From nobody Wed Feb 11 05:49:47 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1626428708534611.7368496836339; Fri, 16 Jul 2021 02:45:08 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-189-sUrtCbpEMga5wuZonmFBUg-1; Fri, 16 Jul 2021 05:45:05 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6C0EF1084F5A; Fri, 16 Jul 2021 09:45:00 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 16D3E5C1C2; Fri, 16 Jul 2021 09:45:00 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8EF631809C99; Fri, 16 Jul 2021 09:44:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 16G9iqvd002574 for ; Fri, 16 Jul 2021 05:44:52 -0400 Received: by smtp.corp.redhat.com (Postfix) id E217120A8C17; Fri, 16 Jul 2021 09:44:51 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DD57020A8C11 for ; Fri, 16 Jul 2021 09:44:48 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 53CC88556F0 for ; Fri, 16 Jul 2021 09:44:48 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-13-Xw_4a3ZsOu6crIF-d8J0uA-1; Fri, 16 Jul 2021 05:44:46 -0400 Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 16G9YOVe031854; Fri, 16 Jul 2021 05:44:44 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 39tw76q3j4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 16 Jul 2021 05:44:44 -0400 Received: from m0098409.ppops.net (m0098409.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 16G9ZEZM035198; Fri, 16 Jul 2021 05:44:44 -0400 Received: from ppma04fra.de.ibm.com (6a.4a.5195.ip4.static.sl-reverse.com [149.81.74.106]) by mx0a-001b2d01.pphosted.com with ESMTP id 39tw76q3hd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 16 Jul 2021 05:44:44 -0400 Received: from pps.filterd (ppma04fra.de.ibm.com [127.0.0.1]) by ppma04fra.de.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 16G9hIIx004125; Fri, 16 Jul 2021 09:44:41 GMT Received: from b06cxnps3074.portsmouth.uk.ibm.com (d06relay09.portsmouth.uk.ibm.com [9.149.109.194]) by ppma04fra.de.ibm.com with ESMTP id 39q368hdvt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 16 Jul 2021 09:44:41 +0000 Received: from d06av21.portsmouth.uk.ibm.com (d06av21.portsmouth.uk.ibm.com [9.149.105.232]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 16G9icDi28639724 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 16 Jul 2021 09:44:38 GMT Received: from d06av21.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0A42552057; Fri, 16 Jul 2021 09:44:38 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.56.60]) by d06av21.portsmouth.uk.ibm.com (Postfix) with ESMTP id C4A3552063; Fri, 16 Jul 2021 09:44:37 +0000 (GMT) X-MC-Unique: sUrtCbpEMga5wuZonmFBUg-1 X-MC-Unique: Xw_4a3ZsOu6crIF-d8J0uA-1 From: Boris Fiuczynski To: libvir-list@redhat.com, danielhb413@gmail.com Subject: [PATCH v5 02/11] conf: Rework SEV XML parse and format methods Date: Fri, 16 Jul 2021 11:44:26 +0200 Message-Id: <20210716094435.4754-3-fiuczy@linux.ibm.com> In-Reply-To: <20210716094435.4754-1-fiuczy@linux.ibm.com> References: <20210716094435.4754-1-fiuczy@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: DXhEhy_hMs7cTpMLdA-pyGRM_4gCsy1m X-Proofpoint-GUID: wU98kzzn93R9Yd9m9elzXfP35TrdJrz6 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-07-16_02:2021-07-16, 2021-07-16 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 clxscore=1015 mlxlogscore=999 lowpriorityscore=0 malwarescore=0 suspectscore=0 phishscore=0 mlxscore=0 spamscore=0 bulkscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2107160057 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: phrdina@redhat.com, pasic@linux.ibm.com, pkrempa@redhat.com, mhartmay@linux.ibm.com, shalini@linux.ibm.com, bwalk@linux.ibm.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1626428709536100002 Content-Type: text/plain; charset="utf-8" Make use of virDomainLaunchSecurity enum. Signed-off-by: Boris Fiuczynski Reviewed-by: Daniel Henrique Barboza --- src/conf/domain_conf.c | 108 ++++++++++++++++++++++++----------------- 1 file changed, 64 insertions(+), 44 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index f1d4ef021c..74254d505b 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -14732,40 +14732,50 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode, &def->sectype) < 0) return NULL; =20 - if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("failed to get launch security policy")); - return NULL; - } + switch ((virDomainLaunchSecurity) def->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: + if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("failed to get launch security policy")); + return NULL; + } =20 - /* the following attributes are platform dependent and if missing, we = can - * autofill them from domain capabilities later - */ - rc =3D virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos); - if (rc =3D=3D 0) { - def->haveCbitpos =3D true; - } else if (rc =3D=3D -2) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("Invalid format for launch security cbitpos")); - return NULL; - } + /* the following attributes are platform dependent and if missing,= we can + * autofill them from domain capabilities later + */ + rc =3D virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos); + if (rc =3D=3D 0) { + def->haveCbitpos =3D true; + } else if (rc =3D=3D -2) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("Invalid format for launch security cbitpos")= ); + return NULL; + } =20 - rc =3D virXPathUInt("string(./reducedPhysBits)", ctxt, - &def->reduced_phys_bits); - if (rc =3D=3D 0) { - def->haveReducedPhysBits =3D true; - } else if (rc =3D=3D -2) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("Invalid format for launch security " - "reduced-phys-bits")); - return NULL; - } + rc =3D virXPathUInt("string(./reducedPhysBits)", ctxt, + &def->reduced_phys_bits); + if (rc =3D=3D 0) { + def->haveReducedPhysBits =3D true; + } else if (rc =3D=3D -2) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("Invalid format for launch security " + "reduced-phys-bits")); + return NULL; + } =20 - def->policy =3D policy; - def->dh_cert =3D virXPathString("string(./dhCert)", ctxt); - def->session =3D virXPathString("string(./session)", ctxt); + def->policy =3D policy; + def->dh_cert =3D virXPathString("string(./dhCert)", ctxt); + def->session =3D virXPathString("string(./session)", ctxt); =20 - return g_steal_pointer(&def); + return g_steal_pointer(&def); + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + default: + virReportError(VIR_ERR_XML_ERROR, + _("unsupported launch security type '%s'"), + virDomainLaunchSecurityTypeToString(def->sectype)); + return NULL; + } } =20 =20 @@ -26856,28 +26866,38 @@ virDomainKeyWrapDefFormat(virBuffer *buf, virDoma= inKeyWrapDef *keywrap) static void virDomainSEVDefFormat(virBuffer *buf, virDomainSEVDef *sev) { + g_auto(virBuffer) attrBuf =3D VIR_BUFFER_INITIALIZER; + g_auto(virBuffer) childBuf =3D VIR_BUFFER_INIT_CHILD(buf); + if (!sev) return; =20 - virBufferAsprintf(buf, "\n", + virBufferAsprintf(&attrBuf, " type=3D'%s'", virDomainLaunchSecurityTypeToString(sev->sectype)); - virBufferAdjustIndent(buf, 2); =20 - if (sev->haveCbitpos) - virBufferAsprintf(buf, "%d\n", sev->cbitpos); + switch ((virDomainLaunchSecurity) sev->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: { + if (sev->haveCbitpos) + virBufferAsprintf(&childBuf, "%d\n", sev->c= bitpos); =20 - if (sev->haveReducedPhysBits) - virBufferAsprintf(buf, "%d\n", - sev->reduced_phys_bits); - virBufferAsprintf(buf, "0x%04x\n", sev->policy); - if (sev->dh_cert) - virBufferEscapeString(buf, "%s\n", sev->dh_cert); + if (sev->haveReducedPhysBits) + virBufferAsprintf(&childBuf, "%d\n", + sev->reduced_phys_bits); + virBufferAsprintf(&childBuf, "0x%04x\n", sev->pol= icy); + if (sev->dh_cert) + virBufferEscapeString(&childBuf, "%s\n", sev-= >dh_cert); =20 - if (sev->session) - virBufferEscapeString(buf, "%s\n", sev->session= ); + if (sev->session) + virBufferEscapeString(&childBuf, "%s\n", se= v->session); =20 - virBufferAdjustIndent(buf, -2); - virBufferAddLit(buf, "\n"); + break; + } + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + return; + } + + virXMLFormatElement(buf, "launchSecurity", &attrBuf, &childBuf); } =20 =20 --=20 2.31.1