[libvirt] [PATCH v5 01/10] qemu: provide support to query the SEV capability

Mon Apr 2 17:31:16 UTC 2018

On 04/02/2018 10:18 AM, Brijesh Singh wrote:
> QEMU version >= 2.12 provides support for launching an encrypted VMs on
> AMD x86 platform using Secure Encrypted Virtualization (SEV) feature.
> This patch adds support to query the SEV capability from the qemu.
> 
> Reviewed-by: "Daniel P. Berrangé" <berrange at redhat.com>
> Signed-off-by: Brijesh Singh <brijesh.singh at amd.com>
> ---
>  src/conf/domain_capabilities.h                     | 13 ++++
>  src/qemu/qemu_capabilities.c                       | 38 +++++++++++
>  src/qemu/qemu_capabilities.h                       |  1 +
>  src/qemu/qemu_capspriv.h                           |  4 ++
>  src/qemu/qemu_monitor.c                            |  9 +++
>  src/qemu/qemu_monitor.h                            |  3 +
>  src/qemu/qemu_monitor_json.c                       | 73 ++++++++++++++++++++++
>  src/qemu/qemu_monitor_json.h                       |  3 +
>  .../caps_2.12.0.x86_64.replies                     | 10 +++
>  tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml  |  3 +-
>  10 files changed, 156 insertions(+), 1 deletion(-)
> 

Should have noted the first time - should have 2 blank lines around new
methods...

e.g.:

> diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
> index e54dde6..0f6e6fb 100644
> --- a/src/qemu/qemu_capabilities.c
> +++ b/src/qemu/qemu_capabilities.c
> @@ -466,6 +466,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
>                /* 285 */
>                "virtio-mouse-ccw",
>                "virtio-tablet-ccw",
> +              "sev-guest",
>      );
>  
>  
> @@ -532,6 +533,8 @@ struct _virQEMUCaps {
>      size_t ngicCapabilities;
>      virGICCapability *gicCapabilities;
>  
> +    virSEVCapability *sevCapabilities;
> +
>      virQEMUCapsHostCPUData kvmCPU;
>      virQEMUCapsHostCPUData tcgCPU;
>  };
> @@ -1705,6 +1708,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] = {
>      { "virtio-keyboard-ccw", QEMU_CAPS_DEVICE_VIRTIO_KEYBOARD_CCW },
>      { "virtio-mouse-ccw", QEMU_CAPS_DEVICE_VIRTIO_MOUSE_CCW },
>      { "virtio-tablet-ccw", QEMU_CAPS_DEVICE_VIRTIO_TABLET_CCW },
> +    { "sev-guest", QEMU_CAPS_SEV_GUEST },
>  };
>  
>  static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBalloon[] = {
> @@ -2784,6 +2788,21 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps,
>      qemuCaps->ngicCapabilities = ncapabilities;
>  }
>  

Extra blank line here...

> +void
> +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps,
> +                              virSEVCapability *capabilities)
> +{
> +    virSEVCapability *cap = qemuCaps->sevCapabilities;
> +
> +    if (cap) {
> +        VIR_FREE(cap->pdh);
> +        VIR_FREE(cap->cert_chain);
> +    }
> +
> +    VIR_FREE(qemuCaps->sevCapabilities);
> +
> +    qemuCaps->sevCapabilities = capabilities;
> +}

and here

>  
>  static int
>  virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps,
> @@ -3287,6 +3306,19 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr qemuCaps,
>      return 0;
>  }
>  

and here

> +static int
> +virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps,
> +                                   qemuMonitorPtr mon)
> +{
> +    virSEVCapability *caps = NULL;
> +
> +    if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0)
> +        return -1;
> +
> +    virQEMUCapsSetSEVCapabilities(qemuCaps, caps);
> +
> +    return 0;
> +}

and here

>  
>  bool
>  virQEMUCapsCPUFilterFeatures(const char *name,

[...]

John

(I would normally fix it for you; however, I have more questions and
comments as I've gone on, so if a v6 will be needed, then you'd need to
fix. I may be able to alter for you depending on some decisions in the
middle patches).