From nobody Sat Feb 7 16:25:32 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1602252845; cv=none; d=zohomail.com; s=zohoarc; b=eP2EEABjvVJLwfAE9WZ4JkXYPy3YwNnXQh+zYa8YYhSv2ss5Q+PeRUHTmKV2ZV5HAvF9z+7x/05w0HrGv0xbTnj81aZ8wcHEtSB86GTA9q3RBDYlLEdqt0mp4iLHZTZpA6IctulfoW/A1LgBQklFd6FG4R67msUsdR4dPtiGpSM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1602252845; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=v73QGZvIp8VT6OfazuBxluiM0/vQLf5yuruiX/xoz04=; b=DxdxYBeVnH+7vXsiO4jeUoNvMweqGPBjJLoV5rnqYkg4znJpLwTaTsbiQEO40qwm6KVvirCvmWYkNZ+pYGyPYJAE+UMNxajOJdVRKODPrYXb0DCXp1rEsnLulCf2PTUOZfI3275vsJ9eR5kEdtpYs77XIF02EhD6tjXZYYEM6r4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1602252845031111.07919752311739; Fri, 9 Oct 2020 07:14:05 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-563-CcWCLSi0NUa9VIdaUX2uow-1; Fri, 09 Oct 2020 10:13:58 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 113BF64145; Fri, 9 Oct 2020 14:13:52 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3DD5B75123; Fri, 9 Oct 2020 14:13:51 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 745CC1832FC3; Fri, 9 Oct 2020 14:13:49 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 099EDlxA010427 for ; Fri, 9 Oct 2020 10:13:47 -0400 Received: by smtp.corp.redhat.com (Postfix) id 816D26EF70; Fri, 9 Oct 2020 14:13:47 +0000 (UTC) Received: from nautilus.redhat.com (unknown [10.40.192.118]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7D9546EF48; Fri, 9 Oct 2020 14:13:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1602252843; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=v73QGZvIp8VT6OfazuBxluiM0/vQLf5yuruiX/xoz04=; b=GworEh9gJsIMf/tR8s3qj1F+NQf/wCk5zXJGDXMpRGhHzbUIqptUBiybC+WVbJjOS8Oz9F L8T6lQDBu9TcWEWZIaiv1ky/UmNJ6vfX6GC0TqDo8KrzBKVS2riH6xJO4g683ZXE7fg58H EKZh5ghz3VIhts1lYmvCOAEM/lxmels= X-MC-Unique: CcWCLSi0NUa9VIdaUX2uow-1 From: Erik Skultety To: libvir-list@redhat.com Subject: [libvirt PATCH 1/3] qemu_process: sev: Drop an unused variable Date: Fri, 9 Oct 2020 16:13:39 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Cc: brijesh.singh@amd.com, dgilbert@redhat.com, Erik Skultety X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Signed-off-by: Erik Skultety Reviewed-by: Daniel Henrique Barboza --- src/qemu/qemu_process.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 6b5de29fdb..2cc1d58266 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6394,9 +6394,8 @@ static int qemuProcessPrepareSEVGuestInput(virDomainObjPtr vm) { qemuDomainObjPrivatePtr priv =3D vm->privateData; - virDomainDefPtr def =3D vm->def; virQEMUCapsPtr qemuCaps =3D priv->qemuCaps; - virDomainSEVDefPtr sev =3D def->sev; + virDomainSEVDefPtr sev =3D vm->def->sev; =20 if (!sev) return 0; --=20 2.26.2 From nobody Sat Feb 7 16:25:32 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1602252842; cv=none; d=zohomail.com; s=zohoarc; b=d2jHjkWZNiSIf2a1nX3U7bnVGSGr5pQ/3qI6ximarFTZ1RKh06l95UtRkUeOqgRxoPU1v0jYgblslB8eessphcaQuhrQAf0Tjj5dxYJrZHJDo+Gi1d4w4tMyYMBQlxKglZX5dDoHG8wrcLBXeW9h+L5rp9a2HmOVFqZRydYthLA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1602252842; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=7ZKoZSOt4FETYSrcE4Ti2Sjf3mGTdJwAZghsJiIDEo0=; b=Pdo5IbGqJCHNBdkZIu1uh96uM5462rKLZvmW1FhNG/gOh2qOIyfbKrtMQCHK5Bl8Hz8NFviOIiYsi8VgI0Wgulvk58Q8Gp4O/MHD/4egkfeq2bWuG9GXLB4iq5ezJRBtX0rBUpFhm0be1+xYaynqB2URP+t1N/Ntn7eKPynJg+E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1602252842012480.30591515885214; Fri, 9 Oct 2020 07:14:02 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-329-aob2l3HsOieaK2iVkgv4Vg-1; Fri, 09 Oct 2020 10:13:58 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7756F64151; Fri, 9 Oct 2020 14:13:52 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 508DD6EF73; Fri, 9 Oct 2020 14:13:52 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D2584922E2; Fri, 9 Oct 2020 14:13:51 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 099EDmRP010434 for ; Fri, 9 Oct 2020 10:13:48 -0400 Received: by smtp.corp.redhat.com (Postfix) id D6D846EF70; Fri, 9 Oct 2020 14:13:48 +0000 (UTC) Received: from nautilus.redhat.com (unknown [10.40.192.118]) by smtp.corp.redhat.com (Postfix) with ESMTP id D25096EF48; Fri, 9 Oct 2020 14:13:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1602252840; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=7ZKoZSOt4FETYSrcE4Ti2Sjf3mGTdJwAZghsJiIDEo0=; b=QxdLfxZH6iUJGu74xqgR32szlh52npys7/FvttWCa/vcQX3JCbjEzEBYZ7zWIiKsO6DMFf bq4pOS9XyXPy6+qz6zJfGnMXGjV5VE782QScjrLz5KiAxLITg2UjxCF88vTFM8Mir1ww9+ Q9CeBtOVI9vbVMtIK+Je8OCjcYJMBug= X-MC-Unique: aob2l3HsOieaK2iVkgv4Vg-1 From: Erik Skultety To: libvir-list@redhat.com Subject: [libvirt PATCH 2/3] qemu: process: sev: Fill missing 'cbitpos' & 'reducedPhysBits' from caps Date: Fri, 9 Oct 2020 16:13:40 +0200 Message-Id: <4a8b3b65ea2b0e72f3f4dd48472d29fa8709e138.1602252665.git.eskultet@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Cc: brijesh.singh@amd.com, dgilbert@redhat.com, Erik Skultety X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" These XML attributes have been mandatory since the introduction of SEV support to libvirt. This design decision was based on QEMU's requirement for these to be mandatory for migration purposes, as differences in these values across platforms must result in the pre-migration checks failing (not that migration with SEV works at the time of this patch). This patch enables autofill of these attributes right before launching QEMU and thus updating the live XML. Signed-off-by: Erik Skultety --- src/conf/domain_conf.h | 2 ++ src/qemu/qemu_process.c | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+) diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 450686dfb5..344bb64081 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2490,7 +2490,9 @@ struct _virDomainSEVDef { char *dh_cert; char *session; unsigned int policy; + bool haveCbitpos; unsigned int cbitpos; + bool haveReducedPhysBits; unsigned int reduced_phys_bits; }; =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 2cc1d58266..35af0d11cd 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6233,6 +6233,40 @@ qemuProcessPrepareAllowReboot(virDomainObjPtr vm) } =20 =20 +static int +qemuProcessUpdateSEVInfo(virDomainObjPtr vm) +{ + qemuDomainObjPrivatePtr priv =3D vm->privateData; + virQEMUCapsPtr qemuCaps =3D priv->qemuCaps; + virDomainSEVDefPtr sev =3D vm->def->sev; + virSEVCapabilityPtr sevCaps =3D NULL; + + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Domain %s asked for 'sev' launch but this " + "QEMU does not support SEV feature"), vm->def->n= ame); + return -1; + } + + /* if platform specific info like 'cbitpos' and 'reducedPhysBits' have + * not been supplied, we need to autofill them from caps now as both a= re + * mandatory on QEMU cmdline + */ + sevCaps =3D virQEMUCapsGetSEVCapabilities(qemuCaps); + if (!sev->haveCbitpos) { + sev->cbitpos =3D sevCaps->cbitpos; + sev->haveCbitpos =3D true; + } + + if (!sev->haveReducedPhysBits) { + sev->reduced_phys_bits =3D sevCaps->reduced_phys_bits; + sev->haveReducedPhysBits =3D true; + } + + return 0; +} + + /** * qemuProcessPrepareDomain: * @driver: qemu driver @@ -6361,6 +6395,12 @@ qemuProcessPrepareDomain(virQEMUDriverPtr driver, for (i =3D 0; i < vm->def->nshmems; i++) qemuDomainPrepareShmemChardev(vm->def->shmems[i]); =20 + if (vm->def->sev) { + VIR_DEBUG("Updating SEV platform info"); + if (qemuProcessUpdateSEVInfo(vm) < 0) + return -1; + } + return 0; } =20 --=20 2.26.2 From nobody Sat Feb 7 16:25:32 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1602252858; cv=none; d=zohomail.com; s=zohoarc; b=c7Lz4R+lpsxbXbcafXTDQ+S0YYKyaGOYnsO3efXvgluK9xNyx3FhzzobBgUi8yUeKLFv1udrvZpkWTn53j875pKpJO7+eZNE9AzYWGhdnQezT4ry1CYSWiQCyKltiTLAcakE6Aw1mf3/BscLJppxTWB1WJlg739nHBR4fCvKEu4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1602252858; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=PNFp8W6w7HGaW+1cYhe27Gulvvyq+D4UAHEdyz7QwbM=; b=BYjNzADtJSQMhd8/jL65lbdcd7DqgArHRA+q6JP/j38tK2oU6nhr37gsjgwZX7+bLzGMfBN/P6iJ4USgtptRrgahMiSFdxeoUBbIn610Q6gDxodpi/CANzvyvbCoHG0M6Ae9tDc3Vcy4c/SeDBNBKBiI+9jJxSR2qXrf8CeHl7Q= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 1602252858662349.5597458838969; Fri, 9 Oct 2020 07:14:18 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-544-TZbExUhxN-2qgmDi8iuFDQ-1; Fri, 09 Oct 2020 10:14:15 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 965D118829D5; Fri, 9 Oct 2020 14:14:09 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7419060BFA; Fri, 9 Oct 2020 14:14:09 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 165BB1832FD3; Fri, 9 Oct 2020 14:14:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 099EDooa010445 for ; Fri, 9 Oct 2020 10:13:50 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4B4CB6EF6F; Fri, 9 Oct 2020 14:13:50 +0000 (UTC) Received: from nautilus.redhat.com (unknown [10.40.192.118]) by smtp.corp.redhat.com (Postfix) with ESMTP id 33ADE6EF48; Fri, 9 Oct 2020 14:13:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1602252857; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=PNFp8W6w7HGaW+1cYhe27Gulvvyq+D4UAHEdyz7QwbM=; b=AIpTxFTOnkHZIvM4JYOet+OO0xmPEbkZQ7wJg+TKLYUbajNEA5jrwmfJBeiZK4ErFwTjOZ UZdvvnOsO2Fg8sw743dms9CqnSGm/EeePBHVW4Y5v1lAB/Wl0qQa20bsCMcwwWCag27rEw moF6hTUwA+HoPACyJkqVMiOrDj5AI1k= X-MC-Unique: TZbExUhxN-2qgmDi8iuFDQ-1 From: Erik Skultety To: libvir-list@redhat.com Subject: [libvirt PATCH 3/3] conf: domain: sev: Make 'cbitpos' & 'reducedPhysBits' attrs optional Date: Fri, 9 Oct 2020 16:13:41 +0200 Message-Id: <5309b4468be3f40c8bd5c4ea3f58e6a51bf066d6.1602252665.git.eskultet@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Cc: brijesh.singh@amd.com, dgilbert@redhat.com, Erik Skultety X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" These XML attributes have been mandatory since the introduction of SEV support to libvirt. This design decision was based on QEMU's requirement for these to be mandatory for migration purposes, as differences in these values across platforms must result in the pre-migration checks failing (not that migration with SEV works at the time of this patch). Expecting the user to specify these is cumbersome and the same XML cannot be re-used across different revisions of SEV. Since we have SEV platform information saved in QEMU capabilities, we can make the attributes optional and should fill them in automatically in the QEMU driver right before starting it. Resolves: https://gitlab.com/libvirt/libvirt/-/issues/57 Signed-off-by: Erik Skultety Reviewed-by: Daniel Henrique Barboza --- docs/schemas/domaincommon.rng | 16 ++++--- src/conf/domain_conf.c | 46 ++++++++++++------- ...v-missing-platform-info.x86_64-2.12.0.args | 37 +++++++++++++++ ...nch-security-sev-missing-platform-info.xml | 35 ++++++++++++++ tests/qemuxml2argvtest.c | 1 + 5 files changed, 113 insertions(+), 22 deletions(-) create mode 100644 tests/qemuxml2argvdata/launch-security-sev-missing-plat= form-info.x86_64-2.12.0.args create mode 100644 tests/qemuxml2argvdata/launch-security-sev-missing-plat= form-info.xml diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 7d4b105981..9963fad4a6 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -467,12 +467,16 @@ sev - - - - - - + + + + + + + + + + diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 51efeb0e42..648a47ac84 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -16756,6 +16756,7 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode, virDomainSEVDefPtr def; unsigned long policy; g_autofree char *type =3D NULL; + int rc =3D -1; =20 def =3D g_new0(virDomainSEVDef, 1); =20 @@ -16780,25 +16781,35 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode, goto error; } =20 - if (virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos) < 0) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("failed to get launch security cbitpos")); - goto error; - } - - if (virXPathUInt("string(./reducedPhysBits)", ctxt, - &def->reduced_phys_bits) < 0) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("failed to get launch security reduced-phys-bits"= )); - goto error; - } - if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) { virReportError(VIR_ERR_XML_ERROR, "%s", _("failed to get launch security policy")); goto error; } =20 + /* the following attributes are platform dependent and if missing, we = can + * autofill them from domain capabilities later + */ + rc =3D virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos); + if (rc =3D=3D 0) { + def->haveCbitpos =3D VIR_TRISTATE_BOOL_YES; + } else if (rc =3D=3D -2) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("Invalid format for launch security cbitpos")); + goto error; + } + + rc =3D virXPathUInt("string(./reducedPhysBits)", ctxt, + &def->reduced_phys_bits); + if (rc =3D=3D 0) { + def->haveReducedPhysBits =3D VIR_TRISTATE_BOOL_YES; + } else if (rc =3D=3D -2) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("Invalid format for launch security " + "reduced-phys-bits")); + goto error; + } + def->policy =3D policy; def->dh_cert =3D virXPathString("string(./dhCert)", ctxt); def->session =3D virXPathString("string(./session)", ctxt); @@ -28937,9 +28948,12 @@ virDomainSEVDefFormat(virBufferPtr buf, virDomainS= EVDefPtr sev) virDomainLaunchSecurityTypeToString(sev->sectype)); virBufferAdjustIndent(buf, 2); =20 - virBufferAsprintf(buf, "%d\n", sev->cbitpos); - virBufferAsprintf(buf, "%d\n", - sev->reduced_phys_bits); + if (sev->haveCbitpos) + virBufferAsprintf(buf, "%d\n", sev->cbitpos); + + if (sev->haveReducedPhysBits) + virBufferAsprintf(buf, "%d\n", + sev->reduced_phys_bits); virBufferAsprintf(buf, "0x%04x\n", sev->policy); if (sev->dh_cert) virBufferEscapeString(buf, "%s\n", sev->dh_cert); diff --git a/tests/qemuxml2argvdata/launch-security-sev-missing-platform-in= fo.x86_64-2.12.0.args b/tests/qemuxml2argvdata/launch-security-sev-missing-= platform-info.x86_64-2.12.0.args new file mode 100644 index 0000000000..378c3b681c --- /dev/null +++ b/tests/qemuxml2argvdata/launch-security-sev-missing-platform-info.x86_= 64-2.12.0.args @@ -0,0 +1,37 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/tmp/lib/domain--1-QEMUGuest1 \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.local/share \ +XDG_CACHE_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.cache \ +XDG_CONFIG_HOME=3D/tmp/lib/domain--1-QEMUGuest1/.config \ +QEMU_AUDIO_DRV=3Dnone \ +/usr/bin/qemu-system-x86_64 \ +-name guest=3DQEMUGuest1,debug-threads=3Don \ +-S \ +-object secret,id=3DmasterKey0,format=3Draw,\ +file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \ +-machine pc-1.0,accel=3Dkvm,usb=3Doff,dump-guest-core=3Doff,memory-encrypt= ion=3Dsev0 \ +-m 214 \ +-realtime mlock=3Doff \ +-smp 1,sockets=3D1,cores=3D1,threads=3D1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-no-acpi \ +-boot strict=3Don \ +-device piix3-usb-uhci,id=3Dusb,bus=3Dpci.0,addr=3D0x1.0x2 \ +-drive file=3D/dev/HostVG/QEMUGuest1,format=3Draw,if=3Dnone,id=3Ddrive-ide= 0-0-0 \ +-device ide-hd,bus=3Dide.0,unit=3D0,drive=3Ddrive-ide0-0-0,id=3Dide0-0-0,b= ootindex=3D1 \ +-object sev-guest,id=3Dsev0,cbitpos=3D47,reduced-phys-bits=3D1,policy=3D0x= 1,\ +dh-cert-file=3D/tmp/lib/domain--1-QEMUGuest1/dh_cert.base64,\ +session-file=3D/tmp/lib/domain--1-QEMUGuest1/session.base64 \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\ +resourcecontrol=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxml2argvdata/launch-security-sev-missing-platform-in= fo.xml b/tests/qemuxml2argvdata/launch-security-sev-missing-platform-info.x= ml new file mode 100644 index 0000000000..41ec4cb872 --- /dev/null +++ b/tests/qemuxml2argvdata/launch-security-sev-missing-platform-info.xml @@ -0,0 +1,35 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + +
+ + + + + + + + + + 0x0001 + AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA + IHAVENOIDEABUTJUSTPROVIDINGASTRING + + diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 49567326d4..56247177e1 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -3314,6 +3314,7 @@ mymain(void) DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw-auto", "s390x"); =20 DO_TEST_CAPS_VER("launch-security-sev", "2.12.0"); + DO_TEST_CAPS_VER("launch-security-sev-missing-platform-info", "2.12.0"= ); =20 DO_TEST_CAPS_LATEST("vhost-user-fs-fd-memory"); DO_TEST_CAPS_LATEST("vhost-user-fs-hugepages"); --=20 2.26.2