[libvirt PATCH v3 13/13] qemu: format sev-guest.kernel-hashes property

Peter Krempa pkrempa at redhat.com
Tue Dec 14 11:08:37 UTC 2021 

On Fri, Dec 10, 2021 at 16:47:13 +0000, Daniel P. Berrangé wrote:
> Set the kernel-hashes property on the sev-guest object if
> the config asked for it explicitly. While QEMU machine
> types currently default to having this setting off, it
> is not guaranteed to remain this way.
> 
> Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
> ---
>  src/qemu/qemu_command.c                       |  1 +
>  src/qemu/qemu_validate.c                      |  7 ++++
>  ...unch-security-sev-direct.x86_64-6.2.0.args | 40 +++++++++++++++++++
>  .../launch-security-sev-direct.xml            | 39 ++++++++++++++++++
>  tests/qemuxml2argvtest.c                      |  1 +
>  5 files changed, 88 insertions(+)
>  create mode 100644 tests/qemuxml2argvdata/launch-security-sev-direct.x86_64-6.2.0.args
>  create mode 100644 tests/qemuxml2argvdata/launch-security-sev-direct.xml
> 
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index 613f7a5d2a..dfbf4973f5 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -9894,6 +9894,7 @@ qemuBuildSEVCommandLine(virDomainObj *vm, virCommand *cmd,
>                                       "u:policy", sev->policy,
>                                       "S:dh-cert-file", dhpath,
>                                       "S:session-file", sessionpath,
> +                                     "T:kernel-hashes", sev->kernel_hashes,

Since this is an '-object' ...

>                                       NULL) < 0)
>          return -1;
>  
> diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
> index 29b01495ad..c0dc1f7b53 100644
> --- a/src/qemu/qemu_validate.c
> +++ b/src/qemu/qemu_validate.c
> @@ -1200,6 +1200,13 @@ qemuValidateDomainDef(const virDomainDef *def,
>                                   "this QEMU binary"));
>                  return -1;
>              }
> +
> +            if (def->sec->data.sev.kernel_hashes == VIR_TRISTATE_BOOL_YES &&
> +                !virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST_KERNEL_HASHES)) {

... and this flag means that the 'sev-guest' actually has the
'kernel-hashes' property, the above check should be

if (def->sec->data.sev.kernel_hashes != VIR_TRISTATE_BOOL_ABSENT && ...


as an explicit disable will also cause a qemu error when the property is
not defined inside sev-guest.

Other option is to use 'B:kernel-hashes' above and extract the value of
sev->kernel_hashes into a temporary bool initialized to false via
virTristateBoolToBool which preserves the default. In such case it will
be always omitted when not enabled.



Reviewed-by: Peter Krempa <pkrempa at redhat.com>

More information about the libvir-list mailing list