[libvirt PATCH 2/3] qemu: process: sev: Fill missing 'cbitpos' & 'reducedPhysBits' from caps

Daniel Henrique Barboza danielhb413 at gmail.com
Wed Oct 14 21:43:13 UTC 2020 


On 10/9/20 11:13 AM, Erik Skultety wrote:
> These XML attributes have been mandatory since the introduction of SEV
> support to libvirt. This design decision was based on QEMU's
> requirement for these to be mandatory for migration purposes, as
> differences in these values across platforms must result in the
> pre-migration checks failing (not that migration with SEV works at the
> time of this patch).
> 
> This patch enables autofill of these attributes right before launching
> QEMU and thus updating the live XML.
> 
> Signed-off-by: Erik Skultety <eskultet at redhat.com>
> ---
>   src/conf/domain_conf.h  |  2 ++
>   src/qemu/qemu_process.c | 40 ++++++++++++++++++++++++++++++++++++++++
>   2 files changed, 42 insertions(+)
> 
> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index 450686dfb5..344bb64081 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -2490,7 +2490,9 @@ struct _virDomainSEVDef {
>       char *dh_cert;
>       char *session;
>       unsigned int policy;
> +    bool haveCbitpos;
>       unsigned int cbitpos;
> +    bool haveReducedPhysBits;
>       unsigned int reduced_phys_bits;
>   };
>   
> diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
> index 2cc1d58266..35af0d11cd 100644
> --- a/src/qemu/qemu_process.c
> +++ b/src/qemu/qemu_process.c
> @@ -6233,6 +6233,40 @@ qemuProcessPrepareAllowReboot(virDomainObjPtr vm)
>   }
>   
>   
> +static int
> +qemuProcessUpdateSEVInfo(virDomainObjPtr vm)
> +{
> +    qemuDomainObjPrivatePtr priv = vm->privateData;
> +    virQEMUCapsPtr qemuCaps = priv->qemuCaps;
> +    virDomainSEVDefPtr sev = vm->def->sev;
> +    virSEVCapabilityPtr sevCaps = NULL;
> +
> +    if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) {
> +        virReportError(VIR_ERR_INTERNAL_ERROR,
> +                        _("Domain %s asked for 'sev' launch but this "
> +                          "QEMU does not support SEV feature"), vm->def->name);
> +        return -1;
> +    }
> +


I suggest to move this validation to qemu_validate.c, e.g.:



diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index e651668d21..a8b319892b 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -6241,13 +6241,6 @@ qemuProcessUpdateSEVInfo(virDomainObjPtr vm)
      virDomainSEVDefPtr sev = vm->def->sev;
      virSEVCapabilityPtr sevCaps = NULL;
  
-    if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) {
-        virReportError(VIR_ERR_INTERNAL_ERROR,
-                        _("Domain %s asked for 'sev' launch but this "
-                          "QEMU does not support SEV feature"), vm->def->name);
-        return -1;
-    }
-
      /* if platform specific info like 'cbitpos' and 'reducedPhysBits' have
       * not been supplied, we need to autofill them from caps now as both are
       * mandatory on QEMU cmdline
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index bc3043bb3f..964ff776fc 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -1034,6 +1034,14 @@ qemuValidateDomainDef(const virDomainDef *def,
              return -1;
      }
  
+    if (def->sev &&
+        !virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                        _("Domain %s asked for 'sev' launch but this "
+                          "QEMU does not support SEV feature"), def->name);
+        return -1;
+    }
+
      return 0;
  }
  

Thanks,


DHB


> +    /* if platform specific info like 'cbitpos' and 'reducedPhysBits' have
> +     * not been supplied, we need to autofill them from caps now as both are
> +     * mandatory on QEMU cmdline
> +     */
> +    sevCaps = virQEMUCapsGetSEVCapabilities(qemuCaps);
> +    if (!sev->haveCbitpos) {
> +        sev->cbitpos = sevCaps->cbitpos;
> +        sev->haveCbitpos = true;
> +    }
> +
> +    if (!sev->haveReducedPhysBits) {
> +        sev->reduced_phys_bits = sevCaps->reduced_phys_bits;
> +        sev->haveReducedPhysBits = true;
> +    }
> +
> +    return 0;
> +}
> +
> +
>   /**
>    * qemuProcessPrepareDomain:
>    * @driver: qemu driver
> @@ -6361,6 +6395,12 @@ qemuProcessPrepareDomain(virQEMUDriverPtr driver,
>       for (i = 0; i < vm->def->nshmems; i++)
>           qemuDomainPrepareShmemChardev(vm->def->shmems[i]);
>   
> +    if (vm->def->sev) {
> +        VIR_DEBUG("Updating SEV platform info");
> +        if (qemuProcessUpdateSEVInfo(vm) < 0)
> +            return -1;
> +    }
> +
>       return 0;
>   }
>   
>

More information about the libvir-list mailing list