From nobody Fri Apr 26 04:48:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1499253897308119.24615431292625; Wed, 5 Jul 2017 04:24:57 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E3AEF8047F; Wed, 5 Jul 2017 11:24:54 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C24B460470; Wed, 5 Jul 2017 11:24:54 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 811D81841C42; Wed, 5 Jul 2017 11:24:54 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v65BOrtC003553 for ; Wed, 5 Jul 2017 07:24:53 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5F23477C97; Wed, 5 Jul 2017 11:24:53 +0000 (UTC) Received: from mx1.redhat.com (ext-mx03.extmail.prod.ext.phx2.redhat.com [10.5.110.27]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5368A77CA7; Wed, 5 Jul 2017 11:24:49 +0000 (UTC) Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) (using TLSv1 with cipher RC4-SHA (112/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 70FA180F95; Wed, 5 Jul 2017 11:24:45 +0000 (UTC) Received: from 172.30.72.54 (EHLO dggeml406-hub.china.huawei.com) ([172.30.72.54]) by dggrg01-dlp.huawei.com (MOS 4.4.6-GA FastPath queued) with ESMTP id ARN05048; Wed, 05 Jul 2017 19:17:50 +0800 (CST) Received: from localhost (10.177.246.209) by dggeml406-hub.china.huawei.com (10.3.17.50) with Microsoft SMTP Server id 14.3.301.0; Wed, 5 Jul 2017 19:17:44 +0800 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com E3AEF8047F Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com E3AEF8047F DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 70FA180F95 Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=longpeng2@huawei.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 70FA180F95 From: "Longpeng(Mike)" To: , Date: Wed, 5 Jul 2017 19:17:12 +0800 Message-ID: <1499253435-94068-2-git-send-email-longpeng2@huawei.com> In-Reply-To: <1499253435-94068-1-git-send-email-longpeng2@huawei.com> References: <1499253435-94068-1-git-send-email-longpeng2@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.177.246.209] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090203.595CCADF.0146, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2014-11-16 11:51:01, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 850c0d9bf083f09de767fcaa46a50335 X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 05 Jul 2017 11:24:46 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 05 Jul 2017 11:24:46 +0000 (UTC) for IP:'45.249.212.187' DOMAIN:'szxga01-in.huawei.com' HELO:'szxga01-in.huawei.com' FROM:'longpeng2@huawei.com' RCPT:'' X-RedHat-Spam-Score: 0.398 (BAYES_50, DCC_REPUT_00_12, RP_MATCHES_RCVD, SPF_PASS) 45.249.212.187 szxga01-in.huawei.com 45.249.212.187 szxga01-in.huawei.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.27 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Cc: weidong.huang@huawei.com, libvir-list@redhat.com, wangxinxin.wang@huawei.com, arei.gonglei@huawei.com, longpeng.mike@gmail.com, "Longpeng\(Mike\)" Subject: [libvirt] [PATCH v3 1/4] docs: schema: Add basic documentation for the virtual X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 05 Jul 2017 11:24:55 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This patch documents XML elements used for support of virtual crypto devices. In the devices section in the domain XML users may specify: to enable the crypto device for guests. Signed-off-by: Longpeng(Mike) --- docs/formatdomain.html.in | 61 +++++++++++++++++++++++++++++++++++++++= ++++ docs/schemas/domaincommon.rng | 30 +++++++++++++++++++++ 2 files changed, 91 insertions(+) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 36bea67..7c27ae7 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -7547,6 +7547,67 @@ qemu-kvm -net nic,model=3D? /dev/null =20 +

Crypto device

+ +

+ The virtual crypto device is a virtual crypto accelerator + card(provides crypto services, such as CIPHER, HMAC, HASH, + and AEAD) for virtual machines and it can be added to the + guest via the crypto element. + Since 3.6.0, QEMU and KVM only +

+ +

+ Example: usage of the crypto device: +

+
+  ...
+  <devices>
+    <crypto model=3D'virtio'>
+      <backend type=3D'builtin' queues=3D'1'/>
+    </crypto>
+  </devices>
+  ...
+
+
+
model
+
+

+ The required model attribute specifies what + type of crypto device is provide. + Currently only 'virtio' is supported and it needs virtio-crypto + guest driver. +

+
+
backend
+
+

+ The backend element specifies the type and + number of queues of the crypto device to be used for the + domain. +

+
+
type
+
+

+ The required type element specifies the + type of the crypto device. + Currently only supports 'builtin' which uses QEMU's + crypto APIs to complete the crypto operations. +

+
+
queues
+
+

+ The optional queues element specifies the + number of queues of the crypto device, the default number + of queues is 1. +

+
+
+
+
+

Security label

=20

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index bdf7103..6e3b0fd 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -4506,6 +4506,7 @@ + @@ -5052,6 +5053,35 @@ =20 + + + + + virtio + + + + + + + + + + + + + + builtin + + + + + + + + + + --=20 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 26 04:48:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1499253937940957.024949989698; Wed, 5 Jul 2017 04:25:37 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6B19F81226; Wed, 5 Jul 2017 11:25:36 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 384F46E918; Wed, 5 Jul 2017 11:25:36 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8B49D1803B26; Wed, 5 Jul 2017 11:25:35 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v65BPYHU003628 for ; Wed, 5 Jul 2017 07:25:34 -0400 Received: by smtp.corp.redhat.com (Postfix) id 90E2E6E918; Wed, 5 Jul 2017 11:25:34 +0000 (UTC) Received: from mx1.redhat.com (ext-mx06.extmail.prod.ext.phx2.redhat.com [10.5.110.30]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8719177C97; Wed, 5 Jul 2017 11:25:31 +0000 (UTC) Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) by mx1.redhat.com (Postfix) with ESMTP id 8CFFD267C2; Wed, 5 Jul 2017 11:25:28 +0000 (UTC) Received: from 172.30.72.53 (EHLO dggeml406-hub.china.huawei.com) ([172.30.72.53]) by dggrg02-dlp.huawei.com (MOS 4.4.6-GA FastPath queued) with ESMTP id AQO02202; Wed, 05 Jul 2017 19:17:56 +0800 (CST) Received: from localhost (10.177.246.209) by dggeml406-hub.china.huawei.com (10.3.17.50) with Microsoft SMTP Server id 14.3.301.0; Wed, 5 Jul 2017 19:17:44 +0800 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 6B19F81226 Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 6B19F81226 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 8CFFD267C2 Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: ext-mx06.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=longpeng2@huawei.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 8CFFD267C2 From: "Longpeng(Mike)" To: , Date: Wed, 5 Jul 2017 19:17:13 +0800 Message-ID: <1499253435-94068-3-git-send-email-longpeng2@huawei.com> In-Reply-To: <1499253435-94068-1-git-send-email-longpeng2@huawei.com> References: <1499253435-94068-1-git-send-email-longpeng2@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.177.246.209] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090204.595CCAE4.0162, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2014-11-16 11:51:01, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 3e005ca75ad90fd2bbe95b8bfbaed9e4 X-Greylist: Delayed for 00:07:33 by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Wed, 05 Jul 2017 11:25:29 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Wed, 05 Jul 2017 11:25:29 +0000 (UTC) for IP:'45.249.212.188' DOMAIN:'szxga02-in.huawei.com' HELO:'szxga02-in.huawei.com' FROM:'longpeng2@huawei.com' RCPT:'' X-RedHat-Spam-Score: 0.398 (BAYES_50, DCC_REPUT_00_12, RP_MATCHES_RCVD, SPF_PASS) 45.249.212.188 szxga02-in.huawei.com 45.249.212.188 szxga02-in.huawei.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.30 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Cc: weidong.huang@huawei.com, libvir-list@redhat.com, wangxinxin.wang@huawei.com, arei.gonglei@huawei.com, longpeng.mike@gmail.com, "Longpeng\(Mike\)" Subject: [libvirt] [PATCH v3 2/4] conf: Parse virtio-crypto in the domain XML X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Wed, 05 Jul 2017 11:25:37 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This patch parse the domain XML with virtio-crypto support, the virtio-crypto XML looks like this: Signed-off-by: Longpeng(Mike) --- src/conf/domain_conf.c | 213 +++++++++++++++++++++++++++++++++++++= +++- src/conf/domain_conf.h | 32 +++++++ src/libvirt_private.syms | 4 + src/qemu/qemu_domain_address.c | 1 + src/qemu/qemu_driver.c | 6 ++ src/qemu/qemu_hotplug.c | 1 + 6 files changed, 256 insertions(+), 1 deletion(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index c3149f9..ea353ea 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -253,7 +253,8 @@ VIR_ENUM_IMPL(virDomainDevice, VIR_DOMAIN_DEVICE_LAST, "tpm", "panic", "memory", - "iommu") + "iommu", + "crypto") =20 VIR_ENUM_IMPL(virDomainDeviceAddress, VIR_DOMAIN_DEVICE_ADDRESS_TYPE_LAST, "none", @@ -830,6 +831,14 @@ VIR_ENUM_IMPL(virDomainRNGBackend, "random", "egd"); =20 +VIR_ENUM_IMPL(virDomainCryptoModel, + VIR_DOMAIN_CRYPTO_MODEL_LAST, + "virtio"); + +VIR_ENUM_IMPL(virDomainCryptoBackend, + VIR_DOMAIN_CRYPTO_BACKEND_LAST, + "builtin"); + VIR_ENUM_IMPL(virDomainTPMModel, VIR_DOMAIN_TPM_MODEL_LAST, "tpm-tis") =20 @@ -2617,6 +2626,9 @@ void virDomainDeviceDefFree(virDomainDeviceDefPtr def) case VIR_DOMAIN_DEVICE_IOMMU: VIR_FREE(def->data.iommu); break; + case VIR_DOMAIN_DEVICE_CRYPTO: + virDomainCryptoDefFree(def->data.crypto); + break; case VIR_DOMAIN_DEVICE_LAST: case VIR_DOMAIN_DEVICE_NONE: break; @@ -2866,6 +2878,10 @@ void virDomainDefFree(virDomainDefPtr def) =20 VIR_FREE(def->iommu); =20 + for (i =3D 0; i < def->ncryptos; i++) + virDomainCryptoDefFree(def->cryptos[i]); + VIR_FREE(def->cryptos); + VIR_FREE(def->idmap.uidmap); VIR_FREE(def->idmap.gidmap); =20 @@ -3453,6 +3469,8 @@ virDomainDeviceGetInfo(virDomainDeviceDefPtr device) return &device->data.panic->info; case VIR_DOMAIN_DEVICE_MEMORY: return &device->data.memory->info; + case VIR_DOMAIN_DEVICE_CRYPTO: + return &device->data.crypto->info; =20 /* The following devices do not contain virDomainDeviceInfo */ case VIR_DOMAIN_DEVICE_LEASE: @@ -3768,6 +3786,13 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr d= ef, return -1; } =20 + device.type =3D VIR_DOMAIN_DEVICE_CRYPTO; + for (i =3D 0; i < def->ncryptos; i++) { + device.data.crypto =3D def->cryptos[i]; + if (cb(def, &device, &def->cryptos[i]->info, opaque) < 0) + return -1; + } + /* Coverity is not very happy with this - all dead_error_condition */ #if !STATIC_ANALYSIS /* This switch statement is here to trigger compiler warning when addi= ng @@ -3802,6 +3827,7 @@ virDomainDeviceInfoIterateInternal(virDomainDefPtr de= f, case VIR_DOMAIN_DEVICE_RNG: case VIR_DOMAIN_DEVICE_MEMORY: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: break; } #endif @@ -5095,6 +5121,7 @@ virDomainDeviceDefValidateInternal(const virDomainDev= iceDef *dev, case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_MEMORY: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_NONE: case VIR_DOMAIN_DEVICE_LAST: break; @@ -13048,6 +13075,88 @@ virDomainRNGDefParseXML(virDomainXMLOptionPtr xmlo= pt, } =20 =20 +static virDomainCryptoDefPtr +virDomainCryptoDefParseXML(xmlNodePtr node, + xmlXPathContextPtr ctxt, + unsigned int flags) +{ + char *model =3D NULL; + char *backend =3D NULL; + char *queues =3D NULL; + virDomainCryptoDefPtr def; + xmlNodePtr save =3D ctxt->node; + xmlNodePtr *backends =3D NULL; + int nbackends; + + if (VIR_ALLOC(def) < 0) + return NULL; + + if (!(model =3D virXMLPropString(node, "model"))) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("missing Crypto device model")); + goto error; + } + + if ((def->model =3D virDomainCryptoModelTypeFromString(model)) < 0) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("unknown Crypto model '%s'"), model); + goto error; + } + + ctxt->node =3D node; + + if ((nbackends =3D virXPathNodeSet("./backend", ctxt, &backends)) < 0) + goto error; + + if (nbackends !=3D 1) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("only one Crypto backend is supported")); + goto error; + } + + if (!(backend =3D virXMLPropString(backends[0], "type"))) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("missing Crypto device backend type")); + goto error; + } + + if ((def->backend =3D virDomainCryptoBackendTypeFromString(backend)) <= 0) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("unknown Crypto backend model '%s'"), backend); + goto error; + } + + switch ((virDomainCryptoBackend) def->backend) { + case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN: + queues =3D virXMLPropString(backends[0], "queues"); + if (queues && virStrToLong_ui(queues, NULL, 10, &def->queues) < 0)= { + virReportError(VIR_ERR_XML_ERROR, + _("Malformed 'queues' value '%s'"), queues); + } + break; + + case VIR_DOMAIN_CRYPTO_BACKEND_LAST: + break; + } + + if (virDomainDeviceInfoParseXML(node, NULL, &def->info, flags) < 0) + goto error; + + cleanup: + VIR_FREE(model); + VIR_FREE(backend); + VIR_FREE(queues); + VIR_FREE(backends); + ctxt->node =3D save; + return def; + + error: + virDomainCryptoDefFree(def); + def =3D NULL; + goto cleanup; +} + + static virDomainMemballoonDefPtr virDomainMemballoonDefParseXML(xmlNodePtr node, xmlXPathContextPtr ctxt, @@ -14643,6 +14752,10 @@ virDomainDeviceDefParse(const char *xmlStr, if (!(dev->data.iommu =3D virDomainIOMMUDefParseXML(node, ctxt))) goto error; break; + case VIR_DOMAIN_DEVICE_CRYPTO: + if (!(dev->data.crypto =3D virDomainCryptoDefParseXML(node, ctxt, = flags))) + goto error; + break; case VIR_DOMAIN_DEVICE_NONE: case VIR_DOMAIN_DEVICE_LAST: break; @@ -17709,6 +17822,22 @@ virDomainDefParseXML(xmlDocPtr xml, } VIR_FREE(nodes); =20 + /* Parse the crypto devices */ + if ((n =3D virXPathNodeSet("./devices/crypto", ctxt, &nodes)) < 0) + goto error; + if (n && VIR_ALLOC_N(def->cryptos, n) < 0) + goto error; + for (i =3D 0; i < n; i++) { + virDomainCryptoDefPtr crypto =3D virDomainCryptoDefParseXML(nodes[= i], + ctxt, + flags); + if (!crypto) + goto error; + + def->cryptos[def->ncryptos++] =3D crypto; + } + VIR_FREE(nodes); + if (virCPUDefParseXML(ctxt, "./cpu[1]", VIR_CPU_TYPE_GUEST, &def->cpu)= < 0) goto error; =20 @@ -19815,6 +19944,25 @@ virDomainRNGDefCheckABIStability(virDomainRNGDefPt= r src, =20 =20 static bool +virDomainCryptoDefCheckABIStability(virDomainCryptoDefPtr src, + virDomainCryptoDefPtr dst) +{ + if (src->model !=3D dst->model) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Target Crypto model '%s' does not match source '= %s'"), + virDomainCryptoModelTypeToString(dst->model), + virDomainCryptoModelTypeToString(src->model)); + return false; + } + + if (!virDomainDeviceInfoCheckABIStability(&src->info, &dst->info)) + return false; + + return true; +} + + +static bool virDomainHubDefCheckABIStability(virDomainHubDefPtr src, virDomainHubDefPtr dst) { @@ -20718,6 +20866,17 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPtr= src, !xmlopt->abi.domain(src, dst)) goto error; =20 + if (src->ncryptos !=3D dst->ncryptos) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Target domain crypto device count %zu " + "does not match source %zu"), dst->ncryptos, src-= >ncryptos); + goto error; + } + + for (i =3D 0; i < src->ncryptos; i++) + if (!virDomainCryptoDefCheckABIStability(src->cryptos[i], dst->cry= ptos[i])) + goto error; + /* Coverity is not very happy with this - all dead_error_condition */ #if !STATIC_ANALYSIS /* This switch statement is here to trigger compiler warning when addi= ng @@ -20751,6 +20910,7 @@ virDomainDefCheckABIStabilityFlags(virDomainDefPtr = src, case VIR_DOMAIN_DEVICE_SHMEM: case VIR_DOMAIN_DEVICE_MEMORY: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: break; } #endif @@ -23387,6 +23547,49 @@ virDomainRNGDefFree(virDomainRNGDefPtr def) =20 =20 static int +virDomainCryptoDefFormat(virBufferPtr buf, + virDomainCryptoDefPtr def, + unsigned int flags) +{ + const char *model =3D virDomainCryptoModelTypeToString(def->model); + const char *backend =3D virDomainCryptoBackendTypeToString(def->backen= d); + + virBufferAsprintf(buf, "\n", model); + virBufferAdjustIndent(buf, 2); + virBufferAsprintf(buf, "backend) { + case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN: + if (def->queues) + virBufferAsprintf(buf, " queues=3D'%u'", def->queues); + + virBufferAddLit(buf, "/>\n"); + break; + + case VIR_DOMAIN_CRYPTO_BACKEND_LAST: + break; + } + + if (virDomainDeviceInfoFormat(buf, &def->info, flags) < 0) + return -1; + + virBufferAdjustIndent(buf, -2); + virBufferAddLit(buf, "\n"); + return 0; +} + +void +virDomainCryptoDefFree(virDomainCryptoDefPtr def) +{ + if (!def) + return; + + virDomainDeviceInfoClear(&def->info); + VIR_FREE(def); +} + + +static int virDomainMemorySourceDefFormat(virBufferPtr buf, virDomainMemoryDefPtr def) { @@ -25418,6 +25621,11 @@ virDomainDefFormatInternal(virDomainDefPtr def, goto error; } =20 + for (n =3D 0; n < def->ncryptos; n++) { + if (virDomainCryptoDefFormat(buf, def->cryptos[n], flags)) + goto error; + } + if (def->iommu) virDomainIOMMUDefFormat(buf, def->iommu); =20 @@ -26500,6 +26708,9 @@ virDomainDeviceDefCopy(virDomainDeviceDefPtr src, case VIR_DOMAIN_DEVICE_SHMEM: rc =3D virDomainShmemDefFormat(&buf, src->data.shmem, flags); break; + case VIR_DOMAIN_DEVICE_CRYPTO: + rc =3D virDomainCryptoDefFormat(&buf, src->data.crypto, flags); + break; =20 case VIR_DOMAIN_DEVICE_NONE: case VIR_DOMAIN_DEVICE_SMARTCARD: diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 964bc02..3dd809a 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -159,6 +159,9 @@ typedef virDomainIOMMUDef *virDomainIOMMUDefPtr; typedef struct _virDomainVirtioOptions virDomainVirtioOptions; typedef virDomainVirtioOptions *virDomainVirtioOptionsPtr; =20 +typedef struct _virDomainCryptoDef virDomainCryptoDef; +typedef virDomainCryptoDef *virDomainCryptoDefPtr; + /* Flags for the 'type' field in virDomainDeviceDef */ typedef enum { VIR_DOMAIN_DEVICE_NONE =3D 0, @@ -185,6 +188,7 @@ typedef enum { VIR_DOMAIN_DEVICE_PANIC, VIR_DOMAIN_DEVICE_MEMORY, VIR_DOMAIN_DEVICE_IOMMU, + VIR_DOMAIN_DEVICE_CRYPTO, =20 VIR_DOMAIN_DEVICE_LAST } virDomainDeviceType; @@ -217,6 +221,7 @@ struct _virDomainDeviceDef { virDomainPanicDefPtr panic; virDomainMemoryDefPtr memory; virDomainIOMMUDefPtr iommu; + virDomainCryptoDefPtr crypto; } data; }; =20 @@ -2043,6 +2048,26 @@ struct _virDomainRNGDef { }; =20 typedef enum { + VIR_DOMAIN_CRYPTO_MODEL_VIRTIO, + + VIR_DOMAIN_CRYPTO_MODEL_LAST +} virDomainCryptoModel; + +typedef enum { + VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN, + + VIR_DOMAIN_CRYPTO_BACKEND_LAST +} virDomainCryptoBackend; + +struct _virDomainCryptoDef { + int model; + int backend; + unsigned int queues; /* Multiqueue virtio-crypto */ + + virDomainDeviceInfo info; +}; + +typedef enum { VIR_DOMAIN_MEMORY_MODEL_NONE, VIR_DOMAIN_MEMORY_MODEL_DIMM, /* dimm hotpluggable memory device */ VIR_DOMAIN_MEMORY_MODEL_NVDIMM, /* nvdimm memory device */ @@ -2380,6 +2405,9 @@ struct _virDomainDef { size_t npanics; virDomainPanicDefPtr *panics; =20 + size_t ncryptos; + virDomainCryptoDefPtr *cryptos; + /* Only 1 */ virDomainWatchdogDefPtr watchdog; virDomainMemballoonDefPtr memballoon; @@ -2908,6 +2936,8 @@ int virDomainDefCompatibleDevice(virDomainDefPtr def, =20 void virDomainRNGDefFree(virDomainRNGDefPtr def); =20 +void virDomainCryptoDefFree(virDomainCryptoDefPtr def); + int virDomainDiskIndexByAddress(virDomainDefPtr def, virPCIDeviceAddressPtr pci_controller, unsigned int bus, unsigned int target, @@ -3236,6 +3266,8 @@ VIR_ENUM_DECL(virDomainShutdownReason) VIR_ENUM_DECL(virDomainShutoffReason) VIR_ENUM_DECL(virDomainCrashedReason) VIR_ENUM_DECL(virDomainPMSuspendedReason) +VIR_ENUM_DECL(virDomainCryptoModel) +VIR_ENUM_DECL(virDomainCryptoBackend) =20 const char *virDomainStateReasonToString(virDomainState state, int reason); int virDomainStateReasonFromString(virDomainState state, const char *reaso= n); diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 888412a..b183bea 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -237,6 +237,10 @@ virDomainControllerRemove; virDomainControllerTypeToString; virDomainCpuPlacementModeTypeFromString; virDomainCpuPlacementModeTypeToString; +virDomainCryptoBackendTypeFromString; +virDomainCryptoBackendTypeToString; +virDomainCryptoModelTypeFromString; +virDomainCryptoModelTypeToString; virDomainDefAddController; virDomainDefAddImplicitDevices; virDomainDefAddUSBController; diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c index b5b863f..5209fbe 100644 --- a/src/qemu/qemu_domain_address.c +++ b/src/qemu/qemu_domain_address.c @@ -796,6 +796,7 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDevic= eDefPtr dev, case VIR_DOMAIN_DEVICE_LEASE: case VIR_DOMAIN_DEVICE_GRAPHICS: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: case VIR_DOMAIN_DEVICE_NONE: return 0; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index cdb727b..1c2342c 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -7526,6 +7526,7 @@ qemuDomainAttachDeviceLive(virDomainObjPtr vm, case VIR_DOMAIN_DEVICE_TPM: case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: virReportError(VIR_ERR_OPERATION_UNSUPPORTED, _("live attach of device '%s' is not supported"), @@ -7619,6 +7620,7 @@ qemuDomainDetachDeviceLive(virDomainObjPtr vm, case VIR_DOMAIN_DEVICE_TPM: case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: virReportError(VIR_ERR_OPERATION_UNSUPPORTED, _("live detach of device '%s' is not supported"), @@ -7735,6 +7737,7 @@ qemuDomainUpdateDeviceLive(virConnectPtr conn, case VIR_DOMAIN_DEVICE_TPM: case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("live update of device '%s' is not supported"), @@ -7910,6 +7913,7 @@ qemuDomainAttachDeviceConfig(virDomainDefPtr vmdef, case VIR_DOMAIN_DEVICE_TPM: case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: virReportError(VIR_ERR_OPERATION_UNSUPPORTED, _("persistent attach of device '%s' is not support= ed"), @@ -8076,6 +8080,7 @@ qemuDomainDetachDeviceConfig(virDomainDefPtr vmdef, case VIR_DOMAIN_DEVICE_TPM: case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: virReportError(VIR_ERR_OPERATION_UNSUPPORTED, _("persistent detach of device '%s' is not supporte= d"), @@ -8163,6 +8168,7 @@ qemuDomainUpdateDeviceConfig(virDomainDefPtr vmdef, case VIR_DOMAIN_DEVICE_TPM: case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: virReportError(VIR_ERR_OPERATION_UNSUPPORTED, _("persistent update of device '%s' is not supporte= d"), diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index b5b62df..c7db125 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -4325,6 +4325,7 @@ qemuDomainRemoveDevice(virQEMUDriverPtr driver, case VIR_DOMAIN_DEVICE_TPM: case VIR_DOMAIN_DEVICE_PANIC: case VIR_DOMAIN_DEVICE_IOMMU: + case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: virReportError(VIR_ERR_OPERATION_UNSUPPORTED, _("don't know how to remove a %s device"), --=20 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 26 04:48:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1499253889902567.4526850428823; Wed, 5 Jul 2017 04:24:49 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4D9BE8048C; Wed, 5 Jul 2017 11:24:46 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 194B06F43F; Wed, 5 Jul 2017 11:24:46 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 93F651853E30; Wed, 5 Jul 2017 11:24:45 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v65BOgdB003541 for ; Wed, 5 Jul 2017 07:24:42 -0400 Received: by smtp.corp.redhat.com (Postfix) id 0DBB06C423; Wed, 5 Jul 2017 11:24:42 +0000 (UTC) Received: from mx1.redhat.com (ext-mx03.extmail.prod.ext.phx2.redhat.com [10.5.110.27]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0537260470; Wed, 5 Jul 2017 11:24:40 +0000 (UTC) Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) (using TLSv1 with cipher RC4-SHA (112/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 78E9580F96; Wed, 5 Jul 2017 11:24:34 +0000 (UTC) Received: from 172.30.72.53 (EHLO dggeml406-hub.china.huawei.com) ([172.30.72.53]) by dggrg02-dlp.huawei.com (MOS 4.4.6-GA FastPath queued) with ESMTP id AQO02200; Wed, 05 Jul 2017 19:17:55 +0800 (CST) Received: from localhost (10.177.246.209) by dggeml406-hub.china.huawei.com (10.3.17.50) with Microsoft SMTP Server id 14.3.301.0; Wed, 5 Jul 2017 19:17:45 +0800 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 4D9BE8048C Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 4D9BE8048C DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 78E9580F96 Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: ext-mx03.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=longpeng2@huawei.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 78E9580F96 From: "Longpeng(Mike)" To: , Date: Wed, 5 Jul 2017 19:17:14 +0800 Message-ID: <1499253435-94068-4-git-send-email-longpeng2@huawei.com> In-Reply-To: <1499253435-94068-1-git-send-email-longpeng2@huawei.com> References: <1499253435-94068-1-git-send-email-longpeng2@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.177.246.209] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090203.595CCAE4.0091, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2014-11-16 11:51:01, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: bf204e3674e38f76a9e5eec4e5312f88 X-Greylist: Delayed for 00:06:41 by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 05 Jul 2017 11:24:39 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 05 Jul 2017 11:24:39 +0000 (UTC) for IP:'45.249.212.188' DOMAIN:'szxga02-in.huawei.com' HELO:'szxga02-in.huawei.com' FROM:'longpeng2@huawei.com' RCPT:'' X-RedHat-Spam-Score: 0.398 (BAYES_50, DCC_REPUT_00_12, RP_MATCHES_RCVD, SPF_PASS) 45.249.212.188 szxga02-in.huawei.com 45.249.212.188 szxga02-in.huawei.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.27 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Cc: weidong.huang@huawei.com, libvir-list@redhat.com, wangxinxin.wang@huawei.com, arei.gonglei@huawei.com, longpeng.mike@gmail.com, "Longpeng\(Mike\)" Subject: [libvirt] [PATCH v3 3/4] qemu: Implement support for 'builtin' backend for virtio-crypto X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 05 Jul 2017 11:24:47 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This patch implements support for the virtio-crypto-pci device and the builtin backend in qemu. Two capabilities bits are added to track support for those: QEMU_CAPS_DEVICE_VIRTIO_CRYPTO - for the device support and QEMU_CAPS_OBJECT_CRYPTO_BUILTIN - for the backend support. qemu is invoked with these additional parameters if the device id enabled: (to add the backend) -object cryptodev-backend-builtin,id=3Dobjcrypto0,queues=3D1 (to add the device) -device virtio-crypto-pci,cryptodev=3Dobjcrypto0,id=3Dcrypto0 Signed-off-by: Longpeng(Mike) --- src/qemu/qemu_alias.c | 20 +++++++ src/qemu/qemu_alias.h | 3 + src/qemu/qemu_capabilities.c | 6 ++ src/qemu/qemu_capabilities.h | 4 ++ src/qemu/qemu_command.c | 126 +++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_command.h | 3 + src/qemu/qemu_domain_address.c | 26 ++++++++- 7 files changed, 187 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c index 914b2b9..2b6e049 100644 --- a/src/qemu/qemu_alias.c +++ b/src/qemu/qemu_alias.c @@ -332,6 +332,26 @@ qemuAssignDeviceRNGAlias(virDomainDefPtr def, } =20 =20 +int +qemuAssignDeviceCryptoAlias(const virDomainDef *def, + virDomainCryptoDefPtr crypto) +{ + size_t i; + int maxidx =3D 0; + int idx; + + for (i =3D 0; i < def->ncryptos; i++) { + if ((idx =3D qemuDomainDeviceAliasIndex(&def->cryptos[i]->info, "c= rypto")) >=3D maxidx) + maxidx =3D idx + 1; + } + + if (virAsprintf(&crypto->info.alias, "crypto%d", maxidx) < 0) + return -1; + + return 0; +} + + /** * qemuAssignDeviceMemoryAlias: * @def: domain definition. Necessary only if @oldAlias is true. diff --git a/src/qemu/qemu_alias.h b/src/qemu/qemu_alias.h index 300fd4d..fe59928 100644 --- a/src/qemu/qemu_alias.h +++ b/src/qemu/qemu_alias.h @@ -57,6 +57,9 @@ int qemuAssignDeviceRedirdevAlias(virDomainDefPtr def, int qemuAssignDeviceRNGAlias(virDomainDefPtr def, virDomainRNGDefPtr rng); =20 +int qemuAssignDeviceCryptoAlias(const virDomainDef *def, + virDomainCryptoDefPtr crypto); + int qemuAssignDeviceMemoryAlias(virDomainDefPtr def, virDomainMemoryDefPtr mems, bool oldAlias); diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 61c9a10..01005d5 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -430,6 +430,10 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST, "virtio.iommu_platform", "virtio.ats", "loadparm", + "cryptodev-backend-builtin", + + /* 265 */ + "virtio-crypto", ); =20 =20 @@ -1679,6 +1683,8 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "nvdimm", QEMU_CAPS_DEVICE_NVDIMM }, { "pcie-root-port", QEMU_CAPS_DEVICE_PCIE_ROOT_PORT }, { "qemu-xhci", QEMU_CAPS_DEVICE_QEMU_XHCI }, + { "cryptodev-backend-builtin", QEMU_CAPS_OBJECT_CRYPTO_BUILTIN }, + { "virtio-crypto-device", QEMU_CAPS_DEVICE_VIRTIO_CRYPTO }, }; =20 static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBalloon[]= =3D { diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 6e95876..50bb7a5 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -416,6 +416,10 @@ typedef enum { QEMU_CAPS_VIRTIO_PCI_IOMMU_PLATFORM, /* virtio-*-pci.iommu_platform */ QEMU_CAPS_VIRTIO_PCI_ATS, /* virtio-*-pci.ats */ QEMU_CAPS_LOADPARM, /* -machine loadparm */ + QEMU_CAPS_OBJECT_CRYPTO_BUILTIN, /* -object cryptodev-backend-builtin = */ + + /* 265 */ + QEMU_CAPS_DEVICE_VIRTIO_CRYPTO, /* -device virtio-crypto-pci */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index c53ab97..5278edc 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5992,6 +5992,129 @@ qemuBuildRNGCommandLine(virLogManagerPtr logManager, =20 =20 static char * +qemuBuildCryptoBackendStr(virDomainCryptoDefPtr crypto, + virQEMUCapsPtr qemuCaps) +{ + const char *type =3D NULL; + char *alias =3D NULL; + char *queue =3D NULL; + char *backstr =3D NULL; + + if (virAsprintf(&alias, "obj%s", crypto->info.alias) < 0) + goto cleanup; + + if (crypto->queues > 0) { + if (virAsprintf(&queue, "queues=3D%u", crypto->queues) < 0) + goto cleanup; + } + + switch ((virDomainCryptoBackend)crypto->backend) { + case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN: + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_OBJECT_CRYPTO_BUILTIN)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("this qemu doesn't support the builtin backen= d")); + goto cleanup; + } + + type =3D "cryptodev-backend-builtin"; + break; + + case VIR_DOMAIN_CRYPTO_BACKEND_LAST: + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("unknown crypto backend")); + goto cleanup; + } + + if (queue) + ignore_value(virAsprintf(&backstr, "%s,id=3D%s,%s", type, alias, q= ueue)); + else + ignore_value(virAsprintf(&backstr, "%s,id=3D%s", type, alias)); + + cleanup: + VIR_FREE(alias); + return backstr; +} + + +char * +qemuBuildCryptoDevStr(const virDomainDef *def, + virDomainCryptoDefPtr dev, + virQEMUCapsPtr qemuCaps) +{ + virBuffer buf =3D VIR_BUFFER_INITIALIZER; + + if (dev->model !=3D VIR_DOMAIN_CRYPTO_MODEL_VIRTIO || + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_VIRTIO_CRYPTO)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("this qemu doesn't support crypto device model '%= s'"), + virDomainRNGModelTypeToString(dev->model)); + goto error; + } + + if (dev->info.type !=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("unsupported address type %s for virtio crypto de= vice"), + virDomainDeviceAddressTypeToString(dev->info.type)); + goto error; + } + + virBufferAsprintf(&buf, "virtio-crypto-pci,cryptodev=3Dobj%s,id=3D%s", + dev->info.alias, dev->info.alias); + + if (qemuBuildDeviceAddressStr(&buf, def, &dev->info, qemuCaps) < 0) + goto error; + + return virBufferContentAndReset(&buf); + + error: + virBufferFreeAndReset(&buf); + return NULL; +} + + +static int +qemuBuildCryptoCommandLine(virCommandPtr cmd, + const virDomainDef *def, + virQEMUCapsPtr qemuCaps) +{ + size_t i; + + for (i =3D 0; i < def->ncryptos; i++) { + virDomainCryptoDefPtr crypto =3D def->cryptos[i]; + char *tmp; + + if (qemuAssignDeviceCryptoAlias(def, crypto)) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("crypto device assign alias faile")); + return -1; + } + + if (!crypto->info.alias) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("crypto device is missing alias")); + return -1; + } + + /* add the crypto backend */ + if (!(tmp =3D qemuBuildCryptoBackendStr(crypto, qemuCaps))) + return -1; + + virCommandAddArgList(cmd, "-object", tmp, NULL); + VIR_FREE(tmp); + + /* add the device */ + if (!(tmp =3D qemuBuildCryptoDevStr(def, crypto, qemuCaps))) + return -1; + + virCommandAddArgList(cmd, "-device", tmp, NULL); + VIR_FREE(tmp); + } + + return 0; +} + + +static char * qemuBuildSmbiosBiosStr(virSysinfoBIOSDefPtr def) { virBuffer buf =3D VIR_BUFFER_INITIALIZER; @@ -10220,6 +10343,9 @@ qemuBuildCommandLine(virQEMUDriverPtr driver, chardevStdioLogd) < 0) goto error; =20 + if (qemuBuildCryptoCommandLine(cmd, def, qemuCaps) < 0) + goto error; + if (qemuBuildNVRAMCommandLine(cmd, def, qemuCaps) < 0) goto error; =20 diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h index f5e3e5f..996840d 100644 --- a/src/qemu/qemu_command.h +++ b/src/qemu/qemu_command.h @@ -204,6 +204,9 @@ char *qemuBuildShmemDevStr(virDomainDefPtr def, virQEMUCapsPtr qemuCaps) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3); =20 +char *qemuBuildCryptoDevStr(const virDomainDef *def, + virDomainCryptoDefPtr dev, + virQEMUCapsPtr qemuCaps); =20 =20 #endif /* __QEMU_COMMAND_H__*/ diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c index 5209fbe..9bd064b 100644 --- a/src/qemu/qemu_domain_address.c +++ b/src/qemu/qemu_domain_address.c @@ -331,6 +331,12 @@ qemuDomainPrimeVirtioDeviceAddresses(virDomainDefPtr d= ef, def->rngs[i]->info.type =3D type; } =20 + for (i =3D 0; i < def->ncryptos; i++) { + if (def->cryptos[i]->model =3D=3D VIR_DOMAIN_CRYPTO_MODEL_VIRTIO && + def->cryptos[i]->info.type =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TY= PE_NONE) + def->cryptos[i]->info.type =3D type; + } + if (type =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_CCW) { for (i =3D 0; i < def->nfss; i++) { if (def->fss[i]->info.type =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TY= PE_NONE) @@ -738,6 +744,15 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDevi= ceDefPtr dev, return 0; } =20 + case VIR_DOMAIN_DEVICE_CRYPTO: + switch ((virDomainCryptoModel) dev->data.crypto->model) { + case VIR_DOMAIN_CRYPTO_MODEL_VIRTIO: + return virtioFlags; + + case VIR_DOMAIN_RNG_MODEL_LAST: + return 0; + } + case VIR_DOMAIN_DEVICE_VIDEO: switch ((virDomainVideoType) dev->data.video->type) { case VIR_DOMAIN_VIDEO_TYPE_VIRTIO: @@ -796,7 +811,6 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDevic= eDefPtr dev, case VIR_DOMAIN_DEVICE_LEASE: case VIR_DOMAIN_DEVICE_GRAPHICS: case VIR_DOMAIN_DEVICE_IOMMU: - case VIR_DOMAIN_DEVICE_CRYPTO: case VIR_DOMAIN_DEVICE_LAST: case VIR_DOMAIN_DEVICE_NONE: return 0; @@ -1775,6 +1789,16 @@ qemuDomainAssignDevicePCISlots(virDomainDefPtr def, goto error; } =20 + /* VirtIO CRYPTO */ + for (i =3D 0; i < def->ncryptos; i++) { + if (def->cryptos[i]->model !=3D VIR_DOMAIN_CRYPTO_MODEL_VIRTIO || + !virDeviceInfoPCIAddressWanted(&def->cryptos[i]->info)) + continue; + + if (qemuDomainPCIAddressReserveNextAddr(addrs, &def->cryptos[i]->i= nfo) < 0) + goto error; + } + /* A watchdog - check if it is a PCI device */ if (def->watchdog && def->watchdog->model =3D=3D VIR_DOMAIN_WATCHDOG_MODEL_I6300ESB && --=20 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list From nobody Fri Apr 26 04:48:08 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1499253882530443.39983421848456; Wed, 5 Jul 2017 04:24:42 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id BAE9CC058EA3; Wed, 5 Jul 2017 11:24:38 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8EE716F437; Wed, 5 Jul 2017 11:24:38 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 41FDC1833033; Wed, 5 Jul 2017 11:24:38 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id v65BOa3L003530 for ; Wed, 5 Jul 2017 07:24:36 -0400 Received: by smtp.corp.redhat.com (Postfix) id E103A5C550; Wed, 5 Jul 2017 11:24:36 +0000 (UTC) Received: from mx1.redhat.com (ext-mx07.extmail.prod.ext.phx2.redhat.com [10.5.110.31]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D861D5C88A; Wed, 5 Jul 2017 11:24:34 +0000 (UTC) Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) (using TLSv1 with cipher RC4-SHA (112/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8374FC04B924; Wed, 5 Jul 2017 11:24:29 +0000 (UTC) Received: from 172.30.72.53 (EHLO dggeml406-hub.china.huawei.com) ([172.30.72.53]) by dggrg02-dlp.huawei.com (MOS 4.4.6-GA FastPath queued) with ESMTP id AQO02201; Wed, 05 Jul 2017 19:17:56 +0800 (CST) Received: from localhost (10.177.246.209) by dggeml406-hub.china.huawei.com (10.3.17.50) with Microsoft SMTP Server id 14.3.301.0; Wed, 5 Jul 2017 19:17:46 +0800 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com BAE9CC058EA3 Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=libvir-list-bounces@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com BAE9CC058EA3 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 8374FC04B924 Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=huawei.com Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=longpeng2@huawei.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 8374FC04B924 From: "Longpeng(Mike)" To: , Date: Wed, 5 Jul 2017 19:17:15 +0800 Message-ID: <1499253435-94068-5-git-send-email-longpeng2@huawei.com> In-Reply-To: <1499253435-94068-1-git-send-email-longpeng2@huawei.com> References: <1499253435-94068-1-git-send-email-longpeng2@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.177.246.209] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090204.595CCAE4.00E2, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2014-11-16 11:51:01, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 7bab274a8fdf74da14fdea0cd546233d X-Greylist: Delayed for 00:06:34 by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Wed, 05 Jul 2017 11:24:34 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Wed, 05 Jul 2017 11:24:34 +0000 (UTC) for IP:'45.249.212.188' DOMAIN:'szxga02-in.huawei.com' HELO:'szxga02-in.huawei.com' FROM:'longpeng2@huawei.com' RCPT:'' X-RedHat-Spam-Score: 0.398 (BAYES_50, DCC_REPUT_00_12, RP_MATCHES_RCVD, SPF_PASS) 45.249.212.188 szxga02-in.huawei.com 45.249.212.188 szxga02-in.huawei.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.31 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com Cc: weidong.huang@huawei.com, libvir-list@redhat.com, wangxinxin.wang@huawei.com, arei.gonglei@huawei.com, longpeng.mike@gmail.com, "Longpeng\(Mike\)" Subject: [libvirt] [PATCH v3 4/4] tests: Add testcase for virtio-crypto XML parsing X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Wed, 05 Jul 2017 11:24:39 +0000 (UTC) X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Adds XML parsing and qemu commandline tests for the virtio-crypto device support. Signed-off-by: Longpeng(Mike) --- tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml | 2 ++ tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml | 2 ++ .../qemuxml2argv-virtio-crypto-builtin.xml | 26 ++++++++++++++++++ .../qemuxml2argv-virtio-crypto.args | 22 +++++++++++++++ .../qemuxml2xmlout-virtio-crypto-builtin.xml | 31 ++++++++++++++++++= ++++ tests/qemuxml2xmltest.c | 2 ++ 6 files changed, 85 insertions(+) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-built= in.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-b= uiltin.xml diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml b/tests/qemuca= pabilitiesdata/caps_2.8.0.s390x.xml index 51be9bc..527c765 100644 --- a/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml +++ b/tests/qemucapabilitiesdata/caps_2.8.0.s390x.xml @@ -134,6 +134,8 @@ + + 2007093 0 diff --git a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml b/tests/qemuc= apabilitiesdata/caps_2.8.0.x86_64.xml index 01edbc8..f10833c 100644 --- a/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_2.8.0.x86_64.xml @@ -207,6 +207,8 @@ + + 2008000 0 (v2.8.0) diff --git a/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml = b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml new file mode 100644 index 0000000..f4e78fa --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto-builtin.xml @@ -0,0 +1,26 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + + + + diff --git a/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args b/tests= /qemuxml2argvdata/qemuxml2argv-virtio-crypto.args new file mode 100644 index 0000000..430c061 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-virtio-crypto.args @@ -0,0 +1,22 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/home/test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-x86_64 \ +-name QEMUGuest1 \ +-S \ +-M pc \ +-m 214 \ +-smp 1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-nographic \ +-nodefaults \ +-monitor unix:/tmp/lib/domain--1-QEMUGuest1/monitor.sock,server,nowait \ +-no-acpi \ +-boot c \ +-usb \ +-device virtio-balloon-pci,id=3Dballoon0,bus=3Dpci.0,addr=3D0x3 \ +-object cryptodev-backend-builtin,id=3Dobjcrypto0,queues=3D1 \ +-device virtio-crypto-pci,cryptodev=3Dobjcrypto0,id=3Dcrypto0,bus=3Dpci.0,= addr=3D0x4 diff --git a/tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.= xml b/tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.xml new file mode 100644 index 0000000..1f06aeb --- /dev/null +++ b/tests/qemuxml2xmloutdata/qemuxml2xmlout-virtio-crypto-builtin.xml @@ -0,0 +1,31 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + +

+ + + + + +
+ + + +
+ + + diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c index 1307299..6975af3 100644 --- a/tests/qemuxml2xmltest.c +++ b/tests/qemuxml2xmltest.c @@ -1045,6 +1045,8 @@ mymain(void) DO_TEST("smbios", NONE); DO_TEST("smbios-multiple-type2", NONE); =20 + DO_TEST("virtio-crypto-builtin", NONE); + DO_TEST("aarch64-aavmf-virtio-mmio", QEMU_CAPS_NODEFCONFIG, QEMU_CAPS_DTB, QEMU_CAPS_DEVICE_VIRTIO_MMIO, --=20 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list