From: Lin Yang <lin.a.yang@intel.com>
<devices>
...
<memory model='sgx-epc'>
<target>
<size unit='KiB'>512</size>
</target>
</memory>
...
</devices>
Signed-off-by: Lin Yang <lin.a.yang@intel.com>
---
docs/formatdomain.rst | 9 +++-
docs/schemas/domaincommon.rng | 1 +
src/conf/domain_conf.c | 6 +++
src/conf/domain_conf.h | 1 +
src/conf/domain_validate.c | 16 ++++++
src/qemu/qemu_alias.c | 3 ++
src/qemu/qemu_command.c | 1 +
src/qemu/qemu_domain.c | 38 +++++++++-----
src/qemu/qemu_domain_address.c | 6 +++
src/qemu/qemu_driver.c | 1 +
src/qemu/qemu_process.c | 2 +
src/qemu/qemu_validate.c | 8 +++
src/security/security_apparmor.c | 1 +
src/security/security_dac.c | 2 +
src/security/security_selinux.c | 2 +
tests/qemuxml2argvdata/sgx-epc.xml | 36 +++++++++++++
.../sgx-epc.x86_64-latest.xml | 52 +++++++++++++++++++
tests/qemuxml2xmltest.c | 2 +
18 files changed, 172 insertions(+), 15 deletions(-)
create mode 100644 tests/qemuxml2argvdata/sgx-epc.xml
create mode 100644 tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml
diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index e2f99c60a6..ee9328ca36 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -7912,6 +7912,11 @@ Example: usage of the memory devices
<current unit='KiB'>524288</current>
</target>
</memory>
+ <memory model='sgx-epc'>
+ <target>
+ <size unit='KiB'>16384</size>
+ </target>
+ </memory>
</devices>
...
@@ -7920,7 +7925,9 @@ Example: usage of the memory devices
1.2.14` Provide ``nvdimm`` model that adds a Non-Volatile DIMM module.
:since:`Since 3.2.0` Provide ``virtio-pmem`` model to add a paravirtualized
persistent memory device. :since:`Since 7.1.0` Provide ``virtio-mem`` model
- to add paravirtualized memory device. :since:`Since 7.9.0`
+ to add paravirtualized memory device. :since:`Since 7.9.0` Provide
+ ``sgx-epc`` model to add a SGX enclave page cache (EPC) memory to the guest.
+ :since:`Since 8.0.0`
``access``
An optional attribute ``access`` ( :since:`since 3.2.0` ) that provides
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 64a797de46..0aca97618f 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -6641,6 +6641,7 @@
<value>nvdimm</value>
<value>virtio-pmem</value>
<value>virtio-mem</value>
+ <value>sgx-epc</value>
</choice>
</attribute>
<optional>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 58e696416d..1745ecff7f 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1415,6 +1415,7 @@ VIR_ENUM_IMPL(virDomainMemoryModel,
"nvdimm",
"virtio-pmem",
"virtio-mem",
+ "sgx-epc",
);
VIR_ENUM_IMPL(virDomainShmemModel,
@@ -5606,6 +5607,7 @@ virDomainMemoryDefPostParse(virDomainMemoryDef *mem,
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -14558,6 +14560,7 @@ virDomainMemorySourceDefParseXML(xmlNodePtr node,
def->nvdimmPath = virXPathString("string(./path)", ctxt);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -14626,6 +14629,7 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
}
@@ -16415,6 +16419,7 @@ virDomainMemoryFindByDefInternal(virDomainDef *def,
continue;
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -25851,6 +25856,7 @@ virDomainMemorySourceDefFormat(virBuffer *buf,
virBufferEscapeString(&childBuf, "<path>%s</path>\n", def->nvdimmPath);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 0731007355..2b12e9d1ef 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2518,6 +2518,7 @@ typedef enum {
VIR_DOMAIN_MEMORY_MODEL_NVDIMM, /* nvdimm memory device */
VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM, /* virtio-pmem memory device */
VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM, /* virtio-mem memory device */
+ VIR_DOMAIN_MEMORY_MODEL_SGX_EPC, /* SGX enclave page cache */
VIR_DOMAIN_MEMORY_MODEL_LAST
} virDomainMemoryModel;
diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index f0b8aa2655..0bdb7a507f 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -2074,6 +2074,22 @@ virDomainMemoryDefValidate(const virDomainMemoryDef *mem,
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+ if (mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("memory device address is not supported for model '%s'"),
+ virDomainMemoryModelTypeToString(mem->model));
+ return -1;
+ }
+
+ if (mem->targetNode != -1) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("NUMA nodes is not supported for model '%s'"),
+ virDomainMemoryModelTypeToString(mem->model));
+ return -1;
+ }
+ break;
+
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
default:
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index 8c2f055604..e5a946cbed 100644
--- a/src/qemu/qemu_alias.c
+++ b/src/qemu/qemu_alias.c
@@ -516,6 +516,9 @@ qemuAssignDeviceMemoryAlias(virDomainDef *def,
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
prefix = "virtiomem";
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+ prefix = "epc";
+ break;
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
default:
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index fc778901d1..e6f29d878c 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4079,6 +4079,7 @@ qemuBuildMemoryDeviceProps(virQEMUDriverConfig *cfg,
return NULL;
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
default:
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index aa8f6b8d05..577f9ff878 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -8227,6 +8227,7 @@ qemuDomainUpdateMemoryDeviceInfo(virQEMUDriver *driver,
break;
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -8887,6 +8888,12 @@ qemuDomainDefValidateMemoryHotplugDevice(const virDomainMemoryDef *mem,
}
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("hotplug are not supported for the %s device"),
+ virDomainMemoryModelTypeToString(mem->model));
+ return -1;
+
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
return -1;
@@ -8922,7 +8929,7 @@ int
qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
const virDomainMemoryDef *mem)
{
- unsigned int nmems = def->nmems;
+ unsigned int hotplugNum = 0;
unsigned long long hotplugSpace;
unsigned long long hotplugMemory = 0;
size_t i;
@@ -8930,15 +8937,27 @@ qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
hotplugSpace = def->mem.max_memory - virDomainDefGetMemoryInitial(def);
if (mem) {
- nmems++;
+ hotplugNum++;
hotplugMemory = mem->size;
if (qemuDomainDefValidateMemoryHotplugDevice(mem, def) < 0)
return -1;
}
+ for (i = 0; i < def->nmems; i++) {
+ /* sgx epc memory does not support hotplug */
+ if (def->mems[i]->model != VIR_DOMAIN_MEMORY_MODEL_SGX_EPC) {
+ hotplugMemory += def->mems[i]->size;
+ hotplugNum++;
+ /* already existing devices don't need to be checked on hotplug */
+ if (!mem &&
+ qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def) < 0)
+ return -1;
+ }
+ }
+
if (!virDomainDefHasMemoryHotplug(def)) {
- if (nmems) {
+ if (hotplugNum) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("cannot use/hotplug a memory device when domain "
"'maxMemory' is not defined"));
@@ -8961,22 +8980,13 @@ qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
}
}
- if (nmems > def->mem.memory_slots) {
+ if (hotplugNum > def->mem.memory_slots) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("memory device count '%u' exceeds slots count '%u'"),
- nmems, def->mem.memory_slots);
+ hotplugNum, def->mem.memory_slots);
return -1;
}
- for (i = 0; i < def->nmems; i++) {
- hotplugMemory += def->mems[i]->size;
-
- /* already existing devices don't need to be checked on hotplug */
- if (!mem &&
- qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def) < 0)
- return -1;
- }
-
if (hotplugMemory > hotplugSpace) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("memory device total size exceeds hotplug space"));
diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
index 3e6eed6ec9..35732bf2c9 100644
--- a/src/qemu/qemu_domain_address.c
+++ b/src/qemu/qemu_domain_address.c
@@ -389,6 +389,7 @@ qemuDomainPrimeVirtioDeviceAddresses(virDomainDef *def,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
}
@@ -1025,6 +1026,7 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDeviceDef *dev,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
return 0;
}
@@ -2389,6 +2391,7 @@ qemuDomainAssignDevicePCISlots(virDomainDef *def,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
}
@@ -3050,6 +3053,7 @@ qemuDomainAssignMemoryDeviceSlot(virDomainObj *vm,
return qemuDomainEnsurePCIAddress(vm, &dev);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -3076,6 +3080,7 @@ qemuDomainReleaseMemoryDeviceSlot(virDomainObj *vm,
qemuDomainReleaseDeviceAddress(vm, &mem->info);
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
@@ -3109,6 +3114,7 @@ qemuDomainAssignMemorySlots(virDomainDef *def)
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
/* handled in qemuDomainAssignPCIAddresses() */
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 0a1ba74e65..6e9dc5403c 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -6895,6 +6895,7 @@ qemuDomainChangeMemoryLiveValidateChange(const virDomainMemoryDef *oldDef,
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("cannot modify memory of model '%s'"),
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index fa6a5e5e7d..9e7b2fba97 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3793,6 +3793,7 @@ qemuProcessDomainMemoryDefNeedHugepagesPath(const virDomainMemoryDef *mem,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
/* None of these can be backed by hugepages. */
return false;
@@ -3867,6 +3868,7 @@ qemuProcessNeedMemoryBackingPath(virDomainDef *def,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
/* Backed by user provided path. Not stored in memory
* backing dir anyway. */
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 3bf39f8d93..888573cd16 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -5003,6 +5003,14 @@ qemuValidateDomainDeviceDefMemory(virDomainMemoryDef *mem,
}
break;
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("sgx epc isn't supported by this QEMU binary"));
+ return -1;
+ }
+ break;
+
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index d1087aa10c..46c410a537 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -687,6 +687,7 @@ AppArmorSetMemoryLabel(virSecurityManager *mgr,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
}
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index e9e316551e..5bbe4cd771 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1850,6 +1850,7 @@ virSecurityDACRestoreMemoryLabel(virSecurityManager *mgr,
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
ret = 0;
@@ -2035,6 +2036,7 @@ virSecurityDACSetMemoryLabel(virSecurityManager *mgr,
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
ret = 0;
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 0952431064..6732008555 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1584,6 +1584,7 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManager *mgr,
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
break;
}
@@ -1612,6 +1613,7 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityManager *mgr,
case VIR_DOMAIN_MEMORY_MODEL_DIMM:
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+ case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
case VIR_DOMAIN_MEMORY_MODEL_NONE:
case VIR_DOMAIN_MEMORY_MODEL_LAST:
ret = 0;
diff --git a/tests/qemuxml2argvdata/sgx-epc.xml b/tests/qemuxml2argvdata/sgx-epc.xml
new file mode 100644
index 0000000000..65ae8ae296
--- /dev/null
+++ b/tests/qemuxml2argvdata/sgx-epc.xml
@@ -0,0 +1,36 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='q35'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <controller type='pci' index='0' model='pcie-root'/>
+ <controller type='usb' index='0' model='none'/>
+ <controller type='sata' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
+ </controller>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <audio id='1' type='none'/>
+ <memory model='sgx-epc'>
+ <target>
+ <size unit='MiB'>64</size>
+ </target>
+ </memory>
+ <memory model='sgx-epc'>
+ <target>
+ <size unit='MiB'>16</size>
+ </target>
+ </memory>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml b/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml
new file mode 100644
index 0000000000..1f2a9c418f
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml
@@ -0,0 +1,52 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='q35'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <cpu mode='custom' match='exact' check='none'>
+ <model fallback='forbid'>qemu64</model>
+ </cpu>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <controller type='pci' index='0' model='pcie-root'/>
+ <controller type='usb' index='0' model='none'/>
+ <controller type='sata' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
+ </controller>
+ <controller type='pci' index='1' model='pcie-root-port'>
+ <model name='pcie-root-port'/>
+ <target chassis='1' port='0x8'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0' multifunction='on'/>
+ </controller>
+ <controller type='pci' index='2' model='pcie-root-port'>
+ <model name='pcie-root-port'/>
+ <target chassis='2' port='0x9'/>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+ </controller>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <audio id='1' type='none'/>
+ <memballoon model='virtio'>
+ <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
+ </memballoon>
+ <memory model='sgx-epc'>
+ <target>
+ <size unit='KiB'>65536</size>
+ </target>
+ </memory>
+ <memory model='sgx-epc'>
+ <target>
+ <size unit='KiB'>16384</size>
+ </target>
+ </memory>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index 935fd955f4..eefaf04c7d 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -1463,6 +1463,8 @@ mymain(void)
QEMU_CAPS_DEVICE_VIRTIO_RNG,
QEMU_CAPS_OBJECT_RNG_RANDOM);
+ DO_TEST_CAPS_LATEST("sgx-epc");
+
cleanup:
if (getenv("LIBVIRT_SKIP_CLEANUP") == NULL)
virFileDeleteTree(fakerootdir);
--
2.17.1
On 2/8/22 06:21, Haibin Huang wrote:
> From: Lin Yang <lin.a.yang@intel.com>
>
> <devices>
> ...
> <memory model='sgx-epc'>
> <target>
> <size unit='KiB'>512</size>
> </target>
> </memory>
> ...
> </devices>
>
> Signed-off-by: Lin Yang <lin.a.yang@intel.com>
> ---
> docs/formatdomain.rst | 9 +++-
> docs/schemas/domaincommon.rng | 1 +
> src/conf/domain_conf.c | 6 +++
> src/conf/domain_conf.h | 1 +
> src/conf/domain_validate.c | 16 ++++++
> src/qemu/qemu_alias.c | 3 ++
> src/qemu/qemu_command.c | 1 +
> src/qemu/qemu_domain.c | 38 +++++++++-----
> src/qemu/qemu_domain_address.c | 6 +++
> src/qemu/qemu_driver.c | 1 +
> src/qemu/qemu_process.c | 2 +
> src/qemu/qemu_validate.c | 8 +++
> src/security/security_apparmor.c | 1 +
> src/security/security_dac.c | 2 +
> src/security/security_selinux.c | 2 +
> tests/qemuxml2argvdata/sgx-epc.xml | 36 +++++++++++++
> .../sgx-epc.x86_64-latest.xml | 52 +++++++++++++++++++
> tests/qemuxml2xmltest.c | 2 +
> 18 files changed, 172 insertions(+), 15 deletions(-)
> create mode 100644 tests/qemuxml2argvdata/sgx-epc.xml
> create mode 100644 tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml
>
> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
> index e2f99c60a6..ee9328ca36 100644
> --- a/docs/formatdomain.rst
> +++ b/docs/formatdomain.rst
> @@ -7912,6 +7912,11 @@ Example: usage of the memory devices
> <current unit='KiB'>524288</current>
> </target>
> </memory>
> + <memory model='sgx-epc'>
> + <target>
> + <size unit='KiB'>16384</size>
> + </target>
> + </memory>
> </devices>
> ...
>
> @@ -7920,7 +7925,9 @@ Example: usage of the memory devices
> 1.2.14` Provide ``nvdimm`` model that adds a Non-Volatile DIMM module.
> :since:`Since 3.2.0` Provide ``virtio-pmem`` model to add a paravirtualized
> persistent memory device. :since:`Since 7.1.0` Provide ``virtio-mem`` model
> - to add paravirtualized memory device. :since:`Since 7.9.0`
> + to add paravirtualized memory device. :since:`Since 7.9.0` Provide
> + ``sgx-epc`` model to add a SGX enclave page cache (EPC) memory to the guest.
> + :since:`Since 8.0.0`
>
Since 8.1.0.
> ``access``
> An optional attribute ``access`` ( :since:`since 3.2.0` ) that provides
> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
> index 64a797de46..0aca97618f 100644
> --- a/docs/schemas/domaincommon.rng
> +++ b/docs/schemas/domaincommon.rng
> @@ -6641,6 +6641,7 @@
> <value>nvdimm</value>
> <value>virtio-pmem</value>
> <value>virtio-mem</value>
> + <value>sgx-epc</value>
> </choice>
> </attribute>
> <optional>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 58e696416d..1745ecff7f 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -1415,6 +1415,7 @@ VIR_ENUM_IMPL(virDomainMemoryModel,
> "nvdimm",
> "virtio-pmem",
> "virtio-mem",
> + "sgx-epc",
> );
>
> VIR_ENUM_IMPL(virDomainShmemModel,
> @@ -5606,6 +5607,7 @@ virDomainMemoryDefPostParse(virDomainMemoryDef *mem,
>
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -14558,6 +14560,7 @@ virDomainMemorySourceDefParseXML(xmlNodePtr node,
> def->nvdimmPath = virXPathString("string(./path)", ctxt);
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -14626,6 +14629,7 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> }
> @@ -16415,6 +16419,7 @@ virDomainMemoryFindByDefInternal(virDomainDef *def,
> continue;
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -25851,6 +25856,7 @@ virDomainMemorySourceDefFormat(virBuffer *buf,
> virBufferEscapeString(&childBuf, "<path>%s</path>\n", def->nvdimmPath);
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index 0731007355..2b12e9d1ef 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -2518,6 +2518,7 @@ typedef enum {
> VIR_DOMAIN_MEMORY_MODEL_NVDIMM, /* nvdimm memory device */
> VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM, /* virtio-pmem memory device */
> VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM, /* virtio-mem memory device */
> + VIR_DOMAIN_MEMORY_MODEL_SGX_EPC, /* SGX enclave page cache */
>
> VIR_DOMAIN_MEMORY_MODEL_LAST
> } virDomainMemoryModel;
> diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
> index f0b8aa2655..0bdb7a507f 100644
> --- a/src/conf/domain_validate.c
> +++ b/src/conf/domain_validate.c
> @@ -2074,6 +2074,22 @@ virDomainMemoryDefValidate(const virDomainMemoryDef *mem,
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + if (mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
> + _("memory device address is not supported for model '%s'"),
> + virDomainMemoryModelTypeToString(mem->model));
> + return -1;
> + }
Alright, so EPC module doesn't go onto any bus. Fair enough.
> +
> + if (mem->targetNode != -1) {
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
> + _("NUMA nodes is not supported for model '%s'"),
> + virDomainMemoryModelTypeToString(mem->model));
> + return -1;
> + }
> + break;
> +
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> default:
> diff --git a/tests/qemuxml2argvdata/sgx-epc.xml b/tests/qemuxml2argvdata/sgx-epc.xml
> new file mode 100644
> index 0000000000..65ae8ae296
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/sgx-epc.xml
> @@ -0,0 +1,36 @@
> +<domain type='qemu'>
> + <name>QEMUGuest1</name>
> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
> + <memory unit='KiB'>219100</memory>
> + <currentMemory unit='KiB'>219100</currentMemory>
> + <vcpu placement='static'>1</vcpu>
> + <os>
> + <type arch='x86_64' machine='q35'>hvm</type>
> + <boot dev='hd'/>
> + </os>
> + <clock offset='utc'/>
> + <on_poweroff>destroy</on_poweroff>
> + <on_reboot>restart</on_reboot>
> + <on_crash>destroy</on_crash>
> + <devices>
> + <emulator>/usr/bin/qemu-system-x86_64</emulator>
> + <controller type='pci' index='0' model='pcie-root'/>
> + <controller type='usb' index='0' model='none'/>
> + <controller type='sata' index='0'>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
> + </controller>
> + <input type='mouse' bus='ps2'/>
> + <input type='keyboard' bus='ps2'/>
> + <audio id='1' type='none'/>
> + <memory model='sgx-epc'>
> + <target>
> + <size unit='MiB'>64</size>
> + </target>
> + </memory>
> + <memory model='sgx-epc'>
> + <target>
> + <size unit='MiB'>16</size>
> + </target>
> + </memory>
> + </devices>
> +</domain>
> diff --git a/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml b/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml
> new file mode 100644
> index 0000000000..1f2a9c418f
> --- /dev/null
> +++ b/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml
> @@ -0,0 +1,52 @@
> +<domain type='qemu'>
Effectively, what we want to test here is that XML can be parsed and
formatted back. In this case we don't really care whether devices are
automatically inserted. Having said that, this output XML can be just a
symlink to the original XML.
Michal
On 2/16/22, 2:25 AM, "Michal Prívozník" <mprivozn@redhat.com> wrote:
> > @@ -7920,7 +7925,9 @@ Example: usage of the memory devices
> > 1.2.14` Provide ``nvdimm`` model that adds a Non-Volatile DIMM module.
> > :since:`Since 3.2.0` Provide ``virtio-pmem`` model to add a paravirtualized
> > persistent memory device. :since:`Since 7.1.0` Provide ``virtio-mem`` model
> > - to add paravirtualized memory device. :since:`Since 7.9.0`
> > + to add paravirtualized memory device. :since:`Since 7.9.0` Provide
> > + ``sgx-epc`` model to add a SGX enclave page cache (EPC) memory to the guest.
> > + :since:`Since 8.0.0`
> >
>
> Since 8.1.0.
Sure, I will update this.
> > diff --git a/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml b/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml
> > new file mode 100644
> > index 0000000000..1f2a9c418f
> > --- /dev/null
> > +++ b/tests/qemuxml2xmloutdata/sgx-epc.x86_64-latest.xml
> > @@ -0,0 +1,52 @@
> > +<domain type='qemu'>
>
> Effectively, what we want to test here is that XML can be parsed and
> formatted back. In this case we don't really care whether devices are
> automatically inserted. Having said that, this output XML can be just a
> symlink to the original XML.
Sorry, I might not fully understand this parse and re-formant test case
details. The re-formatted XML contains some tags don’t exist in original
XML, for example, the virtio memballoon device,
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</memballoon>
This test case will fail if symlink to the original XML. Could you share how
to resolve it? Really appreciated.
Thanks,
Lin.
© 2016 - 2026 Red Hat, Inc.