[libvirt] [PATCH 3/4] libvirt: qemu: enable/disable protected key management ops
Tony Krowiak
akrowiak at linux.vnet.ibm.com
Fri May 15 17:27:34 UTC 2015
On 05/15/2015 10:39 AM, Michal Privoznik wrote:
> On 27.04.2015 23:57, akrowiak at linux.vnet.ibm.com wrote:
>> From: Tony Krowiak <aekrowia at us.ibm.com>
>>
>> Introduces two new -machine option parameters to the QEMU command to
>> enable/disable the CPACF protected key management operations for a guest:
>>
>> aes-key-wrap='on|off'
>> dea-key-wrap='on|off'
>>
>> The QEMU code maps the corresponding domain configuration elements to the
>> QEMU -machine option parameters to create the QEMU command:
>>
>> <cipher name='aes' state='on'> --> aes-key-wrap=on
>> <cipher name='aes' state='off'> --> aes-key-wrap=off
>> <cipher name='dea' state='on'> --> dea-key-wrap=on
>> <cipher name='dea' state='off'> --> dea-key-wrap=off
>>
>> Signed-off-by: Tony Krowiak <akrowiak at linux.vnet.ibm.com>
>> Signed-off-by: Daniel Hansel <daniel.hansel at linux.vnet.ibm.com>
>> Signed-off-by: Boris Fiuczynski <fiuczy at linux.vnet.ibm.com>
>> Reviewed-by: Boris Fiuczynski <fiuczy at linux.vnet.ibm.com>
>> ---
>> src/qemu/qemu_capabilities.c | 5 +++
>> src/qemu/qemu_capabilities.h | 2 +
>> src/qemu/qemu_command.c | 72 ++++++++++++++++++++++++++++++++++++++++++
>> src/qemu/qemu_domain.c | 39 ++++++++++++++++++++++-
>> 4 files changed, 117 insertions(+), 1 deletions(-)
>>
>> diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
>> index a458611..d1b9f6f 100644
>> --- a/src/qemu/qemu_capabilities.c
>> +++ b/src/qemu/qemu_capabilities.c
>> @@ -279,6 +279,9 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
>> "qxl.vgamem_mb",
>> "qxl-vga.vgamem_mb",
>> "pc-dimm",
>> +
>> + "aes-key-wrap", /* 185 */
>> + "dea-key-wrap",
>> );
>>
>>
>> @@ -2518,6 +2521,8 @@ static struct virQEMUCapsCommandLineProps virQEMUCapsCommandLine[] = {
>> { "msg", "timestamp", QEMU_CAPS_MSG_TIMESTAMP },
>> { "numa", NULL, QEMU_CAPS_NUMA },
>> { "drive", "throttling.bps-total-max", QEMU_CAPS_DRIVE_IOTUNE_MAX},
>> + { "machine", "aes-key-wrap", QEMU_CAPS_AES_KEY_WRAP },
>> + { "machine", "dea-key-wrap", QEMU_CAPS_DEA_KEY_WRAP },
>> };
>>
>> static int
>> diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
>> index c7b1ac7..31e0494 100644
>> --- a/src/qemu/qemu_capabilities.h
>> +++ b/src/qemu/qemu_capabilities.h
>> @@ -224,6 +224,8 @@ typedef enum {
>> QEMU_CAPS_QXL_VGAMEM = 182, /* -device qxl.vgamem_mb */
>> QEMU_CAPS_QXL_VGA_VGAMEM = 183, /* -device qxl-vga.vgamem_mb */
>> QEMU_CAPS_DEVICE_PC_DIMM = 184, /* pc-dimm device */
>> + QEMU_CAPS_AES_KEY_WRAP = 185, /* -machine aes_key_wrap */
>> + QEMU_CAPS_DEA_KEY_WRAP = 186, /* -machine dea_key_wrap */
>>
>> QEMU_CAPS_LAST, /* this must always be the last item */
>> } virQEMUCapsFlags;
>> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
>> index 247954f..8ff1d88 100644
>> --- a/src/qemu/qemu_command.c
>> +++ b/src/qemu/qemu_command.c
>> @@ -38,6 +38,7 @@
>> #include "virnetdevbridge.h"
>> #include "virstring.h"
>> #include "virtime.h"
>> +#include "virutil.h"
>> #include "viruuid.h"
>> #include "c-ctype.h"
>> #include "domain_nwfilter.h"
>> @@ -7295,6 +7296,39 @@ qemuBuildObsoleteAccelArg(virCommandPtr cmd,
>> return 0;
>> }
>>
>> +static bool
>> +qemuAppendKeyWrapMachineParm(virBuffer *buf, virQEMUCapsPtr qemuCaps,
>> + int flag, const char *pname, int pstate)
>> +{
>> + if (pstate != VIR_TRISTATE_SWITCH_ABSENT) {
>> + if (!virQEMUCapsGet(qemuCaps, flag)) {
>> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
>> + _("%s is not available with this QEMU binary"), pname);
>> + return false;
>> + }
>> +
>> + virBufferAsprintf(buf, ",%s=%s", pname,
>> + virTristateSwitchTypeToString(pstate));
>> + }
>> +
>> + return true;
>> +}
>> +
>> +static bool
>> +qemuAppendKeyWrapMachineParms(virBuffer *buf, virQEMUCapsPtr qemuCaps,
>> + const virDomainDef *def)
>> +{
>> + if (!qemuAppendKeyWrapMachineParm(buf, qemuCaps, QEMU_CAPS_AES_KEY_WRAP,
>> + "aes-key-wrap", def->keywrap.aes))
>> + return false;
>> +
>> + if (!qemuAppendKeyWrapMachineParm(buf, qemuCaps, QEMU_CAPS_DEA_KEY_WRAP,
>> + "dea-key-wrap", def->keywrap.dea))
>> + return false;
>> +
>> + return true;
>> +}
>> +
>> static int
>> qemuBuildMachineArgStr(virCommandPtr cmd,
>> const virDomainDef *def,
>> @@ -7329,6 +7363,14 @@ qemuBuildMachineArgStr(virCommandPtr cmd,
>> }
>>
>> obsoleteAccel = true;
>> +
>> + if ((def->keywrap.aes != VIR_TRISTATE_SWITCH_ABSENT) ||
>> + (def->keywrap.dea != VIR_TRISTATE_SWITCH_ABSENT)) {
>> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
>> + _("key wrap support is not available "
>> + "with this QEMU binary"));
>> + return -1;
>> + }
>> } else {
>> virBuffer buf = VIR_BUFFER_INITIALIZER;
>>
>> @@ -7373,6 +7415,11 @@ qemuBuildMachineArgStr(virCommandPtr cmd,
>> }
>> }
>>
>> + if (!qemuAppendKeyWrapMachineParms(&buf, qemuCaps, def)) {
>> + virBufferFreeAndReset(&buf);
>> + return -1;
>> + }
>> +
>> virCommandAddArgBuffer(cmd, &buf);
>> }
>>
>> @@ -12772,6 +12819,9 @@ qemuParseCommandLine(virCapsPtr qemuCaps,
>> }
>>
>> /* handle all remaining "-machine" parameters */
>> + def->keywrap.aes = VIR_TRISTATE_SWITCH_ABSENT;
>> + def->keywrap.dea = VIR_TRISTATE_SWITCH_ABSENT;
>> +
>> while ((param = list[j++])) {
>> if (STRPREFIX(param, "dump-guest-core=")) {
>> param += strlen("dump-guest-core=");
>> @@ -12783,6 +12833,28 @@ qemuParseCommandLine(virCapsPtr qemuCaps,
>> } else if (STRPREFIX(param, "accel=kvm")) {
>> def->virtType = VIR_DOMAIN_VIRT_KVM;
>> def->features[VIR_DOMAIN_FEATURE_PAE] = VIR_TRISTATE_SWITCH_ON;
>> + } else if (STRPREFIX(param, "aes-key-wrap=")) {
>> + if (STREQ(arg, "-M")) {
>> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
>> + _("aes-key-wrap is not supported with "
>> + "this QEMU binary"));
>> + goto error;
>> + }
>> + param += strlen("aes-key-wrap=");
>> + def->keywrap.aes = virTristateSwitchTypeFromString(param);
>> + if (def->keywrap.aes < 0)
>> + def->keywrap.aes = VIR_TRISTATE_SWITCH_ABSENT;
>> + } else if (STRPREFIX(param, "dea-key-wrap=")) {
>> + if (STREQ(arg, "-M")) {
>> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
>> + _("dea-key-wrap is not supported with "
>> + "this QEMU binary"));
>> + goto error;
>> + }
>> + param += strlen("dea-key-wrap=");
>> + def->keywrap.dea = virTristateSwitchTypeFromString(param);
>> + if (def->keywrap.dea < 0)
>> + def->keywrap.dea = VIR_TRISTATE_SWITCH_ABSENT;
>> }
>> }
>> virStringFreeList(list);
>> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
>> index 2478ad7..7d2f977 100644
>> --- a/src/qemu/qemu_domain.c
>> +++ b/src/qemu/qemu_domain.c
>> @@ -899,11 +899,41 @@ virDomainXMLNamespace virQEMUDriverDomainXMLNamespace = {
>> };
>>
>>
>> +static bool
>> +qemuDomainKeyWrapCapsGet(virQEMUDriverPtr driver, virDomainDefPtr def,
>> + virQEMUCapsFlags flag)
>> +{
>> + virQEMUCapsPtr qemuCaps = NULL;
>> +
>> + if (driver->qemuCapsCache && def->emulator)
>> + qemuCaps = virQEMUCapsCacheLookup(driver->qemuCapsCache, def->emulator);
>> +
>> + return virQEMUCapsGet(qemuCaps, flag);
>> +}
>> +
>> +static int
>> +qemuDomainKeyWrapSetDefaults(virQEMUDriverPtr driver, virDomainDefPtr def)
>> +{
>> + if (def->keywrap.aes == VIR_TRISTATE_SWITCH_ABSENT) {
>> + if (qemuDomainKeyWrapCapsGet(driver, def, QEMU_CAPS_AES_KEY_WRAP))
>> + def->keywrap.aes = VIR_DOMAIN_AES_KEY_WRAP_DEFAULT;
>> + }
>> +
>> + if (def->keywrap.dea == VIR_TRISTATE_SWITCH_ABSENT) {
>> + if (qemuDomainKeyWrapCapsGet(driver, def, QEMU_CAPS_DEA_KEY_WRAP))
>> + def->keywrap.dea = VIR_DOMAIN_DEA_KEY_WRAP_DEFAULT;
>> + }
> Why are we setting this ON by default? I guess we should leave it for
> users to decide. Even if it is a performance gain.
This mimics the s390 hardware management console which enables key
wrapping for an LPAR by default.
>
>> +
>> + return 0;
>> +}
>> +
>> +
> Michal
>
More information about the libvir-list
mailing list