIR_DOMAIN_CRYPTO_MODEL_VIRTIO ||
+ !virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VIRTIO_CRYPTO)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("this qemu doesn't support crypto device model
'%s'"),
+ virDomainRNGModelTypeToString(dev->model));
+ goto error;
+ }
+
+ if (dev->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("unsupported address type %s for virtio crypto
device"),
+ virDomainDeviceAddressTypeToString(dev->info.type));
+ goto error;
+ }
+
+ virBufferAsprintf(&buf, "virtio-crypto-pci,cryptodev=obj%s,id=%s",
+ dev->info.alias, dev->info.alias);
+
+ if (qemuBuildDeviceAddressStr(&buf, def, &dev->info, qemuCaps) < 0)
+ goto error;
+
+ return virBufferContentAndReset(&buf);
+
+ error:
+ virBufferFreeAndReset(&buf);
+ return NULL;
+}
+
+
+static int
+qemuBuildCryptoCommandLine(virCommandPtr cmd,
+ const virDomainDef *def,
+ virQEMUCapsPtr qemuCaps)
+{
+ size_t i;
+
+ for (i = 0; i < def->ncryptos; i++) {
+ virDomainCryptoDefPtr crypto = def->cryptos[i];
+ char *tmp;
+
+ if (qemuAssignDeviceCryptoAlias(def, crypto)) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("crypto device assign alias faile"));
+ return -1;
+ }
+
+ if (!crypto->info.alias) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("crypto device is missing alias"));
+ return -1;
+ }
+
+ /* add the crypto backend */
+ if (!(tmp = qemuBuildCryptoBackendStr(crypto, qemuCaps)))
+ return -1;
+
+ virCommandAddArgList(cmd, "-object", tmp, NULL);
+ VIR_FREE(tmp);
+
+ /* add the device */
+ if (!(tmp = qemuBuildCryptoDevStr(def, crypto, qemuCaps)))
+ return -1;
+
+ virCommandAddArgList(cmd, "-device", tmp, NULL);
+ VIR_FREE(tmp);
+ }
+
+ return 0;
+}
+
+
+static char *
qemuBuildSmbiosBiosStr(virSysinfoBIOSDefPtr def)
{
virBuffer buf = VIR_BUFFER_INITIALIZER;
@@ -10220,6 +10343,9 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
chardevStdioLogd) < 0)
goto error;
+ if (qemuBuildCryptoCommandLine(cmd, def, qemuCaps) < 0)
+ goto error;
+
if (qemuBuildNVRAMCommandLine(cmd, def, qemuCaps) < 0)
goto error;
diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h
index f5e3e5f..996840d 100644
--- a/src/qemu/qemu_command.h
+++ b/src/qemu/qemu_command.h
@@ -204,6 +204,9 @@ char *qemuBuildShmemDevStr(virDomainDefPtr def,
virQEMUCapsPtr qemuCaps)
ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
+char *qemuBuildCryptoDevStr(const virDomainDef *def,
+ virDomainCryptoDefPtr dev,
+ virQEMUCapsPtr qemuCaps);
#endif /* __QEMU_COMMAND_H__*/
diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
index 5209fbe..9bd064b 100644
--- a/src/qemu/qemu_domain_address.c
+++ b/src/qemu/qemu_domain_address.c
@@ -331,6 +331,12 @@ qemuDomainPrimeVirtioDeviceAddresses(virDomainDefPtr def,
def->rngs[i]->info.type = type;
}
+ for (i = 0; i < def->ncryptos; i++) {
+ if (def->cryptos[i]->model == VIR_DOMAIN_CRYPTO_MODEL_VIRTIO &&
+ def->cryptos[i]->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE)
+ def->cryptos[i]->info.type = type;
+ }
+
if (type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_CCW) {
for (i = 0; i < def->nfss; i++) {
if (def->fss[i]->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE)
@@ -738,6 +744,15 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDeviceDefPtr dev,
return 0;
}
+ case VIR_DOMAIN_DEVICE_CRYPTO:
+ switch ((virDomainCryptoModel) dev->data.crypto->model) {
+ case VIR_DOMAIN_CRYPTO_MODEL_VIRTIO:
+ return virtioFlags;
+
+ case VIR_DOMAIN_RNG_MODEL_LAST:
+ return 0;
+ }
+
case VIR_DOMAIN_DEVICE_VIDEO:
switch ((virDomainVideoType) dev->data.video->type) {
case VIR_DOMAIN_VIDEO_TYPE_VIRTIO:
@@ -796,7 +811,6 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDeviceDefPtr dev,
case VIR_DOMAIN_DEVICE_LEASE:
case VIR_DOMAIN_DEVICE_GRAPHICS:
case VIR_DOMAIN_DEVICE_IOMMU:
- case VIR_DOMAIN_DEVICE_CRYPTO:
case VIR_DOMAIN_DEVICE_LAST:
case VIR_DOMAIN_DEVICE_NONE:
return 0;
@@ -1775,6 +1789,16 @@ qemuDomainAssignDevicePCISlots(virDomainDefPtr def,
goto error;
}
+ /* VirtIO CRYPTO */
+ for (i = 0; i < def->ncryptos; i++) {
+ if (def->cryptos[i]->model != VIR_DOMAIN_CRYPTO_MODEL_VIRTIO ||
+ !virDeviceInfoPCIAddressWanted(&def->cryptos[i]->info))
+ continue;
+
+ if (qemuDomainPCIAddressReserveNextAddr(addrs, &def->cryptos[i]->info)
< 0)
+ goto error;
+ }
+
/* A watchdog - check if it is a PCI device */
if (def->watchdog &&
def->watchdog->model == VIR_DOMAIN_WATCHDOG_MODEL_I6300ESB &&
--
1.8.3.1
3:07 a.m.
New subject: [libvirt] [PATCH v4 6/8] qemu: virtio-crypto: add ccw support
From: Boris Fiuczynski <fiuczy(a)linux.vnet.ibm.com>
Add device address type ccw which is supported since qemu 2.9.0.
Signed-off-by: Boris Fiuczynski <fiuczy(a)linux.vnet.ibm.com>
Reviewed-by: Marc Hartmayer <mhartmay(a)linux.vnet.ibm.com>
---
src/qemu/qemu_command.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 5278edc..65dfc61 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -6051,14 +6051,18 @@ qemuBuildCryptoDevStr(const virDomainDef *def,
goto error;
}
- if (dev->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) {
+ if (dev->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) {
+ virBufferAddLit(&buf, "virtio-crypto-pci");
+ } else if (dev->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_CCW) {
+ virBufferAddLit(&buf, "virtio-crypto-ccw");
+ } else {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("unsupported address type %s for virtio crypto
device"),
virDomainDeviceAddressTypeToString(dev->info.type));
goto error;
}
- virBufferAsprintf(&buf, "virtio-crypto-pci,cryptodev=obj%s,id=%s",
+ virBufferAsprintf(&buf, ",cryptodev=obj%s,id=%s",
dev->info.alias, dev->info.alias);
if (qemuBuildDeviceAddressStr(&buf, def, &dev->info, qemuCaps) < 0)
--
1.8.3.1
3:07 a.m.
New subject: [libvirt] [PATCH v4 7/8] tests: Add testcase for virtio-crypto parsing
Adds XML parsing and qemu commandline tests for the
virtio-crypto device support.
Signed-off-by: Longpeng(Mike) <longpeng2(a)huawei.com>
---
.../qemuxml2argv-virtio-crypto-builtin.xml | 26 ++++++++++++++++++
.../qemuxml2argv-virtio-crypto.args | 22 +++++++++++++++
.../qemuxml2xmlout-virtio-crypto-builtin.xml | 31 ++++++++++++++++++++++
tests/qemuxml2xmltest.c | 2 ++
4 files changed, 81 insertions(+)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.xml
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml
b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml
new file mode 100644
index 0000000..f4e78fa
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml
@@ -0,0 +1,26 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <controller type='usb' index='0'/>
+ <controller type='pci' index='0' model='pci-root'/>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <memballoon model='virtio'/>
+ <crypto model='virtio'>
+ <backend type='builtin' queues='1'/>
+ </crypto>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args
b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args
new file mode 100644
index 0000000..430c061
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args
@@ -0,0 +1,22 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/home/test \
+USER=test \
+LOGNAME=test \
+QEMU_AUDIO_DRV=none \
+/usr/bin/qemu-system-x86_64 \
+-name QEMUGuest1 \
+-S \
+-M pc \
+-m 214 \
+-smp 1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-nographic \
+-nodefaults \
+-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \
+-no-acpi \
+-boot c \
+-usb \
+-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3 \
+-object cryptodev-backend-builtin,id=objcrypto0,queues=1 \
+-device virtio-crypto-pci,cryptodev=objcrypto0,id=crypto0,bus=pci.0,addr=0x4
diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.xml
b/tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.xml
new file mode 100644
index 0000000..1f06aeb
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.xml
@@ -0,0 +1,31 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <controller type='usb' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00'
slot='0x01' function='0x2'/>
+ </controller>
+ <controller type='pci' index='0' model='pci-root'/>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <memballoon model='virtio'>
+ <address type='pci' domain='0x0000' bus='0x00'
slot='0x03' function='0x0'/>
+ </memballoon>
+ <crypto model='virtio'>
+ <backend type='builtin' queues='1'/>
+ <address type='pci' domain='0x0000' bus='0x00'
slot='0x04' function='0x0'/>
+ </crypto>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index 1307299..6975af3 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -1045,6 +1045,8 @@ mymain(void)
DO_TEST("smbios", NONE);
DO_TEST("smbios-multiple-type2", NONE);
+ DO_TEST("virtio-crypto-builtin", NONE);
+
DO_TEST("aarch64-aavmf-virtio-mmio",
QEMU_CAPS_NODEFCONFIG, QEMU_CAPS_DTB,
QEMU_CAPS_DEVICE_VIRTIO_MMIO,
--
1.8.3.1
3:07 a.m.
New subject: [libvirt] [PATCH v4 8/8] qemu: virtio-crypto: add test for ccw support
From: Boris Fiuczynski <fiuczy(a)linux.vnet.ibm.com>
Add qemu command line tests for virtio-crypto ccw support.
Signed-off-by: Boris Fiuczynski <fiuczy(a)linux.vnet.ibm.com>
Reviewed-by: Marc Hartmayer <mhartmay(a)linux.vnet.ibm.com>
---
.../qemuxml2argv-virtio-crypto-ccw.args | 22 ++++++++++++++++++++++
.../qemuxml2argv-virtio-crypto-ccw.xml | 16 ++++++++++++++++
tests/qemuxml2argvtest.c | 6 ++++++
3 files changed, 44 insertions(+)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.xml
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.args
b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.args
new file mode 100644
index 0000000..1a59a2d
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.args
@@ -0,0 +1,22 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/home/test \
+USER=test \
+LOGNAME=test \
+QEMU_AUDIO_DRV=none \
+/usr/bin/qemu-system-s390x \
+-name QEMUGuest1 \
+-S \
+-M s390-ccw \
+-m 214 \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-nographic \
+-nodefconfig \
+-nodefaults \
+-chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,\
+server,nowait \
+-mon chardev=charmonitor,id=monitor,mode=readline \
+-device virtio-balloon-ccw,id=balloon0,devno=fe.0.0000 \
+-object cryptodev-backend-builtin,id=objcrypto0,queues=1 \
+-device virtio-crypto-ccw,cryptodev=objcrypto0,id=crypto0,devno=fe.0.0001
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.xml
b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.xml
new file mode 100644
index 0000000..b8d07ff
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.xml
@@ -0,0 +1,16 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory>219100</memory>
+ <currentMemory>219100</currentMemory>
+ <os>
+ <type arch='s390x' machine='s390-ccw'>hvm</type>
+ </os>
+ <devices>
+ <emulator>/usr/bin/qemu-system-s390x</emulator>
+ <memballoon model='virtio'/>
+ <crypto model='virtio'>
+ <backend type='builtin' queues='1'/>
+ </crypto>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 27eea70..70f85cd 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1781,6 +1781,12 @@ mymain(void)
QEMU_CAPS_VIRTIO_S390, QEMU_CAPS_DEVICE_VIRTIO_RNG,
QEMU_CAPS_OBJECT_RNG_RANDOM);
+ DO_TEST("virtio-crypto-ccw",
+ QEMU_CAPS_CHARDEV, QEMU_CAPS_NODEFCONFIG,
+ QEMU_CAPS_BOOTINDEX, QEMU_CAPS_VIRTIO_CCW,
+ QEMU_CAPS_VIRTIO_S390, QEMU_CAPS_DEVICE_VIRTIO_CRYPTO,
+ QEMU_CAPS_OBJECT_CRYPTO_BUILTIN);
+
DO_TEST("s390-allow-bogus-usb-none",
QEMU_CAPS_CHARDEV, QEMU_CAPS_NODEFCONFIG,
QEMU_CAPS_BOOTINDEX, QEMU_CAPS_VIRTIO_S390,
--
1.8.3.1
2:42 a.m.
Ping...
On 2017/7/7 16:07, Longpeng(Mike) wrote:
As virtio-crypto has been supported in QEMU 2.8 and the frontend
driver has been merged in linux 4.10, so it's necessary to support
virtio-crypto in libvirt.
---
Changes since v3:
- spilt the capabilities part into a separate patch. [Boris]
- include Boris's virtio-crypto ccw support(PATCH 6 & 8). [Boris]
- add the missing capabilities in caps_2.9.0.x86_64.xml. [Boris]
- fix Indentation and missing virDomainCryptoDefFree. [Marc]
Changes since v2:
- PATCH 1: modify docs as Martin & Boris's suggestion. [Martin & Boris]
- PATCH 2: add the missing 'ToString'. [Martin]
- PATCH 3: use virAsprintf instead of virBufferAsprintf. [Martin]
remove pointless virBufferCheckError. [Martin]
- rebase on master. [Longpeng]
Changes since v1:
- split patch [Martin]
- rebase on master [Martin]
- add docs/tests/schema [Martin]
- fix typos [Gonglei]
---
Boris Fiuczynski (2):
qemu: virtio-crypto: add ccw support
qemu: virtio-crypto: add test for ccw support
Longpeng(Mike) (6):
docs: schema: Add basic documentation for the virtual
docs: news: Add virtio-crypto devices
conf: Parse virtio-crypto in the domain XML
caps: Add qemu capabilities about virtio-crypto
qemu: Implement support for 'builtin' backend for virtio-crypto
tests: Add testcase for virtio-crypto parsing
docs/formatdomain.html.in | 61 ++++++
docs/news.xml | 10 +
docs/schemas/domaincommon.rng | 30 +++
src/conf/domain_conf.c | 213 ++++++++++++++++++++-
src/conf/domain_conf.h | 32 ++++
src/libvirt_private.syms | 5 +
src/qemu/qemu_alias.c | 20 ++
src/qemu/qemu_alias.h | 3 +
src/qemu/qemu_capabilities.c | 6 +
src/qemu/qemu_capabilities.h | 4 +
src/qemu/qemu_command.c | 130 +++++++++++++
src/qemu/qemu_command.h | 3 +
src/qemu/qemu_domain_address.c | 25 +++
src/qemu/qemu_driver.c | 6 +
src/qemu/qemu_hotplug.c | 1 +
tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml | 2 +
tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml | 2 +
tests/qemucapabilitiesdata/caps_2.9.0.x86_64.xml | 2 +
.../qemuxml2argv-virtio-crypto-builtin.xml | 26 +++
.../qemuxml2argv-virtio-crypto-ccw.args | 22 +++
.../qemuxml2argv-virtio-crypto-ccw.xml | 16 ++
.../qemuxml2argv-virtio-crypto.args | 22 +++
tests/qemuxml2argvtest.c | 6 +
.../qemuxml2xmlout-virtio-crypto-builtin.xml | 31 +++
tests/qemuxml2xmltest.c | 2 +
25 files changed, 679 insertions(+), 1 deletion(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-ccw.xml
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.xml
--
Regards,
Longpeng(Mike)
10:14 a.m.
On 07/07/2017 04:07 AM, Longpeng(Mike) wrote:
As virtio-crypto has been supported in QEMU 2.8 and the frontend
driver has been merged in linux 4.10, so it's necessary to support
virtio-crypto in libvirt.
---
Hi Mike,
Seems like this topic has gone quiet.. Is there a v5 in the works?
Matt
8:31 p.m.
On 2017/10/25 23:14, Matthew Rosato wrote:
On 07/07/2017 04:07 AM, Longpeng(Mike) wrote:
> As virtio-crypto has been supported in QEMU 2.8 and the frontend
> driver has been merged in linux 4.10, so it's necessary to support
> virtio-crypto in libvirt.
>
> ---
Hi Mike,
Seems like this topic has gone quiet.. Is there a v5 in the works?
Hi Matt,
V5 is always in our plan, but we want to make the virtio-crypto spec (the latest
version is V20) upstream first.
I mainly work on an amazing and interesting project these two weeks, so even the
virtio-crypto spec is delayed.
I'll take some time to work on the V21 spec these days.
Matt
--
Regards,
Longpeng(Mike)
9:34 a.m.
On Thu, Oct 26, 2017 at 03:31 AM +0200, "Longpeng (Mike)"
<longpeng2(a)huawei.com> wrote:
On 2017/10/25 23:14, Matthew Rosato wrote:
> On 07/07/2017 04:07 AM, Longpeng(Mike) wrote:
>> As virtio-crypto has been supported in QEMU 2.8 and the frontend
>> driver has been merged in linux 4.10, so it's necessary to support
>> virtio-crypto in libvirt.
>>
>> ---
>
> Hi Mike,
>
> Seems like this topic has gone quiet.. Is there a v5 in the works?
>
Hi Matt,
V5 is always in our plan, but we want to make the virtio-crypto spec (the latest
version is V20) upstream first.
I mainly work on an amazing and interesting project these two weeks, so even the
virtio-crypto spec is delayed.
I'll take some time to work on the V21 spec these days.
> Matt
>
>
>
--
Regards,
Longpeng(Mike)
Hi Longpeng,
any updates so far? Is a v5 still planned?
Kind regards / Beste Grüße
Marc Hartmayer
IBM Deutschland Research & Development GmbH
Vorsitzende des Aufsichtsrats: Martina Koederitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
7:55 p.m.
On 2018/11/16 23:34, Marc Hartmayer wrote:
On Thu, Oct 26, 2017 at 03:31 AM +0200, "Longpeng (Mike)"
<longpeng2(a)huawei.com> wrote:
> On 2017/10/25 23:14, Matthew Rosato wrote:
>
>> On 07/07/2017 04:07 AM, Longpeng(Mike) wrote:
>>> As virtio-crypto has been supported in QEMU 2.8 and the frontend
>>> driver has been merged in linux 4.10, so it's necessary to support
>>> virtio-crypto in libvirt.
>>>
>>> ---
>>
>> Hi Mike,
>>
>> Seems like this topic has gone quiet.. Is there a v5 in the works?
>>
>
>
> Hi Matt,
>
> V5 is always in our plan, but we want to make the virtio-crypto spec (the latest
> version is V20) upstream first.
>
> I mainly work on an amazing and interesting project these two weeks, so even the
> virtio-crypto spec is delayed.
>
> I'll take some time to work on the V21 spec these days.
>
>> Matt
>>
>>
>>
>
>
> --
> Regards,
> Longpeng(Mike)
Hi Longpeng,
any updates so far? Is a v5 still planned?
Hi Marc,
The virtio-crypto spec is merged recently , we prefer to update the qemu
virtio-crypto backend according the new spec first. Feel free to send v5 if you
or someone like :)
Kind regards / Beste Grüße
Marc Hartmayer
IBM Deutschland Research & Development GmbH
Vorsitzende des Aufsichtsrats: Martina Koederitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
.
--
Regards,
Longpeng(Mike)
2194
days inactive
2694
days old
14 comments
5 participants
participants (5)
-
John Ferlan -
Longpeng (Mike) -
Longpeng(Mike)
-
Marc Hartmayer -
Matthew Rosato