From nobody Wed May 15 12:23:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1656702951; cv=none; d=zohomail.com; s=zohoarc; b=kIgIaPbdMtfnE0Fy4W7o2UhqBDnUpud5dnJaslWj85uqz1tgtNUpFVjfOSFz2y05E6bcqznBV6bhIzH+Yqlna4iP2Q7nTUOftmrXvgiMBkf33BndzBy+wbo706WtKr5RaXEe8JGUowbwCt+20ByKTZVLYpuuopM5tk9alK0JFuo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1656702951; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=crfRQdqB8QdZckFgh7DU0KlIdWRtaJ2n8hTPifdALRI=; b=copyI/j+3lMgMX408GG6oegZlFqLGytGzZelLz0CiBlQ2fwlE4TEjPrdeHOmk2QEv7l8HZFp1pEt04jiAl6y4TqrWsiP6DdT0TBFfRz8Jv+lHLP7jo0S8GqVgREYdjhHcgvQkkhYphEKMx6FbSbLxt5x296hEglrdjISvbmAIl4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1656702951176312.66161039411975; Fri, 1 Jul 2022 12:15:51 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-264-YeCYRGTSNI-jKKu5-KM-kQ-1; Fri, 01 Jul 2022 15:15:47 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1C71082404E; Fri, 1 Jul 2022 19:15:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id BE9052166B26; Fri, 1 Jul 2022 19:15:43 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 87D611947B93; Fri, 1 Jul 2022 19:15:42 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id A96C31947058 for ; Fri, 1 Jul 2022 19:15:41 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 96D35492CA4; Fri, 1 Jul 2022 19:15:41 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9039A492C3B for ; Fri, 1 Jul 2022 19:15:41 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 78C70811E75 for ; Fri, 1 Jul 2022 19:15:41 +0000 (UTC) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-315-FNtGk0abPvCfoHFaFuHMbg-2; Fri, 01 Jul 2022 15:15:39 -0400 Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2022 12:15:37 -0700 Received: from sdp540.jf.intel.com ([10.165.9.5]) by orsmga003.jf.intel.com with ESMTP; 01 Jul 2022 12:15:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656702950; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=crfRQdqB8QdZckFgh7DU0KlIdWRtaJ2n8hTPifdALRI=; b=fJ7Qq974WJb7IDZ/Bin1SMiz9WHleSF8kCzc8L2JfHyXyFmwPP8SqI0R5yS5xbw4uFzb1A syInVi2QuhVOjkRNsV14wn3a7HI/TifNWBlXFOysSIVrS15f2feN8JSSPfiI7Zu7Zbtubm g/TyVeBpgH8p80Wg0f5aST+72nI/JYE= X-MC-Unique: YeCYRGTSNI-jKKu5-KM-kQ-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: FNtGk0abPvCfoHFaFuHMbg-2 X-IronPort-AV: E=McAfee;i="6400,9594,10395"; a="281488248" X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="281488248" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="541833087" From: Lin Yang To: libvir-list@redhat.com, haibin.huang@intel.com, jian-feng.ding@intel.com, lin.a.yang@intel.com Subject: [libvirt][PATCH v13 1/6] Define SGX capabilities structs Date: Fri, 1 Jul 2022 12:14:41 -0700 Message-Id: <20220701191446.727066-2-lin.a.yang@intel.com> In-Reply-To: <20220701191446.727066-1-lin.a.yang@intel.com> References: <20220701191446.727066-1-lin.a.yang@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michal Privoznik Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1656702952113100003 Content-Type: text/plain; charset="utf-8"; x-default="true" From: Haibin Huang Signed-off-by: Michal Privoznik Signed-off-by: Haibin Huang --- src/conf/domain_capabilities.c | 10 ++++++++++ src/conf/domain_capabilities.h | 24 ++++++++++++++++++++++++ src/libvirt_private.syms | 1 + 3 files changed, 35 insertions(+) diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c index 895e8d00e8..27f3fb8d36 100644 --- a/src/conf/domain_capabilities.c +++ b/src/conf/domain_capabilities.c @@ -76,6 +76,16 @@ virSEVCapabilitiesFree(virSEVCapability *cap) } =20 =20 +void +virSGXCapabilitiesFree(virSGXCapability *cap) +{ + if (!cap) + return; + + g_free(cap); +} + + static void virDomainCapsDispose(void *obj) { diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index f2eed80b15..dac1098e98 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -192,6 +192,24 @@ struct _virSEVCapability { unsigned int max_es_guests; }; =20 +typedef struct _virSection virSection; +typedef virSection *virSectionPtr; +struct _virSection { + unsigned long long size; + unsigned int node; +}; + +typedef struct _virSGXCapability virSGXCapability; +typedef virSGXCapability *virSGXCapabilityPtr; +struct _virSGXCapability { + bool flc; + bool sgx1; + bool sgx2; + unsigned long long section_size; + size_t nSections; + virSectionPtr pSections; +}; + typedef enum { VIR_DOMAIN_CAPS_FEATURE_IOTHREADS =3D 0, VIR_DOMAIN_CAPS_FEATURE_VMCOREINFO, @@ -228,6 +246,7 @@ struct _virDomainCaps { =20 virDomainCapsFeatureGIC gic; virSEVCapability *sev; + virSGXCapability *sgx; /* add new domain features here */ =20 virTristateBool features[VIR_DOMAIN_CAPS_FEATURE_LAST]; @@ -276,3 +295,8 @@ void virSEVCapabilitiesFree(virSEVCapability *capabilities); =20 G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSEVCapability, virSEVCapabilitiesFree); + +void +virSGXCapabilitiesFree(virSGXCapability *capabilities); + +G_DEFINE_AUTOPTR_CLEANUP_FUNC(virSGXCapability, virSGXCapabilitiesFree); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 76bcc64eb0..5d17890746 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -216,6 +216,7 @@ virDomainCapsEnumSet; virDomainCapsFormat; virDomainCapsNew; virSEVCapabilitiesFree; +virSGXCapabilitiesFree; =20 =20 # conf/domain_conf.h --=20 2.25.1 From nobody Wed May 15 12:23:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1656702968; cv=none; d=zohomail.com; s=zohoarc; b=gwUWJIccYkp7FQMLI/hKPKiMRnv+WiUbq6jKrfQ3GyDfJznsj6G7lqK5koXlJP0/wm9TMzHGMgmc/D9/B5+cYEWfuQurNqLs4v1J8W59+nRXbhvP86Vhtz36Qj2qvqU+hpnQO5MVVLPPNz9I8qMe0Y2LZJPKC2jt8sLUm8oi7BA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1656702968; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=hMsYmELMC4utFF77eGbZk/xvmgCqLbrCp/lkfFA40aM=; b=jMQBBwH22iOuSjZkcdwjm58JaVKqMZm8O5ZHxOOb1c+sU6QmHCtnNvIVL5Io4xkDLo2jvsXBjbcNEAG117LV5lp7gmggZsUN3Rhe7f49WgivZxIbUnKt1thQNafWnypLusoSfB5ORuVFRWiercE5n04k44jj57Wj/UrJrLUYJJI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1656702968691310.76602981821475; Fri, 1 Jul 2022 12:16:08 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-616-JgD7p_mEOZC7YZJU3qtbvQ-1; Fri, 01 Jul 2022 15:15:53 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6D16885A580; Fri, 1 Jul 2022 19:15:51 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 56E3940D2830; Fri, 1 Jul 2022 19:15:51 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 174561947070; Fri, 1 Jul 2022 19:15:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9E0831947058 for ; Fri, 1 Jul 2022 19:15:49 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 78CE640D2830; Fri, 1 Jul 2022 19:15:49 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 74AFF40D282E for ; Fri, 1 Jul 2022 19:15:49 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5C7F6857A80 for ; Fri, 1 Jul 2022 19:15:49 +0000 (UTC) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-425-fkEoy3_5OBGJPKcb5D_pTw-1; Fri, 01 Jul 2022 15:15:40 -0400 Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2022 12:15:38 -0700 Received: from sdp540.jf.intel.com ([10.165.9.5]) by orsmga003.jf.intel.com with ESMTP; 01 Jul 2022 12:15:38 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656702966; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=hMsYmELMC4utFF77eGbZk/xvmgCqLbrCp/lkfFA40aM=; b=VVGrdUk1Z0NHrN3aYLkvkUH9H7THS9UJhAWguFCgxV7Vfh1mNdx4x0ywGRDBBD15rhwYmD z/7+2/47eeq1zMJAWH8aY5Zl5dm/9VNfbVajv4nB2ucY0GYcacKtHuND47OEPUiPNNAQtv Ulp2cX8SzOuwqNm6vo3wA4OMv0ykrJk= X-MC-Unique: JgD7p_mEOZC7YZJU3qtbvQ-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: fkEoy3_5OBGJPKcb5D_pTw-1 X-IronPort-AV: E=McAfee;i="6400,9594,10395"; a="281488251" X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="281488251" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="541833092" From: Lin Yang To: libvir-list@redhat.com, haibin.huang@intel.com, jian-feng.ding@intel.com, lin.a.yang@intel.com Subject: [libvirt][PATCH v13 2/6] Get SGX capabilities form QMP Date: Fri, 1 Jul 2022 12:14:42 -0700 Message-Id: <20220701191446.727066-3-lin.a.yang@intel.com> In-Reply-To: <20220701191446.727066-1-lin.a.yang@intel.com> References: <20220701191446.727066-1-lin.a.yang@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michal Privoznik Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1656702970185100001 Content-Type: text/plain; charset="utf-8"; x-default="true" From: Haibin Huang Generate the QMP command for query-sgx-capabilities and the command return sgx capabilities from QMP. {"execute":"query-sgx-capabilities"} the right reply: {"return": { "sgx": true, "section-size": 197132288, "flc": true } } the error reply: {"error": {"class": "GenericError", "desc": "SGX is not enabled in KVM"} } Signed-off-by: Michal Privoznik Signed-off-by: Haibin Huang --- src/qemu/qemu_monitor.c | 10 ++++ src/qemu/qemu_monitor.h | 3 + src/qemu/qemu_monitor_json.c | 113 +++++++++++++++++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 4 ++ 4 files changed, 130 insertions(+) diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index fda5d2f368..a1b2138921 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -3653,6 +3653,16 @@ qemuMonitorGetSEVCapabilities(qemuMonitor *mon, } =20 =20 +int +qemuMonitorGetSGXCapabilities(qemuMonitor *mon, + virSGXCapability **capabilities) +{ + QEMU_CHECK_MONITOR(mon); + + return qemuMonitorJSONGetSGXCapabilities(mon, capabilities); +} + + int qemuMonitorNBDServerStart(qemuMonitor *mon, const virStorageNetHostDef *server, diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 95267ec6c7..451ac8eec9 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -864,6 +864,9 @@ int qemuMonitorGetGICCapabilities(qemuMonitor *mon, int qemuMonitorGetSEVCapabilities(qemuMonitor *mon, virSEVCapability **capabilities); =20 +int qemuMonitorGetSGXCapabilities(qemuMonitor *mon, + virSGXCapability **capabilities); + typedef enum { QEMU_MONITOR_MIGRATE_BACKGROUND =3D 1 << 0, QEMU_MONITOR_MIGRATE_NON_SHARED_DISK =3D 1 << 1, /* migration with non-= shared storage with full disk copy */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 3aad2ab212..c900956f82 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -6445,6 +6445,119 @@ qemuMonitorJSONGetSEVCapabilities(qemuMonitor *mon, return 1; } =20 + +/** + * qemuMonitorJSONGetSGXCapabilities: + * @mon: qemu monitor object + * @capabilities: pointer to pointer to a SGX capability structure to be f= illed + * + * This function queries and fills in INTEL's SGX platform-specific data. + * Note that from QEMU's POV both -object sgx-epc and query-sgx-capabiliti= es + * can be present even if SGX is not available, which basically leaves us = with + * checking for JSON "GenericError" in order to differentiate between comp= iled-in + * support and actual SGX support on the platform. + * + * Returns: -1 on error, + * 0 if SGX is not supported, and + * 1 if SGX is supported on the platform. + */ +int +qemuMonitorJSONGetSGXCapabilities(qemuMonitor *mon, + virSGXCapability **capabilities) +{ + g_autoptr(virJSONValue) cmd =3D NULL; + g_autoptr(virJSONValue) reply =3D NULL; + g_autoptr(virSGXCapability) capability =3D NULL; + + virJSONValue *sections =3D NULL; + virJSONValue *caps; + bool flc =3D false; + bool sgx1 =3D false; + bool sgx2 =3D false; + unsigned long long section_size =3D 0; + unsigned long long size; + size_t i; + + *capabilities =3D NULL; + capability =3D g_new0(virSGXCapability, 1); + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sgx-capabilities", NUL= L))) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + return -1; + + /* QEMU has only compiled-in support of SGX */ + if (qemuMonitorJSONHasError(reply, "GenericError")) + return 0; + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + return -1; + + caps =3D virJSONValueObjectGetObject(reply, "return"); + + if (virJSONValueObjectGetBoolean(caps, "flc", &flc) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sgx-capabilities reply was missing 'flc' f= ield")); + return -1; + } + capability->flc =3D flc; + + if (virJSONValueObjectGetBoolean(caps, "sgx1", &sgx1) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sgx-capabilities reply was missing 'sgx1' = field")); + return -1; + } + capability->sgx1 =3D sgx1; + + if (virJSONValueObjectGetBoolean(caps, "sgx2", &sgx2) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sgx-capabilities reply was missing 'sgx2' = field")); + return -1; + } + capability->sgx2 =3D sgx2; + + if (virJSONValueObjectGetNumberUlong(caps, "section-size", §ion_si= ze) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sgx-capabilities reply was missing 'sectio= n-size' field")); + return -1; + } + capability->section_size =3D section_size/1024; + + if (!(sections =3D virJSONValueObjectGetArray(caps, "sections"))) { + capability->nSections =3D 0; + capability->pSections =3D NULL; + VIR_INFO("Sections was not obtained, so QEMU version is 6.2.0"); + *capabilities =3D g_steal_pointer(&capability); + return 1; + } + + // Got the section, the QEMU version is above 7.0.0 + capability->nSections =3D virJSONValueArraySize(sections); + capability->pSections =3D g_new0(virSection, capability->nSections + 1= ); + + for (i =3D 0; i < capability->nSections; i++) { + virJSONValue *elem =3D virJSONValueArrayGet(sections, i); + + if (virJSONValueObjectGetNumberUlong(elem, "size", &size) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sgx-capabilities reply was missing 'si= ze' field")); + return -1; + } + capability->pSections[i].size =3D size/1024; + + if (virJSONValueObjectGetNumberUint(elem, "node", &(capability->pS= ections[i].node)) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sgx-capabilities reply was missing 'no= de' field")); + return -1; + } + } + + *capabilities =3D g_steal_pointer(&capability); + return 1; +} + + static virJSONValue * qemuMonitorJSONBuildInetSocketAddress(const char *host, const char *port) diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index ad3853ae69..442ce00319 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -190,6 +190,10 @@ int qemuMonitorJSONGetGICCapabilities(qemuMonitor *mon, virGICCapability **capabilities); =20 +int +qemuMonitorJSONGetSGXCapabilities(qemuMonitor *mon, + virSGXCapability **capabilities); + int qemuMonitorJSONGetSEVCapabilities(qemuMonitor *mon, virSEVCapability **capabilities); --=20 2.25.1 From nobody Wed May 15 12:23:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1656702949; cv=none; d=zohomail.com; s=zohoarc; b=fL8BsaLxPinBzYaYwg3ZOzm0AcpO/2eBXoNRfX3UtCO8CMXd1vte4ZuOtSrcRhpLJkULqzztGbCfKoGKsAanie8mg2mbg+Hb4f7tcPDlhnYsEhX/b5RXpnYskuMpFPoSilN0o1+wsQKedbzq2074ZAP5XdDVUZQLJZ2sBEJ9Nv8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1656702949; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=61pxy5xTTXKzq0S7Hj9TsoijfXQI2AaEilABTlHMOU4=; b=ZdlFX7E9Z/wv16B1eG2eCvJAhYkz1OLgwVfp77BWX4QetKnqYqpl06SRgOYsYc6rsF25GdmOefPvMgo+Ysd0EwqfJp6Q29/haOzdeQWjUCNQ+u4PMZh6oSHDK53yCE8UE7AFvSCREB4tM26bq/huEzAoU1a4vVC7Ddtw13eZDjw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 165670294928470.25225133365996; Fri, 1 Jul 2022 12:15:49 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-653-8Q6aD3xzMUmTfHCuP0swIA-1; Fri, 01 Jul 2022 15:15:46 -0400 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5A22D3C0ED6D; Fri, 1 Jul 2022 19:15:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4362940334D; Fri, 1 Jul 2022 19:15:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 160E31947079; Fri, 1 Jul 2022 19:15:44 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 298281947058 for ; Fri, 1 Jul 2022 19:15:43 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 0CBCF112131E; Fri, 1 Jul 2022 19:15:43 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast10.extmail.prod.ext.rdu2.redhat.com [10.11.55.26]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 082ED1121314 for ; Fri, 1 Jul 2022 19:15:43 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DD5A81C06EC5 for ; Fri, 1 Jul 2022 19:15:42 +0000 (UTC) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-315-lTvfTJNqPRm5Pxq6uTgUMw-3; Fri, 01 Jul 2022 15:15:41 -0400 Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2022 12:15:39 -0700 Received: from sdp540.jf.intel.com ([10.165.9.5]) by orsmga003.jf.intel.com with ESMTP; 01 Jul 2022 12:15:39 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656702948; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=61pxy5xTTXKzq0S7Hj9TsoijfXQI2AaEilABTlHMOU4=; b=bi3MHrKzR2nQmgIf225ytxUvIW+PXO+mDW3bYixhUBxbKY4PTcjquLkhyrqhjfqEO4CfOU 2RxyxGb452u3YbIqDcxvFv7dQOUvUgeEI1FUPyjWtO0r5XW/Y1zQgbTNuwrM8XdV1S0/93 4jSipoxpbfvFhueDeWa3OBI5EPKthxc= X-MC-Unique: 8Q6aD3xzMUmTfHCuP0swIA-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: lTvfTJNqPRm5Pxq6uTgUMw-3 X-IronPort-AV: E=McAfee;i="6400,9594,10395"; a="281488255" X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="281488255" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="541833099" From: Lin Yang To: libvir-list@redhat.com, haibin.huang@intel.com, jian-feng.ding@intel.com, lin.a.yang@intel.com Subject: [libvirt][PATCH v13 3/6] Convert QMP capabilities to domain capabilities Date: Fri, 1 Jul 2022 12:14:43 -0700 Message-Id: <20220701191446.727066-4-lin.a.yang@intel.com> In-Reply-To: <20220701191446.727066-1-lin.a.yang@intel.com> References: <20220701191446.727066-1-lin.a.yang@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michal Privoznik Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1656702950430100001 Content-Type: text/plain; charset="utf-8"; x-default="true" From: Haibin Huang the QMP capabilities: {"return": { "sgx": true, "section-size": 1024, "flc": true } } the domain capabilities: yes 1 Signed-off-by: Michal Privoznik Signed-off-by: Haibin Huang --- src/qemu/qemu_capabilities.c | 230 ++++++++++++++++++ src/qemu/qemu_capabilities.h | 4 + .../caps_6.2.0.x86_64.replies | 30 ++- .../caps_6.2.0.x86_64.xml | 7 + .../caps_7.0.0.x86_64.replies | 34 ++- .../caps_7.0.0.x86_64.xml | 11 + .../caps_7.1.0.x86_64.replies | 34 ++- .../caps_7.1.0.x86_64.xml | 11 + 8 files changed, 346 insertions(+), 15 deletions(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 2c3be3ecec..57b5acb150 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -671,6 +671,7 @@ VIR_ENUM_IMPL(virQEMUCaps, "chardev.qemu-vdagent", /* QEMU_CAPS_CHARDEV_QEMU_VDAGENT */ "display-dbus", /* QEMU_CAPS_DISPLAY_DBUS */ "iothread.thread-pool-max", /* QEMU_CAPS_IOTHREAD_THREAD_POO= L_MAX */ + "sgx-epc", /* QEMU_CAPS_SGX_EPC */ ); =20 =20 @@ -752,6 +753,8 @@ struct _virQEMUCaps { =20 virSEVCapability *sevCapabilities; =20 + virSGXCapability *sgxCapabilities; + /* Capabilities which may differ depending on the accelerator. */ virQEMUCapsAccel kvm; virQEMUCapsAccel hvf; @@ -1394,6 +1397,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "s390-pv-guest", QEMU_CAPS_S390_PV_GUEST }, { "virtio-mem-pci", QEMU_CAPS_DEVICE_VIRTIO_MEM_PCI }, { "virtio-iommu-pci", QEMU_CAPS_DEVICE_VIRTIO_IOMMU_PCI }, + { "sgx-epc", QEMU_CAPS_SGX_EPC }, }; =20 =20 @@ -1972,6 +1976,32 @@ virQEMUCapsSEVInfoCopy(virSEVCapability **dst, } =20 =20 +static int +virQEMUCapsSGXInfoCopy(virSGXCapability **dst, + virSGXCapability *src) +{ + g_autoptr(virSGXCapability) tmp =3D NULL; + + tmp =3D g_new0(virSGXCapability, 1); + + tmp->flc =3D src->flc; + tmp->sgx1 =3D src->sgx1; + tmp->sgx2 =3D src->sgx2; + tmp->section_size =3D src->section_size; + + if (src->nSections =3D=3D 0) { + tmp->nSections =3D 0; + tmp->pSections =3D NULL; + } else { + tmp->nSections =3D src->nSections; + tmp->pSections =3D src->pSections; + } + + *dst =3D g_steal_pointer(&tmp); + return 0; +} + + static void virQEMUCapsAccelCopyMachineTypes(virQEMUCapsAccel *dst, virQEMUCapsAccel *src) @@ -2053,6 +2083,12 @@ virQEMUCaps *virQEMUCapsNewCopy(virQEMUCaps *qemuCap= s) qemuCaps->sevCapabilities) < 0) return NULL; =20 + + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC) && + virQEMUCapsSGXInfoCopy(&ret->sgxCapabilities, + qemuCaps->sgxCapabilities) < 0) + return NULL; + return g_steal_pointer(&ret); } =20 @@ -2091,6 +2127,7 @@ void virQEMUCapsDispose(void *obj) virCPUDataFree(qemuCaps->cpuData); =20 virSEVCapabilitiesFree(qemuCaps->sevCapabilities); + virSGXCapabilitiesFree(qemuCaps->sgxCapabilities); =20 virQEMUCapsAccelClear(&qemuCaps->kvm); virQEMUCapsAccelClear(&qemuCaps->hvf); @@ -2616,6 +2653,13 @@ virQEMUCapsGetSEVCapabilities(virQEMUCaps *qemuCaps) } =20 =20 +virSGXCapabilityPtr +virQEMUCapsGetSGXCapabilities(virQEMUCaps *qemuCaps) +{ + return qemuCaps->sgxCapabilities; +} + + static int virQEMUCapsProbeQMPCommands(virQEMUCaps *qemuCaps, qemuMonitor *mon) @@ -3442,6 +3486,31 @@ virQEMUCapsProbeQMPSEVCapabilities(virQEMUCaps *qemu= Caps, } =20 =20 +static int +virQEMUCapsProbeQMPSGXCapabilities(virQEMUCaps *qemuCaps, + qemuMonitor *mon) +{ + int rc =3D -1; + virSGXCapability *caps =3D NULL; + + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC)) + return 0; + + if ((rc =3D qemuMonitorGetSGXCapabilities(mon, &caps)) < 0) + return -1; + + /* SGX isn't actually supported */ + if (rc =3D=3D 0) { + virQEMUCapsClear(qemuCaps, QEMU_CAPS_SGX_EPC); + return 0; + } + + virSGXCapabilitiesFree(qemuCaps->sgxCapabilities); + qemuCaps->sgxCapabilities =3D caps; + return 0; +} + + /* * Filter for features which should never be passed to QEMU. Either because * QEMU never supported them or they were dropped as they never did anythi= ng @@ -4220,6 +4289,116 @@ virQEMUCapsParseSEVInfo(virQEMUCaps *qemuCaps, xmlX= PathContextPtr ctxt) } =20 =20 +static int +virQEMUCapsParseSGXInfo(virQEMUCaps *qemuCaps, + xmlXPathContextPtr ctxt) +{ + g_autoptr(virSGXCapability) sgx =3D NULL; + xmlNodePtr node; + + g_autofree xmlNodePtr *nodes =3D NULL; + g_autofree xmlNodePtr *sectionNodes =3D NULL; + g_autofree char *flc =3D NULL; + g_autofree char *sgx1 =3D NULL; + g_autofree char *sgx2 =3D NULL; + + int n =3D 0; + int nsections =3D 0; + + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC)) + return 0; + + if (virXPathBoolean("boolean(./sgx)", ctxt) =3D=3D 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("missing SGX platform data in QEMU capabilities c= ache")); + return -1; + } + + sgx =3D g_new0(virSGXCapability, 1); + + if ((!(flc =3D virXPathString("string(./sgx/flc)", ctxt))) || + virStringParseYesNo(flc, &sgx->flc) < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("missing or invalid SGX platform flc in QEMU capa= bilities cache")); + return -1; + } + + if ((!(sgx1 =3D virXPathString("string(./sgx/sgx1)", ctxt))) || + virStringParseYesNo(sgx1, &sgx->sgx1) < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("missing or invalid SGX platform sgx1 in QEMU cap= abilities cache")); + return -1; + } + + if ((!(sgx2 =3D virXPathString("string(./sgx/sgx2)", ctxt))) || + virStringParseYesNo(sgx2, &sgx->sgx2) < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("missing or invalid SGX platform sgx2 in QEMU cap= abilities cache")); + return -1; + } + + if (virXPathULongLong("string(./sgx/section_size)", ctxt, &sgx->sectio= n_size) < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("missing or malformed SGX platform section_size i= n QEMU capabilities cache")); + return -1; + } + + if ((n =3D virXPathNodeSet("./sgx/sections", ctxt, &nodes)) < 0) { + sgx->nSections =3D 0; + sgx->pSections =3D NULL; + VIR_INFO("Sections was not obtained, so QEMU version is 6.2.0"); + qemuCaps->sgxCapabilities =3D g_steal_pointer(&sgx); + return 0; + } + + if (n =3D=3D 0) { + qemuCaps->sgxCapabilities =3D g_steal_pointer(&sgx); + return 0; + } + + // Got the section, the QEMU version is above 7.0.0 + node =3D ctxt->node; + ctxt->node =3D nodes[0]; + nsections =3D virXPathNodeSet("./section", ctxt, §ionNodes); + ctxt->node =3D node; + + if (nsections < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("failed to parse CPU blockers in QEMU capabilitie= s")); + return -1; + } + + if (nsections > 0) { + size_t i; + g_autofree char * strNode =3D NULL; + g_autofree char * strSize =3D NULL; + sgx->nSections =3D nsections; + sgx->pSections =3D g_new0(virSection, nsections + 1); + + for (i =3D 0; i < nsections; i++) { + if ((strNode =3D virXMLPropString(sectionNodes[i], "node")) && + (virStrToLong_ui(strNode, NULL, 10, &(sgx->pSections[i].no= de)) < 0)) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("missing node name in QEMU " + "capabilities cache")); + return -1; + } + + if ((strSize =3D virXMLPropString(sectionNodes[i], "size")) && + (virStrToLong_ull(strSize, NULL, 10, &(sgx->pSections[i].s= ize)) < 0)) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("missing size name in QEMU " + "capabilities cache")); + return -1; + } + } + } + + qemuCaps->sgxCapabilities =3D g_steal_pointer(&sgx); + return 0; +} + + static int virQEMUCapsParseFlags(virQEMUCaps *qemuCaps, xmlXPathContextPtr ctxt) { @@ -4522,6 +4701,9 @@ virQEMUCapsLoadCache(virArch hostArch, if (virQEMUCapsParseSEVInfo(qemuCaps, ctxt) < 0) return -1; =20 + if (virQEMUCapsParseSGXInfo(qemuCaps, ctxt) < 0) + return -1; + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_KVM)) virQEMUCapsInitHostCPUModel(qemuCaps, hostArch, VIR_DOMAIN_VIRT_KV= M); if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_HVF)) @@ -4707,6 +4889,49 @@ virQEMUCapsFormatSEVInfo(virQEMUCaps *qemuCaps, virB= uffer *buf) } =20 =20 +static void +virQEMUCapsFormatSGXInfo(virQEMUCaps *qemuCaps, + virBuffer *buf) +{ + virSGXCapabilityPtr sgx =3D virQEMUCapsGetSGXCapabilities(qemuCaps); + size_t i; + + virBufferAddLit(buf, "\n"); + virBufferAdjustIndent(buf, 2); + if (sgx->flc) { + virBufferAsprintf(buf, "%s\n", "yes"); + } else { + virBufferAsprintf(buf, "%s\n", "no"); + } + if (sgx->sgx1) { + virBufferAsprintf(buf, "%s\n", "yes"); + } else { + virBufferAsprintf(buf, "%s\n", "no"); + } + if (sgx->sgx2) { + virBufferAsprintf(buf, "%s\n", "yes"); + } else { + virBufferAsprintf(buf, "%s\n", "no"); + } + virBufferAsprintf(buf, "%llu= \n", sgx->section_size); + + if (sgx->nSections > 0) { + virBufferAddLit(buf, "\n"); + + for (i =3D 0; i < sgx->nSections; i++) { + virBufferAdjustIndent(buf, 2); + virBufferAsprintf(buf, "
pSections= [i].node); + virBufferAsprintf(buf, "size=3D'%llu'/>\n", sgx->pSections[i].= size); + virBufferAdjustIndent(buf, -2); + } + virBufferAddLit(buf, "\n"); + } + + virBufferAdjustIndent(buf, -2); + virBufferAddLit(buf, "\n"); +} + + char * virQEMUCapsFormatCache(virQEMUCaps *qemuCaps) { @@ -4788,6 +5013,9 @@ virQEMUCapsFormatCache(virQEMUCaps *qemuCaps) if (qemuCaps->sevCapabilities) virQEMUCapsFormatSEVInfo(qemuCaps, &buf); =20 + if (qemuCaps->sgxCapabilities) + virQEMUCapsFormatSGXInfo(qemuCaps, &buf); + if (qemuCaps->kvmSupportsNesting) virBufferAddLit(&buf, "\n"); =20 @@ -5455,6 +5683,8 @@ virQEMUCapsInitQMPMonitor(virQEMUCaps *qemuCaps, return -1; if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0) return -1; + if (virQEMUCapsProbeQMPSGXCapabilities(qemuCaps, mon) < 0) + return -1; =20 virQEMUCapsInitProcessCaps(qemuCaps); =20 diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 6f35ba1485..fc8c0fde1b 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -650,6 +650,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ QEMU_CAPS_CHARDEV_QEMU_VDAGENT, /* -chardev qemu-vdagent */ QEMU_CAPS_DISPLAY_DBUS, /* -display dbus */ QEMU_CAPS_IOTHREAD_THREAD_POOL_MAX, /* -object iothread.thread-pool-ma= x */ + QEMU_CAPS_SGX_EPC, /* -object sgx-epc,... */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; @@ -843,6 +844,9 @@ virQEMUCapsCPUFeatureFromQEMU(virQEMUCaps *qemuCaps, virSEVCapability * virQEMUCapsGetSEVCapabilities(virQEMUCaps *qemuCaps); =20 +virSGXCapabilityPtr +virQEMUCapsGetSGXCapabilities(virQEMUCaps *qemuCaps); + bool virQEMUCapsGetKVMSupportsSecureGuest(virQEMUCaps *qemuCaps) G_GNUC_NO_INLI= NE; =20 diff --git a/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.replies b/tests/q= emucapabilitiesdata/caps_6.2.0.x86_64.replies index e235532d62..0151ab07fa 100644 --- a/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.replies +++ b/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.replies @@ -7459,15 +7459,15 @@ "type": "bool" }, { - "name": "sgx1", + "name": "flc", "type": "bool" }, { - "name": "sgx2", + "name": "sgx1", "type": "bool" }, { - "name": "flc", + "name": "sgx2", "type": "bool" }, { @@ -32707,6 +32707,22 @@ } } =20 +{ + "execute": "query-sgx-capabilities", + "id": "libvirt-51" +} + +{ + "return": { + "sgx": true, + "flc": false, + "sgx1": true, + "sgx2": false, + "section-size": 2048 + }, + "id": "libvirt-51" +} + { "execute": "query-cpu-model-expansion", "arguments": { @@ -32715,7 +32731,7 @@ "name": "host" } }, - "id": "libvirt-51" + "id": "libvirt-52" } =20 { @@ -33048,7 +33064,7 @@ } } }, - "id": "libvirt-51" + "id": "libvirt-52" } =20 { @@ -33062,7 +33078,7 @@ } } }, - "id": "libvirt-52" + "id": "libvirt-53" } =20 { @@ -33395,7 +33411,7 @@ } } }, - "id": "libvirt-52" + "id": "libvirt-53" } =20 { diff --git a/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_6.2.0.x86_64.xml index 19605d93ae..e1f177281f 100644 --- a/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml @@ -238,6 +238,7 @@ + 6002000 0 43100244 @@ -3706,4 +3707,10 @@ + + no + yes + no + 2 + diff --git a/tests/qemucapabilitiesdata/caps_7.0.0.x86_64.replies b/tests/q= emucapabilitiesdata/caps_7.0.0.x86_64.replies index 620442704a..9f806412f7 100644 --- a/tests/qemucapabilitiesdata/caps_7.0.0.x86_64.replies +++ b/tests/qemucapabilitiesdata/caps_7.0.0.x86_64.replies @@ -33317,6 +33317,32 @@ } } =20 +{ + "execute": "query-sgx-capabilities", + "id": "libvirt-51" +} + +{ + "return": { + "sgx": true, + "flc": false, + "sgx1": true, + "sgx2": false, + "section-size": 2048, + "sections": [ + { + "node": 0, + "size": 1024 + }, + { + "node": 1, + "size": 1024 + } + ] + }, + "id": "libvirt-51" +} + { "execute": "query-cpu-model-expansion", "arguments": { @@ -33325,7 +33351,7 @@ "name": "host" } }, - "id": "libvirt-51" + "id": "libvirt-52" } =20 { @@ -33662,7 +33688,7 @@ } } }, - "id": "libvirt-51" + "id": "libvirt-52" } =20 { @@ -33676,7 +33702,7 @@ } } }, - "id": "libvirt-52" + "id": "libvirt-53" } =20 { @@ -34013,7 +34039,7 @@ } } }, - "id": "libvirt-52" + "id": "libvirt-53" } =20 { diff --git a/tests/qemucapabilitiesdata/caps_7.0.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_7.0.0.x86_64.xml index 05f844fd5b..7cad1fd7d8 100644 --- a/tests/qemucapabilitiesdata/caps_7.0.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_7.0.0.x86_64.xml @@ -243,6 +243,7 @@ + 7000000 0 43100243 @@ -3771,4 +3772,14 @@ + + no + yes + no + 2 + +
+
+ + diff --git a/tests/qemucapabilitiesdata/caps_7.1.0.x86_64.replies b/tests/q= emucapabilitiesdata/caps_7.1.0.x86_64.replies index 025d2db895..b9f9201ac7 100644 --- a/tests/qemucapabilitiesdata/caps_7.1.0.x86_64.replies +++ b/tests/qemucapabilitiesdata/caps_7.1.0.x86_64.replies @@ -33866,6 +33866,32 @@ } } =20 +{ + "execute": "query-sgx-capabilities", + "id": "libvirt-51" +} + +{ + "return": { + "sgx": true, + "flc": false, + "sgx1": true, + "sgx2": false, + "section-size": 2048, + "sections": [ + { + "node": 0, + "size": 1024 + }, + { + "node": 1, + "size": 1024 + } + ] + }, + "id": "libvirt-51" +} + { "execute": "query-cpu-model-expansion", "arguments": { @@ -33874,7 +33900,7 @@ "name": "host" } }, - "id": "libvirt-51" + "id": "libvirt-52" } =20 { @@ -34212,7 +34238,7 @@ } } }, - "id": "libvirt-51" + "id": "libvirt-52" } =20 { @@ -34226,7 +34252,7 @@ } } }, - "id": "libvirt-52" + "id": "libvirt-53" } =20 { @@ -34564,7 +34590,7 @@ } } }, - "id": "libvirt-52" + "id": "libvirt-53" } =20 { diff --git a/tests/qemucapabilitiesdata/caps_7.1.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_7.1.0.x86_64.xml index 3707d9b7c9..21b5e361b1 100644 --- a/tests/qemucapabilitiesdata/caps_7.1.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_7.1.0.x86_64.xml @@ -244,6 +244,7 @@ + 7000050 0 43100244 @@ -3569,4 +3570,14 @@ + + no + yes + no + 2 + +
+
+ + --=20 2.25.1 From nobody Wed May 15 12:23:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1656702958; cv=none; d=zohomail.com; s=zohoarc; b=OyYhIrK3hE/geWD0JtWunkjErpu+HOlqvu4hhH6yN6DvCDWY7uoRpyI2rks1kavCbdXBnK43164gGhBk/1wkpfR6TtS1qLuVt+JZqKMYrYjZzrZFnBwTuP4YxCWHN3o8Qg798X1ud5LQVr29KnjLcWlVvMBuSvVEjyYz/hsLUk4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1656702958; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=cxZ/jnUlU29oZUhPC3SmkkRIzyH42qvjOeTMJt1JogA=; b=nADDW62hJFwwXSptU8L/9JlWz3wBKAuNOioeJ/58CSvsa5LwfdgpcIALxHju06DADir+ZT7ihBWccA+OY+nFx3/e9DtquD0eifEnnyOQCpH9aI+5jitD5EgxRTwZDLBA8zuIiGmP9Wk+2YnweBEPqffjLrDP5rgwktX2MgW4ePM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1656702958371949.0178684988573; Fri, 1 Jul 2022 12:15:58 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-9-CIdEF4QOOISEvcQ9RM-5Mg-1; Fri, 01 Jul 2022 15:15:49 -0400 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2DDB0811E81; Fri, 1 Jul 2022 19:15:47 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 183D440336E; Fri, 1 Jul 2022 19:15:47 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id F0A4619451F1; Fri, 1 Jul 2022 19:15:46 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 0FACE1947058 for ; Fri, 1 Jul 2022 19:15:46 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id E69EE2026D07; Fri, 1 Jul 2022 19:15:45 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast08.extmail.prod.ext.rdu2.redhat.com [10.11.55.24]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E18AE2026D64 for ; Fri, 1 Jul 2022 19:15:45 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B5CB63802123 for ; Fri, 1 Jul 2022 19:15:45 +0000 (UTC) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-425-y9l3TrsVNQ-_KJZMXjCDBg-2; Fri, 01 Jul 2022 15:15:41 -0400 Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2022 12:15:41 -0700 Received: from sdp540.jf.intel.com ([10.165.9.5]) by orsmga003.jf.intel.com with ESMTP; 01 Jul 2022 12:15:40 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656702953; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=cxZ/jnUlU29oZUhPC3SmkkRIzyH42qvjOeTMJt1JogA=; b=WQrUChLmVqvexR+5iSv02/+itacP98B+UoeAu5H0Fw0e5KzTt/6pcqhwkhBvsAOZ/tF8vk 6rsQ9eNGpsBy6tRQqErgt0bzdX6H+uo6F+IC0mt/lPltu+2r4tK2YzNMkSGLMw9it8JBU+ rqeOJQof9Q8fCsoFMQS70Sa/peEUDac= X-MC-Unique: CIdEF4QOOISEvcQ9RM-5Mg-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: y9l3TrsVNQ-_KJZMXjCDBg-2 X-IronPort-AV: E=McAfee;i="6400,9594,10395"; a="281488257" X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="281488257" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="541833106" From: Lin Yang To: libvir-list@redhat.com, haibin.huang@intel.com, jian-feng.ding@intel.com, lin.a.yang@intel.com Subject: [libvirt][PATCH v13 4/6] conf: expose SGX feature in domain capabilities Date: Fri, 1 Jul 2022 12:14:44 -0700 Message-Id: <20220701191446.727066-5-lin.a.yang@intel.com> In-Reply-To: <20220701191446.727066-1-lin.a.yang@intel.com> References: <20220701191446.727066-1-lin.a.yang@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michal Privoznik Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1656702960160100001 Content-Type: text/plain; charset="utf-8"; x-default="true" From: Haibin Huang Extend hypervisor capabilities to include sgx feature. When available, the hypervisor supports launching an VM with SGX on Intel platfrom. The SGX feature tag privides additional details like section size and sgx1 or sgx2. Signed-off-by: Michal Privoznik Signed-off-by: Haibin Huang --- docs/formatdomaincaps.rst | 40 ++++++++++++++++ src/conf/domain_capabilities.c | 48 +++++++++++++++++++ src/conf/schemas/domaincaps.rng | 42 ++++++++++++++++ src/qemu/qemu_capabilities.c | 28 +++++++++++ tests/domaincapsdata/bhyve_basic.x86_64.xml | 1 + tests/domaincapsdata/bhyve_fbuf.x86_64.xml | 1 + tests/domaincapsdata/bhyve_uefi.x86_64.xml | 1 + tests/domaincapsdata/empty.xml | 1 + tests/domaincapsdata/libxl-xenfv.xml | 1 + tests/domaincapsdata/libxl-xenpv.xml | 1 + .../domaincapsdata/qemu_2.11.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_2.11.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_2.11.0.s390x.xml | 1 + tests/domaincapsdata/qemu_2.11.0.x86_64.xml | 1 + .../domaincapsdata/qemu_2.12.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_2.12.0-tcg.x86_64.xml | 1 + .../qemu_2.12.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_2.12.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_2.12.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_2.12.0.s390x.xml | 1 + tests/domaincapsdata/qemu_2.12.0.x86_64.xml | 1 + .../domaincapsdata/qemu_3.0.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_3.0.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_3.0.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_3.0.0.s390x.xml | 1 + tests/domaincapsdata/qemu_3.0.0.x86_64.xml | 1 + .../domaincapsdata/qemu_3.1.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_3.1.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_3.1.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_3.1.0.x86_64.xml | 1 + .../domaincapsdata/qemu_4.0.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_4.0.0-tcg.x86_64.xml | 1 + .../qemu_4.0.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_4.0.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_4.0.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_4.0.0.s390x.xml | 1 + tests/domaincapsdata/qemu_4.0.0.x86_64.xml | 1 + .../domaincapsdata/qemu_4.1.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_4.1.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_4.1.0.x86_64.xml | 1 + .../domaincapsdata/qemu_4.2.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_4.2.0-tcg.x86_64.xml | 1 + .../qemu_4.2.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_4.2.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_4.2.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_4.2.0.s390x.xml | 1 + tests/domaincapsdata/qemu_4.2.0.x86_64.xml | 1 + .../domaincapsdata/qemu_5.0.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_5.0.0-tcg.x86_64.xml | 1 + .../qemu_5.0.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_5.0.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_5.0.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_5.0.0.x86_64.xml | 1 + .../domaincapsdata/qemu_5.1.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_5.1.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_5.1.0.sparc.xml | 1 + tests/domaincapsdata/qemu_5.1.0.x86_64.xml | 1 + .../domaincapsdata/qemu_5.2.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_5.2.0-tcg.x86_64.xml | 1 + .../qemu_5.2.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_5.2.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_5.2.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_5.2.0.s390x.xml | 1 + tests/domaincapsdata/qemu_5.2.0.x86_64.xml | 1 + .../domaincapsdata/qemu_6.0.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_6.0.0-tcg.x86_64.xml | 1 + .../qemu_6.0.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_6.0.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_6.0.0.s390x.xml | 1 + tests/domaincapsdata/qemu_6.0.0.x86_64.xml | 1 + .../domaincapsdata/qemu_6.1.0-q35.x86_64.xml | 1 + .../domaincapsdata/qemu_6.1.0-tcg.x86_64.xml | 1 + tests/domaincapsdata/qemu_6.1.0.x86_64.xml | 1 + .../domaincapsdata/qemu_6.2.0-q35.x86_64.xml | 6 +++ .../domaincapsdata/qemu_6.2.0-tcg.x86_64.xml | 6 +++ .../qemu_6.2.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_6.2.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_6.2.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_6.2.0.x86_64.xml | 6 +++ .../domaincapsdata/qemu_7.0.0-q35.x86_64.xml | 10 ++++ .../domaincapsdata/qemu_7.0.0-tcg.x86_64.xml | 10 ++++ .../qemu_7.0.0-virt.aarch64.xml | 1 + tests/domaincapsdata/qemu_7.0.0.aarch64.xml | 1 + tests/domaincapsdata/qemu_7.0.0.ppc64.xml | 1 + tests/domaincapsdata/qemu_7.0.0.x86_64.xml | 10 ++++ .../domaincapsdata/qemu_7.1.0-q35.x86_64.xml | 10 ++++ .../domaincapsdata/qemu_7.1.0-tcg.x86_64.xml | 10 ++++ tests/domaincapsdata/qemu_7.1.0.x86_64.xml | 10 ++++ 88 files changed, 311 insertions(+) diff --git a/docs/formatdomaincaps.rst b/docs/formatdomaincaps.rst index 933469b2a2..d3bdee28d4 100644 --- a/docs/formatdomaincaps.rst +++ b/docs/formatdomaincaps.rst @@ -519,6 +519,16 @@ capabilities. All features occur as children of the ma= in ``features`` element. 47 1 + + no + yes + no + 2 + +
+
+ + =20 @@ -598,3 +608,33 @@ in domain XML `__ ``maxESGuests`` The maximum number of SEV-ES guests that can be launched on the host. T= his value may be configurable in the firmware for some hosts. + +SGX capabilities +^^^^^^^^^^^^^^^^ + +Intel Software Guard Extensions (Intel SGX) capabilities are exposed under= the +``sgx`` element. + +Intel SGX helps protect data in use via unique application isolation techn= ology. +Protect selected code and data from modification using hardened enclaves w= ith +Intel SGX. + +For more details on the SGX feature, please follow resources in the SGX de= veloper's +document store. In order to use SGX with libvirt have a look at formatdoma= in.rst +Memory devices. + +``flc`` + FLC (Flexible Launch Control), not strictly part of SGX2, but was not p= art of + original SGX hardware either. + +``sgx1`` + the sgx version 1. + +``sgx2`` + The sgx version 2. + +``section_size`` + The size of the SGX enclave page cache (called EPC). + +``sections`` + The sections of the SGX enclave page cache (called EPC). diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c index 27f3fb8d36..fa29f69807 100644 --- a/src/conf/domain_capabilities.c +++ b/src/conf/domain_capabilities.c @@ -98,6 +98,7 @@ virDomainCapsDispose(void *obj) virObjectUnref(caps->cpu.custom); virCPUDefFree(caps->cpu.hostModel); virSEVCapabilitiesFree(caps->sev); + virSGXCapabilitiesFree(caps->sgx); =20 values =3D &caps->os.loader.values; for (i =3D 0; i < values->nvalues; i++) @@ -620,6 +621,52 @@ virDomainCapsFeatureSEVFormat(virBuffer *buf, return; } =20 +static void +virDomainCapsFeatureSGXFormat(virBuffer *buf, + const virSGXCapability *sgx) +{ + size_t i; + + if (!sgx) { + virBufferAddLit(buf, "\n"); + } else { + virBufferAddLit(buf, "\n"); + virBufferAdjustIndent(buf, 2); + if (sgx->flc) { + virBufferAsprintf(buf, "%s\n", "yes"); + } else { + virBufferAsprintf(buf, "%s\n", "no"); + } + if (sgx->sgx1) { + virBufferAsprintf(buf, "%s\n", "yes"); + } else { + virBufferAsprintf(buf, "%s\n", "no"); + } + if (sgx->sgx2) { + virBufferAsprintf(buf, "%s\n", "yes"); + } else { + virBufferAsprintf(buf, "%s\n", "no"); + } + virBufferAsprintf(buf, "%llu\n", sgx->section_size); + + if (sgx->nSections > 0) { + virBufferAddLit(buf, "\n"); + + for (i =3D 0; i < sgx->nSections; i++) { + virBufferAdjustIndent(buf, 2); + virBufferAsprintf(buf, "
pSect= ions[i].node); + virBufferAsprintf(buf, "size=3D'%llu'/>\n", sgx->pSections= [i].size); + virBufferAdjustIndent(buf, -2); + } + virBufferAddLit(buf, "\n"); + } + + virBufferAdjustIndent(buf, -2); + virBufferAddLit(buf, "\n"); + } + + return; +} =20 static void virDomainCapsFormatFeatures(const virDomainCaps *caps, @@ -640,6 +687,7 @@ virDomainCapsFormatFeatures(const virDomainCaps *caps, } =20 virDomainCapsFeatureSEVFormat(&childBuf, caps->sev); + virDomainCapsFeatureSGXFormat(&childBuf, caps->sgx); =20 virXMLFormatElement(buf, "features", NULL, &childBuf); } diff --git a/src/conf/schemas/domaincaps.rng b/src/conf/schemas/domaincaps.= rng index 9cbc2467ab..6975ebacb9 100644 --- a/src/conf/schemas/domaincaps.rng +++ b/src/conf/schemas/domaincaps.rng @@ -270,6 +270,9 @@ + + + =20 @@ -330,6 +333,45 @@ =20 + + + + + + + + + + + + + + + + KiB + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 57b5acb150..598c694738 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -6744,6 +6744,33 @@ virQEMUCapsFillDomainFeatureS390PVCaps(virQEMUCaps *= qemuCaps, } } =20 +/** + * virQEMUCapsFillDomainFeatureiSGXCaps: + * @qemuCaps: QEMU capabilities + * @domCaps: domain capabilities + * + * Take the information about SGX capabilities that has been obtained + * using the 'query-sgx-capabilities' QMP command and stored in @qemuCaps + * and convert it to a form suitable for @domCaps. + */ +static void +virQEMUCapsFillDomainFeatureSGXCaps(virQEMUCaps *qemuCaps, + virDomainCaps *domCaps) +{ + virSGXCapability *cap =3D qemuCaps->sgxCapabilities; + + if (!cap) + return; + + domCaps->sgx =3D g_new0(virSGXCapability, 1); + + domCaps->sgx->flc =3D cap->flc; + domCaps->sgx->sgx1 =3D cap->sgx1; + domCaps->sgx->sgx2 =3D cap->sgx2; + domCaps->sgx->section_size =3D cap->section_size; + domCaps->sgx->nSections =3D cap->nSections; + domCaps->sgx->pSections =3D cap->pSections; +} =20 int virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps, @@ -6796,6 +6823,7 @@ virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps, virQEMUCapsFillDomainFeatureGICCaps(qemuCaps, domCaps); virQEMUCapsFillDomainFeatureSEVCaps(qemuCaps, domCaps); virQEMUCapsFillDomainFeatureS390PVCaps(qemuCaps, domCaps); + virQEMUCapsFillDomainFeatureSGXCaps(qemuCaps, domCaps); =20 return 0; } diff --git a/tests/domaincapsdata/bhyve_basic.x86_64.xml b/tests/domaincaps= data/bhyve_basic.x86_64.xml index 745f325531..dd054577c0 100644 --- a/tests/domaincapsdata/bhyve_basic.x86_64.xml +++ b/tests/domaincapsdata/bhyve_basic.x86_64.xml @@ -33,5 +33,6 @@ + diff --git a/tests/domaincapsdata/bhyve_fbuf.x86_64.xml b/tests/domaincapsd= ata/bhyve_fbuf.x86_64.xml index bb11c02ae9..0b1d9c17d7 100644 --- a/tests/domaincapsdata/bhyve_fbuf.x86_64.xml +++ b/tests/domaincapsdata/bhyve_fbuf.x86_64.xml @@ -50,5 +50,6 @@ + diff --git a/tests/domaincapsdata/bhyve_uefi.x86_64.xml b/tests/domaincapsd= ata/bhyve_uefi.x86_64.xml index dfd2360d74..69fff197a7 100644 --- a/tests/domaincapsdata/bhyve_uefi.x86_64.xml +++ b/tests/domaincapsdata/bhyve_uefi.x86_64.xml @@ -42,5 +42,6 @@ + diff --git a/tests/domaincapsdata/empty.xml b/tests/domaincapsdata/empty.xml index d3e2d89b60..97752ca04a 100644 --- a/tests/domaincapsdata/empty.xml +++ b/tests/domaincapsdata/empty.xml @@ -13,5 +13,6 @@ + diff --git a/tests/domaincapsdata/libxl-xenfv.xml b/tests/domaincapsdata/li= bxl-xenfv.xml index cc5b3847e2..c71d759517 100644 --- a/tests/domaincapsdata/libxl-xenfv.xml +++ b/tests/domaincapsdata/libxl-xenfv.xml @@ -76,5 +76,6 @@ + diff --git a/tests/domaincapsdata/libxl-xenpv.xml b/tests/domaincapsdata/li= bxl-xenpv.xml index 325f1e50b3..8ae2370b7e 100644 --- a/tests/domaincapsdata/libxl-xenpv.xml +++ b/tests/domaincapsdata/libxl-xenpv.xml @@ -66,5 +66,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.11.0-q35.x86_64.xml b/tests/domain= capsdata/qemu_2.11.0-q35.x86_64.xml index ea9737d9ce..665e2b6401 100644 --- a/tests/domaincapsdata/qemu_2.11.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_2.11.0-q35.x86_64.xml @@ -187,5 +187,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.11.0-tcg.x86_64.xml b/tests/domain= capsdata/qemu_2.11.0-tcg.x86_64.xml index cccc6830f9..de19ae76e0 100644 --- a/tests/domaincapsdata/qemu_2.11.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_2.11.0-tcg.x86_64.xml @@ -200,5 +200,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.11.0.s390x.xml b/tests/domaincapsd= ata/qemu_2.11.0.s390x.xml index 804bf8020e..5249aca8c1 100644 --- a/tests/domaincapsdata/qemu_2.11.0.s390x.xml +++ b/tests/domaincapsdata/qemu_2.11.0.s390x.xml @@ -215,5 +215,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.11.0.x86_64.xml b/tests/domaincaps= data/qemu_2.11.0.x86_64.xml index 3a8aa2ab71..3186231683 100644 --- a/tests/domaincapsdata/qemu_2.11.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_2.11.0.x86_64.xml @@ -187,5 +187,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml b/tests/domain= capsdata/qemu_2.12.0-q35.x86_64.xml index 0dc5995c09..7aa4ba7d2c 100644 --- a/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml @@ -208,5 +208,6 @@ 59 450 + diff --git a/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml b/tests/domain= capsdata/qemu_2.12.0-tcg.x86_64.xml index 575506d852..a08a9b6a8e 100644 --- a/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml @@ -218,5 +218,6 @@ 59 450 + diff --git a/tests/domaincapsdata/qemu_2.12.0-virt.aarch64.xml b/tests/doma= incapsdata/qemu_2.12.0-virt.aarch64.xml index 2074c89875..e4518988c6 100644 --- a/tests/domaincapsdata/qemu_2.12.0-virt.aarch64.xml +++ b/tests/domaincapsdata/qemu_2.12.0-virt.aarch64.xml @@ -168,5 +168,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.12.0.aarch64.xml b/tests/domaincap= sdata/qemu_2.12.0.aarch64.xml index a93313f980..ff1158d107 100644 --- a/tests/domaincapsdata/qemu_2.12.0.aarch64.xml +++ b/tests/domaincapsdata/qemu_2.12.0.aarch64.xml @@ -162,5 +162,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.12.0.ppc64.xml b/tests/domaincapsd= ata/qemu_2.12.0.ppc64.xml index cb3edcbd56..681b4bc7bd 100644 --- a/tests/domaincapsdata/qemu_2.12.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_2.12.0.ppc64.xml @@ -132,5 +132,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.12.0.s390x.xml b/tests/domaincapsd= ata/qemu_2.12.0.s390x.xml index 5c3d9ce7db..7f7b8a1911 100644 --- a/tests/domaincapsdata/qemu_2.12.0.s390x.xml +++ b/tests/domaincapsdata/qemu_2.12.0.s390x.xml @@ -215,5 +215,6 @@ + diff --git a/tests/domaincapsdata/qemu_2.12.0.x86_64.xml b/tests/domaincaps= data/qemu_2.12.0.x86_64.xml index c8a5558536..32f1816ad6 100644 --- a/tests/domaincapsdata/qemu_2.12.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_2.12.0.x86_64.xml @@ -208,5 +208,6 @@ 59 450 + diff --git a/tests/domaincapsdata/qemu_3.0.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_3.0.0-q35.x86_64.xml index 4f80439eb4..740ff9062d 100644 --- a/tests/domaincapsdata/qemu_3.0.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_3.0.0-q35.x86_64.xml @@ -204,5 +204,6 @@ + diff --git a/tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_3.0.0-tcg.x86_64.xml index 301101095c..09c4c07471 100644 --- a/tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_3.0.0-tcg.x86_64.xml @@ -216,5 +216,6 @@ + diff --git a/tests/domaincapsdata/qemu_3.0.0.ppc64.xml b/tests/domaincapsda= ta/qemu_3.0.0.ppc64.xml index 8605db5cc8..039ee5c99c 100644 --- a/tests/domaincapsdata/qemu_3.0.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_3.0.0.ppc64.xml @@ -134,5 +134,6 @@ + diff --git a/tests/domaincapsdata/qemu_3.0.0.s390x.xml b/tests/domaincapsda= ta/qemu_3.0.0.s390x.xml index f49b6907ff..63a128fab5 100644 --- a/tests/domaincapsdata/qemu_3.0.0.s390x.xml +++ b/tests/domaincapsdata/qemu_3.0.0.s390x.xml @@ -222,5 +222,6 @@ + diff --git a/tests/domaincapsdata/qemu_3.0.0.x86_64.xml b/tests/domaincapsd= ata/qemu_3.0.0.x86_64.xml index 650728566e..a8cd693bbd 100644 --- a/tests/domaincapsdata/qemu_3.0.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_3.0.0.x86_64.xml @@ -204,5 +204,6 @@ + diff --git a/tests/domaincapsdata/qemu_3.1.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_3.1.0-q35.x86_64.xml index c4277c53a1..381cc9a4ec 100644 --- a/tests/domaincapsdata/qemu_3.1.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_3.1.0-q35.x86_64.xml @@ -207,5 +207,6 @@ + diff --git a/tests/domaincapsdata/qemu_3.1.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_3.1.0-tcg.x86_64.xml index 2a65cb0ad9..28868f1c0b 100644 --- a/tests/domaincapsdata/qemu_3.1.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_3.1.0-tcg.x86_64.xml @@ -226,5 +226,6 @@ + diff --git a/tests/domaincapsdata/qemu_3.1.0.ppc64.xml b/tests/domaincapsda= ta/qemu_3.1.0.ppc64.xml index 8035f7230a..3176d7044f 100644 --- a/tests/domaincapsdata/qemu_3.1.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_3.1.0.ppc64.xml @@ -134,5 +134,6 @@ + diff --git a/tests/domaincapsdata/qemu_3.1.0.x86_64.xml b/tests/domaincapsd= ata/qemu_3.1.0.x86_64.xml index 6e3ddda356..db9bb1dd9f 100644 --- a/tests/domaincapsdata/qemu_3.1.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_3.1.0.x86_64.xml @@ -207,5 +207,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.0.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_4.0.0-q35.x86_64.xml index 8f3911b4b3..b99301af1f 100644 --- a/tests/domaincapsdata/qemu_4.0.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.0.0-q35.x86_64.xml @@ -207,5 +207,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.0.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_4.0.0-tcg.x86_64.xml index a4dc7bafc9..da58e85b72 100644 --- a/tests/domaincapsdata/qemu_4.0.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.0.0-tcg.x86_64.xml @@ -226,5 +226,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.0.0-virt.aarch64.xml b/tests/domai= ncapsdata/qemu_4.0.0-virt.aarch64.xml index 7108efe3b4..65aa9403c5 100644 --- a/tests/domaincapsdata/qemu_4.0.0-virt.aarch64.xml +++ b/tests/domaincapsdata/qemu_4.0.0-virt.aarch64.xml @@ -175,5 +175,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.0.0.aarch64.xml b/tests/domaincaps= data/qemu_4.0.0.aarch64.xml index 1e7db635d0..d3e2ac0621 100644 --- a/tests/domaincapsdata/qemu_4.0.0.aarch64.xml +++ b/tests/domaincapsdata/qemu_4.0.0.aarch64.xml @@ -169,5 +169,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.0.0.ppc64.xml b/tests/domaincapsda= ta/qemu_4.0.0.ppc64.xml index f109d36266..076820c5bc 100644 --- a/tests/domaincapsdata/qemu_4.0.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_4.0.0.ppc64.xml @@ -135,5 +135,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.0.0.s390x.xml b/tests/domaincapsda= ta/qemu_4.0.0.s390x.xml index b810ad737a..821d467bd9 100644 --- a/tests/domaincapsdata/qemu_4.0.0.s390x.xml +++ b/tests/domaincapsdata/qemu_4.0.0.s390x.xml @@ -232,5 +232,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.0.0.x86_64.xml b/tests/domaincapsd= ata/qemu_4.0.0.x86_64.xml index 24e732d9c3..3dac8ff1ae 100644 --- a/tests/domaincapsdata/qemu_4.0.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.0.0.x86_64.xml @@ -207,5 +207,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.1.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_4.1.0-q35.x86_64.xml index 3ee7feea48..2f9dc00689 100644 --- a/tests/domaincapsdata/qemu_4.1.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.1.0-q35.x86_64.xml @@ -213,5 +213,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.1.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_4.1.0-tcg.x86_64.xml index b20c02cb68..13540675b6 100644 --- a/tests/domaincapsdata/qemu_4.1.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.1.0-tcg.x86_64.xml @@ -229,5 +229,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.1.0.x86_64.xml b/tests/domaincapsd= ata/qemu_4.1.0.x86_64.xml index 0f1d398e2c..bb7d6b9219 100644 --- a/tests/domaincapsdata/qemu_4.1.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.1.0.x86_64.xml @@ -213,5 +213,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_4.2.0-q35.x86_64.xml index c8a77cdd41..9fef4ccd37 100644 --- a/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.2.0-q35.x86_64.xml @@ -221,5 +221,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_4.2.0-tcg.x86_64.xml index d0ee3f7b7a..76636c0c37 100644 --- a/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.2.0-tcg.x86_64.xml @@ -236,5 +236,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml b/tests/domai= ncapsdata/qemu_4.2.0-virt.aarch64.xml index 05d606967b..1a87fc417b 100644 --- a/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml +++ b/tests/domaincapsdata/qemu_4.2.0-virt.aarch64.xml @@ -177,5 +177,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.2.0.aarch64.xml b/tests/domaincaps= data/qemu_4.2.0.aarch64.xml index f19ad5e6db..943c3605d8 100644 --- a/tests/domaincapsdata/qemu_4.2.0.aarch64.xml +++ b/tests/domaincapsdata/qemu_4.2.0.aarch64.xml @@ -171,5 +171,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.2.0.ppc64.xml b/tests/domaincapsda= ta/qemu_4.2.0.ppc64.xml index 4c3a2c6d98..e0187041db 100644 --- a/tests/domaincapsdata/qemu_4.2.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_4.2.0.ppc64.xml @@ -141,5 +141,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.2.0.s390x.xml b/tests/domaincapsda= ta/qemu_4.2.0.s390x.xml index fb162ea578..8150e5119a 100644 --- a/tests/domaincapsdata/qemu_4.2.0.s390x.xml +++ b/tests/domaincapsdata/qemu_4.2.0.s390x.xml @@ -247,5 +247,6 @@ + diff --git a/tests/domaincapsdata/qemu_4.2.0.x86_64.xml b/tests/domaincapsd= ata/qemu_4.2.0.x86_64.xml index 6578fd04b6..8f3edfce70 100644 --- a/tests/domaincapsdata/qemu_4.2.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_4.2.0.x86_64.xml @@ -221,5 +221,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_5.0.0-q35.x86_64.xml index 8a6797c2f1..4c6ea67c99 100644 --- a/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.0.0-q35.x86_64.xml @@ -223,5 +223,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_5.0.0-tcg.x86_64.xml index d277c96426..e0536347e5 100644 --- a/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.0.0-tcg.x86_64.xml @@ -238,5 +238,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml b/tests/domai= ncapsdata/qemu_5.0.0-virt.aarch64.xml index f8cea230d9..3a70b34001 100644 --- a/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml +++ b/tests/domaincapsdata/qemu_5.0.0-virt.aarch64.xml @@ -186,5 +186,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.0.0.aarch64.xml b/tests/domaincaps= data/qemu_5.0.0.aarch64.xml index ab72b7ffeb..6a8c1027c0 100644 --- a/tests/domaincapsdata/qemu_5.0.0.aarch64.xml +++ b/tests/domaincapsdata/qemu_5.0.0.aarch64.xml @@ -180,5 +180,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.0.0.ppc64.xml b/tests/domaincapsda= ta/qemu_5.0.0.ppc64.xml index d196676b14..ec6c9d097a 100644 --- a/tests/domaincapsdata/qemu_5.0.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_5.0.0.ppc64.xml @@ -147,5 +147,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.0.0.x86_64.xml b/tests/domaincapsd= ata/qemu_5.0.0.x86_64.xml index 51ca1d98e0..74f297c2e7 100644 --- a/tests/domaincapsdata/qemu_5.0.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.0.0.x86_64.xml @@ -223,5 +223,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_5.1.0-q35.x86_64.xml index 3468fb2e72..ceafdd35e7 100644 --- a/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.1.0-q35.x86_64.xml @@ -224,5 +224,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_5.1.0-tcg.x86_64.xml index 4f1ffbb2ba..ae9754a14c 100644 --- a/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.1.0-tcg.x86_64.xml @@ -238,5 +238,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.1.0.sparc.xml b/tests/domaincapsda= ta/qemu_5.1.0.sparc.xml index 5c1c0c4680..ae8474a696 100644 --- a/tests/domaincapsdata/qemu_5.1.0.sparc.xml +++ b/tests/domaincapsdata/qemu_5.1.0.sparc.xml @@ -113,5 +113,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.1.0.x86_64.xml b/tests/domaincapsd= ata/qemu_5.1.0.x86_64.xml index 8ff49c7899..37d053c086 100644 --- a/tests/domaincapsdata/qemu_5.1.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.1.0.x86_64.xml @@ -224,5 +224,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.2.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_5.2.0-q35.x86_64.xml index 2301a475eb..4e68dc46f4 100644 --- a/tests/domaincapsdata/qemu_5.2.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.2.0-q35.x86_64.xml @@ -224,5 +224,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.2.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_5.2.0-tcg.x86_64.xml index 6cff0f815e..a8914a90b2 100644 --- a/tests/domaincapsdata/qemu_5.2.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.2.0-tcg.x86_64.xml @@ -238,5 +238,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.2.0-virt.aarch64.xml b/tests/domai= ncapsdata/qemu_5.2.0-virt.aarch64.xml index a863a6052d..41bb7ecb45 100644 --- a/tests/domaincapsdata/qemu_5.2.0-virt.aarch64.xml +++ b/tests/domaincapsdata/qemu_5.2.0-virt.aarch64.xml @@ -186,5 +186,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.2.0.aarch64.xml b/tests/domaincaps= data/qemu_5.2.0.aarch64.xml index ab72b7ffeb..6a8c1027c0 100644 --- a/tests/domaincapsdata/qemu_5.2.0.aarch64.xml +++ b/tests/domaincapsdata/qemu_5.2.0.aarch64.xml @@ -180,5 +180,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.2.0.ppc64.xml b/tests/domaincapsda= ta/qemu_5.2.0.ppc64.xml index b2c0577be9..fa29ac8c23 100644 --- a/tests/domaincapsdata/qemu_5.2.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_5.2.0.ppc64.xml @@ -147,5 +147,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.2.0.s390x.xml b/tests/domaincapsda= ta/qemu_5.2.0.s390x.xml index 2a2ca8abcf..496c08dd34 100644 --- a/tests/domaincapsdata/qemu_5.2.0.s390x.xml +++ b/tests/domaincapsdata/qemu_5.2.0.s390x.xml @@ -249,5 +249,6 @@ + diff --git a/tests/domaincapsdata/qemu_5.2.0.x86_64.xml b/tests/domaincapsd= ata/qemu_5.2.0.x86_64.xml index 41a54985d7..df653b95e3 100644 --- a/tests/domaincapsdata/qemu_5.2.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_5.2.0.x86_64.xml @@ -224,5 +224,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_6.0.0-q35.x86_64.xml index 4595e70f61..95627a1f9c 100644 --- a/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml @@ -230,5 +230,6 @@ 59 450 + diff --git a/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_6.0.0-tcg.x86_64.xml index 65f4459bcb..4ac6365cad 100644 --- a/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml @@ -244,5 +244,6 @@ 59 450 + diff --git a/tests/domaincapsdata/qemu_6.0.0-virt.aarch64.xml b/tests/domai= ncapsdata/qemu_6.0.0-virt.aarch64.xml index 61eab9de0e..bda348ac18 100644 --- a/tests/domaincapsdata/qemu_6.0.0-virt.aarch64.xml +++ b/tests/domaincapsdata/qemu_6.0.0-virt.aarch64.xml @@ -187,5 +187,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.0.0.aarch64.xml b/tests/domaincaps= data/qemu_6.0.0.aarch64.xml index fa722b5fd3..d1478dedde 100644 --- a/tests/domaincapsdata/qemu_6.0.0.aarch64.xml +++ b/tests/domaincapsdata/qemu_6.0.0.aarch64.xml @@ -181,5 +181,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.0.0.s390x.xml b/tests/domaincapsda= ta/qemu_6.0.0.s390x.xml index 13fa3a637e..ccb6536dfc 100644 --- a/tests/domaincapsdata/qemu_6.0.0.s390x.xml +++ b/tests/domaincapsdata/qemu_6.0.0.s390x.xml @@ -250,5 +250,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.0.0.x86_64.xml b/tests/domaincapsd= ata/qemu_6.0.0.x86_64.xml index a6fa374211..621cf5032c 100644 --- a/tests/domaincapsdata/qemu_6.0.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.0.0.x86_64.xml @@ -230,5 +230,6 @@ 59 450 + diff --git a/tests/domaincapsdata/qemu_6.1.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_6.1.0-q35.x86_64.xml index f4d0fcf673..93194d4f99 100644 --- a/tests/domaincapsdata/qemu_6.1.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.1.0-q35.x86_64.xml @@ -226,5 +226,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.1.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_6.1.0-tcg.x86_64.xml index 40bc875e3c..9828fb4192 100644 --- a/tests/domaincapsdata/qemu_6.1.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.1.0-tcg.x86_64.xml @@ -239,5 +239,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.1.0.x86_64.xml b/tests/domaincapsd= ata/qemu_6.1.0.x86_64.xml index 67fc449f5d..0948e9cf14 100644 --- a/tests/domaincapsdata/qemu_6.1.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.1.0.x86_64.xml @@ -226,5 +226,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.2.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_6.2.0-q35.x86_64.xml index 9d68c0a404..f23ce1180a 100644 --- a/tests/domaincapsdata/qemu_6.2.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.2.0-q35.x86_64.xml @@ -226,5 +226,11 @@ + + no + yes + no + 2 + diff --git a/tests/domaincapsdata/qemu_6.2.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_6.2.0-tcg.x86_64.xml index a439dda190..e9530e76e5 100644 --- a/tests/domaincapsdata/qemu_6.2.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.2.0-tcg.x86_64.xml @@ -240,5 +240,11 @@ + + no + yes + no + 2 + diff --git a/tests/domaincapsdata/qemu_6.2.0-virt.aarch64.xml b/tests/domai= ncapsdata/qemu_6.2.0-virt.aarch64.xml index f6045623f5..7494df031f 100644 --- a/tests/domaincapsdata/qemu_6.2.0-virt.aarch64.xml +++ b/tests/domaincapsdata/qemu_6.2.0-virt.aarch64.xml @@ -189,5 +189,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.2.0.aarch64.xml b/tests/domaincaps= data/qemu_6.2.0.aarch64.xml index 35e18adcd5..2946a36b04 100644 --- a/tests/domaincapsdata/qemu_6.2.0.aarch64.xml +++ b/tests/domaincapsdata/qemu_6.2.0.aarch64.xml @@ -183,5 +183,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.2.0.ppc64.xml b/tests/domaincapsda= ta/qemu_6.2.0.ppc64.xml index b07072778b..fb92d1fc5a 100644 --- a/tests/domaincapsdata/qemu_6.2.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_6.2.0.ppc64.xml @@ -145,5 +145,6 @@ + diff --git a/tests/domaincapsdata/qemu_6.2.0.x86_64.xml b/tests/domaincapsd= ata/qemu_6.2.0.x86_64.xml index 0f89790b60..6d20218543 100644 --- a/tests/domaincapsdata/qemu_6.2.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_6.2.0.x86_64.xml @@ -226,5 +226,11 @@ + + no + yes + no + 2 + diff --git a/tests/domaincapsdata/qemu_7.0.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_7.0.0-q35.x86_64.xml index 4e6ff06125..5eff1a0ff9 100644 --- a/tests/domaincapsdata/qemu_7.0.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_7.0.0-q35.x86_64.xml @@ -228,5 +228,15 @@ + + no + yes + no + 2 + +
+
+ + diff --git a/tests/domaincapsdata/qemu_7.0.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_7.0.0-tcg.x86_64.xml index ed80a7892f..bd3fe5cf25 100644 --- a/tests/domaincapsdata/qemu_7.0.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_7.0.0-tcg.x86_64.xml @@ -242,5 +242,15 @@ + + no + yes + no + 2 + +
+
+ + diff --git a/tests/domaincapsdata/qemu_7.0.0-virt.aarch64.xml b/tests/domai= ncapsdata/qemu_7.0.0-virt.aarch64.xml index 7a8cb9f113..514f673e4c 100644 --- a/tests/domaincapsdata/qemu_7.0.0-virt.aarch64.xml +++ b/tests/domaincapsdata/qemu_7.0.0-virt.aarch64.xml @@ -189,5 +189,6 @@ + diff --git a/tests/domaincapsdata/qemu_7.0.0.aarch64.xml b/tests/domaincaps= data/qemu_7.0.0.aarch64.xml index d48c87dc3a..797affc12f 100644 --- a/tests/domaincapsdata/qemu_7.0.0.aarch64.xml +++ b/tests/domaincapsdata/qemu_7.0.0.aarch64.xml @@ -183,5 +183,6 @@ + diff --git a/tests/domaincapsdata/qemu_7.0.0.ppc64.xml b/tests/domaincapsda= ta/qemu_7.0.0.ppc64.xml index ec171bcdd9..73816bcd85 100644 --- a/tests/domaincapsdata/qemu_7.0.0.ppc64.xml +++ b/tests/domaincapsdata/qemu_7.0.0.ppc64.xml @@ -147,5 +147,6 @@ + diff --git a/tests/domaincapsdata/qemu_7.0.0.x86_64.xml b/tests/domaincapsd= ata/qemu_7.0.0.x86_64.xml index a20395c6d4..2a77af73eb 100644 --- a/tests/domaincapsdata/qemu_7.0.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_7.0.0.x86_64.xml @@ -228,5 +228,15 @@ + + no + yes + no + 2 + +
+
+ + diff --git a/tests/domaincapsdata/qemu_7.1.0-q35.x86_64.xml b/tests/domainc= apsdata/qemu_7.1.0-q35.x86_64.xml index 4e96c5104a..6de62c1707 100644 --- a/tests/domaincapsdata/qemu_7.1.0-q35.x86_64.xml +++ b/tests/domaincapsdata/qemu_7.1.0-q35.x86_64.xml @@ -227,5 +227,15 @@ + + no + yes + no + 2 + +
+
+ + diff --git a/tests/domaincapsdata/qemu_7.1.0-tcg.x86_64.xml b/tests/domainc= apsdata/qemu_7.1.0-tcg.x86_64.xml index 46542c8b5b..5f3017d6b5 100644 --- a/tests/domaincapsdata/qemu_7.1.0-tcg.x86_64.xml +++ b/tests/domaincapsdata/qemu_7.1.0-tcg.x86_64.xml @@ -240,5 +240,15 @@ + + no + yes + no + 2 + +
+
+ + diff --git a/tests/domaincapsdata/qemu_7.1.0.x86_64.xml b/tests/domaincapsd= ata/qemu_7.1.0.x86_64.xml index 02b43e318f..3a982d4659 100644 --- a/tests/domaincapsdata/qemu_7.1.0.x86_64.xml +++ b/tests/domaincapsdata/qemu_7.1.0.x86_64.xml @@ -227,5 +227,15 @@ + + no + yes + no + 2 + +
+
+ + --=20 2.25.1 From nobody Wed May 15 12:23:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1656702963; cv=none; d=zohomail.com; s=zohoarc; b=kyxp3ZT5Fa1p/lZMG6cztNTiZP7EO731AxKpp7mFkl8/yhKox19nHD5pVPh1CFT92ogQdacnJKCHqRIgBPn5O1NEibpWs/CTyyaQfIKCnbp/x1jhhTJfrUq1kuICZ1hfCBeKdSBDPSgf7+5RuRXmIvzzu/GI2SDnW/pp9uvYC7U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1656702963; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=iBLXUEB00rutVWlsh3qGEvgjxf5yv9ne7mAPvqAqG8o=; b=fVm0OYq3MKCq21ZLoSX/pButFonHs7hKg2UYoGzBw7N1Jqch8cDb6WFCl0TywuqYX9v0+C6VsOEGRBt+BA1wTIEtH9sddVosaNajr2kF1MMWX2W9dH3WrJskpn3fVBZ5ZI48rPqMKnq2UgL+V87aBf4FXm3KGEUIzA7kaXgQ8TI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1656702963308676.3226993889331; Fri, 1 Jul 2022 12:16:03 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-643-n7NprOUMPQ6U4Df6JuzbnA-1; Fri, 01 Jul 2022 15:15:50 -0400 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AD7003801FE6; Fri, 1 Jul 2022 19:15:47 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 929D2492CA3; Fri, 1 Jul 2022 19:15:47 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 553C71947B93; Fri, 1 Jul 2022 19:15:47 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D3D891947058 for ; Fri, 1 Jul 2022 19:15:46 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id A5923492CA4; Fri, 1 Jul 2022 19:15:46 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast08.extmail.prod.ext.rdu2.redhat.com [10.11.55.24]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A1C4A492CA3 for ; Fri, 1 Jul 2022 19:15:46 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 336663802124 for ; Fri, 1 Jul 2022 19:15:46 +0000 (UTC) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-315--Y_FuaYAMnWyayTbs86DBQ-4; Fri, 01 Jul 2022 15:15:42 -0400 Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2022 12:15:41 -0700 Received: from sdp540.jf.intel.com ([10.165.9.5]) by orsmga003.jf.intel.com with ESMTP; 01 Jul 2022 12:15:41 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656702962; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=iBLXUEB00rutVWlsh3qGEvgjxf5yv9ne7mAPvqAqG8o=; b=IUpBDRahP8be+nCziCD16ztqKo44/OmN0sylO6I3piPRkHc6oQZBlLdLK3zAo+LT+KBnlP Tl0umclhQbXDi+ie8jx8FCnva7i9eTyCNIoCoXoLshqG540exGcsW5g1lSeGEbKIz94jyx 07c5beITmrjYkAmzmOv4VDQ2fiTzkNA= X-MC-Unique: n7NprOUMPQ6U4Df6JuzbnA-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: -Y_FuaYAMnWyayTbs86DBQ-4 X-IronPort-AV: E=McAfee;i="6400,9594,10395"; a="281488262" X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="281488262" X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,238,1650956400"; d="scan'208";a="541833115" From: Lin Yang To: libvir-list@redhat.com, haibin.huang@intel.com, jian-feng.ding@intel.com, lin.a.yang@intel.com Subject: [libvirt][PATCH v13 5/6] conf: Introduce SGX EPC element into device memory xml Date: Fri, 1 Jul 2022 12:14:45 -0700 Message-Id: <20220701191446.727066-6-lin.a.yang@intel.com> In-Reply-To: <20220701191446.727066-1-lin.a.yang@intel.com> References: <20220701191446.727066-1-lin.a.yang@intel.com> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Michal Privoznik Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1656702964276100001 Content-Type: text/plain; charset="utf-8"; x-default="true" With NUMA config: ... 0-1 512 0 ... Without NUMA config: ... 512 ... Signed-off-by: Lin Yang Signed-off-by: Michal Privoznik --- docs/formatdomain.rst | 27 +++++++- src/conf/domain_conf.c | 27 ++++++++ src/conf/domain_conf.h | 1 + src/conf/domain_validate.c | 9 +++ src/conf/schemas/domaincommon.rng | 1 + src/qemu/qemu_alias.c | 3 + src/qemu/qemu_command.c | 1 + src/qemu/qemu_domain.c | 48 ++++++++++---- src/qemu/qemu_domain_address.c | 6 ++ src/qemu/qemu_driver.c | 1 + src/qemu/qemu_process.c | 2 + src/qemu/qemu_validate.c | 8 +++ src/security/security_apparmor.c | 1 + src/security/security_dac.c | 2 + src/security/security_selinux.c | 2 + tests/qemuxml2argvdata/sgx-epc-numa.xml | 50 +++++++++++++++ tests/qemuxml2argvdata/sgx-epc.xml | 36 +++++++++++ .../sgx-epc-numa.x86_64-latest.xml | 64 +++++++++++++++++++ .../sgx-epc.x86_64-6.2.0.xml | 52 +++++++++++++++ tests/qemuxml2xmltest.c | 3 + 20 files changed, 329 insertions(+), 15 deletions(-) create mode 100644 tests/qemuxml2argvdata/sgx-epc-numa.xml create mode 100644 tests/qemuxml2argvdata/sgx-epc.xml create mode 100644 tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml create mode 100644 tests/qemuxml2xmloutdata/sgx-epc.x86_64-6.2.0.xml diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 62a94890f0..b95c930d73 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -7910,6 +7910,20 @@ Example: usage of the memory devices 524288 + + + 0-1 + + + 16384 + 0 + + + + + 16384 + + ... =20 @@ -7918,7 +7932,9 @@ Example: usage of the memory devices 1.2.14` Provide ``nvdimm`` model that adds a Non-Volatile DIMM module. :since:`Since 3.2.0` Provide ``virtio-pmem`` model to add a paravirtual= ized persistent memory device. :since:`Since 7.1.0` Provide ``virtio-mem`` m= odel - to add paravirtualized memory device. :since:`Since 7.9.0` + to add paravirtualized memory device. :since:`Since 7.9.0` Provide + ``sgx-epc`` model to add a SGX enclave page cache (EPC) memory to the g= uest. + :since:`Since 8.6.0 and QEMU 6.2.0` =20 ``access`` An optional attribute ``access`` ( :since:`since 3.2.0` ) that provides @@ -7978,6 +7994,13 @@ Example: usage of the memory devices Represents a path in the host that backs the virtio memory module in = the guest. It is mandatory. =20 + For model ``sgx-epc`` this element is optional. The following optional + elements may be used: + + ``nodemask`` + This element can be used to override the default set of NUMA nodes w= here + the memory would be allocated. :since:`Since 8.6.0 and QEMU 7.0.0` + ``target`` The mandatory ``target`` element configures the placement and sizing of= the added memory from the perspective of the guest. @@ -7988,6 +8011,8 @@ Example: usage of the memory devices =20 The ``node`` subelement configures the guest NUMA node to attach the me= mory to. The element shall be used only if the guest has NUMA nodes configur= ed. + For model ``sgx-epc`` this element is optional. It will be set to 0 as + default. :since:`Since 8.6.0 and QEMU 7.0.0` =20 The following optional elements may be used: =20 diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 709ca53790..f8b67eb375 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1431,6 +1431,7 @@ VIR_ENUM_IMPL(virDomainMemoryModel, "nvdimm", "virtio-pmem", "virtio-mem", + "sgx-epc", ); =20 VIR_ENUM_IMPL(virDomainShmemModel, @@ -5680,6 +5681,7 @@ virDomainMemoryDefPostParse(virDomainMemoryDef *mem, =20 case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: case VIR_DOMAIN_MEMORY_MODEL_DIMM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; @@ -14697,6 +14699,20 @@ virDomainMemorySourceDefParseXML(xmlNodePtr node, def->nvdimmPath =3D virXPathString("string(./path)", ctxt); break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: + if ((nodemask =3D virXPathString("string(./nodemask)", ctxt))) { + if (virBitmapParse(nodemask, &def->sourceNodes, + VIR_DOMAIN_CPUMASK_LEN) < 0) + return -1; + + if (virBitmapIsAllClear(def->sourceNodes)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Invalid value of 'nodemask': %s"), nodem= ask); + return -1; + } + } + break; + case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; @@ -14765,6 +14781,7 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node, case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; } @@ -16561,6 +16578,7 @@ virDomainMemoryFindByDefInternal(virDomainDef *def, continue; break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; @@ -26153,6 +26171,15 @@ virDomainMemorySourceDefFormat(virBuffer *buf, virBufferEscapeString(&childBuf, "%s\n", def->nvdimmP= ath); break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: + if (def->sourceNodes) { + if (!(bitmap =3D virBitmapFormat(def->sourceNodes))) + return -1; + + virBufferAsprintf(&childBuf, "%s\n", bitm= ap); + } + break; + case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 4c8c42b7eb..a15798463c 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2559,6 +2559,7 @@ typedef enum { VIR_DOMAIN_MEMORY_MODEL_NVDIMM, /* nvdimm memory device */ VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM, /* virtio-pmem memory device */ VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM, /* virtio-mem memory device */ + VIR_DOMAIN_MEMORY_MODEL_SGX_EPC, /* SGX enclave page cache */ =20 VIR_DOMAIN_MEMORY_MODEL_LAST } virDomainMemoryModel; diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 28b0481d4e..c8f03cb844 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -2231,6 +2231,15 @@ virDomainMemoryDefValidate(const virDomainMemoryDef = *mem, case VIR_DOMAIN_MEMORY_MODEL_DIMM: break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: + if (mem->info.type !=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("memory device address is not supported for m= odel '%s'"), + virDomainMemoryModelTypeToString(mem->model)); + return -1; + } + break; + case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: default: diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom= mon.rng index da2fb0d5cb..c6377b2e90 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -6833,6 +6833,7 @@ nvdimm virtio-pmem virtio-mem + sgx-epc diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c index 7efd91051e..5ebeb82f92 100644 --- a/src/qemu/qemu_alias.c +++ b/src/qemu/qemu_alias.c @@ -515,6 +515,9 @@ qemuAssignDeviceMemoryAlias(virDomainDef *def, case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: prefix =3D "virtiomem"; break; + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: + prefix =3D "epc"; + break; case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: default: diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index b307d3139c..7ca183ded7 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4010,6 +4010,7 @@ qemuBuildMemoryDeviceProps(virQEMUDriverConfig *cfg, return NULL; break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: default: diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 60ed358871..fc64a5ca9c 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -8448,6 +8448,7 @@ qemuDomainUpdateMemoryDeviceInfo(virQEMUDriver *drive= r, break; =20 case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; @@ -9129,6 +9130,12 @@ qemuDomainDefValidateMemoryHotplugDevice(const virDo= mainMemoryDef *mem, } break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("hotplug is not supported for the %s device"), + virDomainMemoryModelTypeToString(mem->model)); + return -1; + case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: return -1; @@ -9164,7 +9171,7 @@ int qemuDomainDefValidateMemoryHotplug(const virDomainDef *def, const virDomainMemoryDef *mem) { - unsigned int nmems =3D def->nmems; + unsigned int hotplugNum =3D 0; unsigned long long hotplugSpace; unsigned long long hotplugMemory =3D 0; size_t i; @@ -9172,15 +9179,37 @@ qemuDomainDefValidateMemoryHotplug(const virDomainD= ef *def, hotplugSpace =3D def->mem.max_memory - virDomainDefGetMemoryInitial(de= f); =20 if (mem) { - nmems++; + hotplugNum++; hotplugMemory =3D mem->size; =20 if (qemuDomainDefValidateMemoryHotplugDevice(mem, def) < 0) return -1; } =20 + for (i =3D 0; i < def->nmems; i++) { + switch (def->mems[i]->model) { + case VIR_DOMAIN_MEMORY_MODEL_DIMM: + case VIR_DOMAIN_MEMORY_MODEL_NVDIMM: + case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM: + case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: + hotplugMemory +=3D def->mems[i]->size; + hotplugNum++; + /* already existing devices don't need to be checked on hotplu= g */ + if (!mem && + qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def= ) < 0) + return -1; + break; + + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: + /* sgx epc memory does not support hotplug */ + case VIR_DOMAIN_MEMORY_MODEL_LAST: + case VIR_DOMAIN_MEMORY_MODEL_NONE: + break; + } + } + if (!virDomainDefHasMemoryHotplug(def)) { - if (nmems) { + if (hotplugNum) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("cannot use/hotplug a memory device when doma= in " "'maxMemory' is not defined")); @@ -9203,22 +9232,13 @@ qemuDomainDefValidateMemoryHotplug(const virDomainD= ef *def, } } =20 - if (nmems > def->mem.memory_slots) { + if (hotplugNum > def->mem.memory_slots) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("memory device count '%u' exceeds slots count '%u= '"), - nmems, def->mem.memory_slots); + hotplugNum, def->mem.memory_slots); return -1; } =20 - for (i =3D 0; i < def->nmems; i++) { - hotplugMemory +=3D def->mems[i]->size; - - /* already existing devices don't need to be checked on hotplug */ - if (!mem && - qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def) < = 0) - return -1; - } - if (hotplugMemory > hotplugSpace) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("memory device total size exceeds hotplug space")= ); diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c index 753733d1b9..a111ae4d0c 100644 --- a/src/qemu/qemu_domain_address.c +++ b/src/qemu/qemu_domain_address.c @@ -389,6 +389,7 @@ qemuDomainPrimeVirtioDeviceAddresses(virDomainDef *def, case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_NVDIMM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; } @@ -1039,6 +1040,7 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDev= iceDef *dev, case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_NVDIMM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: return 0; } @@ -2421,6 +2423,7 @@ qemuDomainAssignDevicePCISlots(virDomainDef *def, case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_NVDIMM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; } @@ -3081,6 +3084,7 @@ qemuDomainAssignMemoryDeviceSlot(virDomainObj *vm, return qemuDomainEnsurePCIAddress(vm, &dev); break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; @@ -3107,6 +3111,7 @@ qemuDomainReleaseMemoryDeviceSlot(virDomainObj *vm, qemuDomainReleaseDeviceAddress(vm, &mem->info); break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; @@ -3140,6 +3145,7 @@ qemuDomainAssignMemorySlots(virDomainDef *def) case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: /* handled in qemuDomainAssignPCIAddresses() */ break; + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 3b5c3db67c..79a6c420c0 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -7156,6 +7156,7 @@ qemuDomainChangeMemoryLiveValidateChange(const virDom= ainMemoryDef *oldDef, case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_NVDIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("cannot modify memory of model '%s'"), diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 771a623ef7..b907387f21 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -3935,6 +3935,7 @@ qemuProcessDomainMemoryDefNeedHugepagesPath(const vir= DomainMemoryDef *mem, case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_NVDIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: /* None of these can be backed by hugepages. */ return false; @@ -4009,6 +4010,7 @@ qemuProcessNeedMemoryBackingPath(virDomainDef *def, case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_NVDIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: /* Backed by user provided path. Not stored in memory * backing dir anyway. */ diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index 39210ba65b..fbbfedd095 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -5173,6 +5173,14 @@ qemuValidateDomainDeviceDefMemory(virDomainMemoryDef= *mem, } break; =20 + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("sgx epc isn't supported by this QEMU binary"= )); + return -1; + } + break; + case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index 008384dee8..36e8ce42b5 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -687,6 +687,7 @@ AppArmorSetMemoryLabel(virSecurityManager *mgr, case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; } diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 21cebae694..d94995c9cf 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1853,6 +1853,7 @@ virSecurityDACRestoreMemoryLabel(virSecurityManager *= mgr, =20 case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: case VIR_DOMAIN_MEMORY_MODEL_NONE: ret =3D 0; @@ -2040,6 +2041,7 @@ virSecurityDACSetMemoryLabel(virSecurityManager *mgr, =20 case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: case VIR_DOMAIN_MEMORY_MODEL_NONE: ret =3D 0; diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index e2f34a27dc..6657663483 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -1580,6 +1580,7 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManager *= mgr, case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_LAST: break; } @@ -1608,6 +1609,7 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityManag= er *mgr, =20 case VIR_DOMAIN_MEMORY_MODEL_DIMM: case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM: + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC: case VIR_DOMAIN_MEMORY_MODEL_NONE: case VIR_DOMAIN_MEMORY_MODEL_LAST: ret =3D 0; diff --git a/tests/qemuxml2argvdata/sgx-epc-numa.xml b/tests/qemuxml2argvda= ta/sgx-epc-numa.xml new file mode 100644 index 0000000000..f28b06dd79 --- /dev/null +++ b/tests/qemuxml2argvdata/sgx-epc-numa.xml @@ -0,0 +1,50 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 2 + + + + + + + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + +
+ + + +