From nobody Mon Feb 9 06:02:18 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1614182419; cv=none; d=zohomail.com; s=zohoarc; b=QVSNqdrFKXgv3Q0ywNMHbFJTfXhJBWBfVDtskf6QUR52b2qvSmraW9vvKLLWePV7VZZu4zagjRjj+M5dfWHvYMYvjt9guUgV3UfIs4JdeaOwLzmg+TiQGKyiKXEy5dx7fL3G/cwlkqnJ59gCkwOmQCJwzvjnyult5SOz+XkM8wY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1614182419; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=uyylnXxAeWxfOnlBHIhpzW/bcPrh1Ji2EHQZ9dfhAzM=; b=CCbbDP1rqxpP4YuJtHdG3sxQZi4Ka+pZowJhJlfVnnQsyzYqo3nun0h2smg/Y7hmx6gDlOI5Uy3Yzgcyz8a2uz8zMXxTxw4E3UWCL34+xk8KAJYNTNSUMFpwt3N7tob9tkBZWvBx5RyeTGJ8SlDqMoQwU3zeTAFluBnhSZiIA6Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1614182418655270.6625195403233; Wed, 24 Feb 2021 08:00:18 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-497-46BqUkd8MbOUBXGolnCT5A-1; Wed, 24 Feb 2021 10:58:57 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 52E4DDF8B6; Wed, 24 Feb 2021 15:58:41 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2A33310016FD; Wed, 24 Feb 2021 15:58:41 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E3C161809C90; Wed, 24 Feb 2021 15:58:40 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 11OFwC3d010685 for ; Wed, 24 Feb 2021 10:58:12 -0500 Received: by smtp.corp.redhat.com (Postfix) id E9DB410016FD; Wed, 24 Feb 2021 15:58:12 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 55A3110016F9 for ; Wed, 24 Feb 2021 15:58:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1614182416; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=uyylnXxAeWxfOnlBHIhpzW/bcPrh1Ji2EHQZ9dfhAzM=; b=Ezr8WkkSGOXaLQP+/6zFKtiwmTIyeoGVbBtglvRodrAhYQo9HGDvHapz2dzDiG9CGvN1sx Rhiu2OiviHXJUYsMoSVQU+lF0FmTVyMP8X1KCv9A1EbaN6uQ/3a6TUXin1rBvewSn3NanW I4obviJ/dm8rzxuSA2eUls3bEXjx6qU= X-MC-Unique: 46BqUkd8MbOUBXGolnCT5A-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH v2 02/12] qemu: command: Generate commandline of 'sev0' sev-guest object via JSON Date: Wed, 24 Feb 2021 16:57:56 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" While the 'sev0' sev-guest object will never be hotplugged, but we want to generate it through JSON so that we'll be able to validate all parameters of '-object' against the QAPI schema once 'object-add' is qapified in qemu. Signed-off-by: Peter Krempa Reviewed-by: J=C3=A1n Tomko --- src/qemu/qemu_command.c | 32 +++++++++++-------- ...v-missing-platform-info.x86_64-2.12.0.args | 2 +- .../launch-security-sev.x86_64-2.12.0.args | 2 +- 3 files changed, 20 insertions(+), 16 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 9538bc9a2a..579b00c029 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -9444,9 +9444,11 @@ static int qemuBuildSEVCommandLine(virDomainObjPtr vm, virCommandPtr cmd, virDomainSEVDefPtr sev) { + g_autoptr(virJSONValue) props =3D NULL; g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER; qemuDomainObjPrivatePtr priv =3D vm->privateData; - char *path =3D NULL; + g_autofree char *dhpath =3D NULL; + g_autofree char *sessionpath =3D NULL; if (!sev) return 0; @@ -9454,21 +9456,23 @@ qemuBuildSEVCommandLine(virDomainObjPtr vm, virComm= andPtr cmd, VIR_DEBUG("policy=3D0x%x cbitpos=3D%d reduced_phys_bits=3D%d", sev->policy, sev->cbitpos, sev->reduced_phys_bits); - virBufferAsprintf(&buf, "sev-guest,id=3Dsev0,cbitpos=3D%d", sev->cbitp= os); - virBufferAsprintf(&buf, ",reduced-phys-bits=3D%d", sev->reduced_phys_b= its); - virBufferAsprintf(&buf, ",policy=3D0x%x", sev->policy); + if (sev->dh_cert) + dhpath =3D g_strdup_printf("%s/dh_cert.base64", priv->libDir); - if (sev->dh_cert) { - path =3D g_strdup_printf("%s/dh_cert.base64", priv->libDir); - virBufferAsprintf(&buf, ",dh-cert-file=3D%s", path); - VIR_FREE(path); - } + if (sev->session) + sessionpath =3D g_strdup_printf("%s/session.base64", priv->libDir); - if (sev->session) { - path =3D g_strdup_printf("%s/session.base64", priv->libDir); - virBufferAsprintf(&buf, ",session-file=3D%s", path); - VIR_FREE(path); - } + if (qemuMonitorCreateObjectProps(&props, "sev-guest", "sev0", + "u:cbitpos", sev->cbitpos, + "u:reduced-phys-bits", sev->reduced_p= hys_bits, + "u:policy", sev->policy, + "S:dh-cert-file", dhpath, + "S:session-file", sessionpath, + NULL) < 0) + return -1; + + if (virQEMUBuildObjectCommandlineFromJSON(&buf, props) < 0) + return -1; virCommandAddArg(cmd, "-object"); virCommandAddArgBuffer(cmd, &buf); diff --git a/tests/qemuxml2argvdata/launch-security-sev-missing-platform-in= fo.x86_64-2.12.0.args b/tests/qemuxml2argvdata/launch-security-sev-missing-= platform-info.x86_64-2.12.0.args index f6cbd016df..717a21b7b0 100644 --- a/tests/qemuxml2argvdata/launch-security-sev-missing-platform-info.x86_= 64-2.12.0.args +++ b/tests/qemuxml2argvdata/launch-security-sev-missing-platform-info.x86_= 64-2.12.0.args @@ -29,7 +29,7 @@ file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ -device piix3-usb-uhci,id=3Dusb,bus=3Dpci.0,addr=3D0x1.0x2 \ -drive file=3D/dev/HostVG/QEMUGuest1,format=3Draw,if=3Dnone,id=3Ddrive-ide= 0-0-0 \ -device ide-hd,bus=3Dide.0,unit=3D0,drive=3Ddrive-ide0-0-0,id=3Dide0-0-0,b= ootindex=3D1 \ --object sev-guest,id=3Dsev0,cbitpos=3D47,reduced-phys-bits=3D1,policy=3D0x= 1,\ +-object sev-guest,id=3Dsev0,cbitpos=3D47,reduced-phys-bits=3D1,policy=3D1,\ dh-cert-file=3D/tmp/lib/domain--1-QEMUGuest1/dh_cert.base64,\ session-file=3D/tmp/lib/domain--1-QEMUGuest1/session.base64 \ -sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\ diff --git a/tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args = b/tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args index f6cbd016df..717a21b7b0 100644 --- a/tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args +++ b/tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args @@ -29,7 +29,7 @@ file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ -device piix3-usb-uhci,id=3Dusb,bus=3Dpci.0,addr=3D0x1.0x2 \ -drive file=3D/dev/HostVG/QEMUGuest1,format=3Draw,if=3Dnone,id=3Ddrive-ide= 0-0-0 \ -device ide-hd,bus=3Dide.0,unit=3D0,drive=3Ddrive-ide0-0-0,id=3Dide0-0-0,b= ootindex=3D1 \ --object sev-guest,id=3Dsev0,cbitpos=3D47,reduced-phys-bits=3D1,policy=3D0x= 1,\ +-object sev-guest,id=3Dsev0,cbitpos=3D47,reduced-phys-bits=3D1,policy=3D1,\ dh-cert-file=3D/tmp/lib/domain--1-QEMUGuest1/dh_cert.base64,\ session-file=3D/tmp/lib/domain--1-QEMUGuest1/session.base64 \ -sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\ --=20 2.29.2