[RFC PATCH v2 3/8] conf: expose TDX feature in domain capabilities

Fri Jul 16 03:10:31 UTC 2021

Extend qemu TDX capability to domain capabilities.

Signed-off-by: Chenyi Qiang <chenyi.qiang at intel.com>
Signed-off-by: Zhenzhong Duan <zhenzhong.duan at intel.com>
---
 docs/formatdomaincaps.html.in  | 17 +++++++++++++++++
 docs/schemas/domaincaps.rng    |  9 +++++++++
 src/conf/domain_capabilities.c |  1 +
 src/conf/domain_capabilities.h |  1 +
 src/qemu/qemu_capabilities.c   | 16 ++++++++++++++++
 5 files changed, 44 insertions(+)

diff --git a/docs/formatdomaincaps.html.in b/docs/formatdomaincaps.html.in
index 62f1940e6a..3f057af515 100644
--- a/docs/formatdomaincaps.html.in
+++ b/docs/formatdomaincaps.html.in
@@ -570,6 +570,7 @@
       <cbitpos>47</cbitpos>
       <reduced-phys-bits>1</reduced-phys-bits>
     </sev>
+    <tdx supported='yes'/>
   </features>
 </domainCapabilities>
 </pre>
@@ -635,6 +636,22 @@
       a look at <a href="formatdomain.html#launchSecurity">SEV in domain XML</a>
     </p>
 
+    <h4><a id="featureTDX">TDX capabilities</a></h4>
+
+    <p>Trust Domain Extensions(TDX) capabilities are exposed under the
+    <code>tdx</code> element.
+    TDX is an Intel technology that extends Virtual Machines Extensions (VMX)
+    to with a new kind of virtual machine guest called Trust Domain (TD). A TD
+    runs in a CPU model which protects the confidentiality of its memory contents
+    and its CPU state from any other software, including the hosting Virtual Machine
+    Monitor (VMM), unless explicitly shared by the TD itself.</p>
+
+    <p>
+      For more details on the TDX feature, please follow resources in the
+      Intel developer's document. In order to use TDX with libvirt have
+      a look at <a href="formatdomain.html#launchSecurity">TDX in domain XML</a>
+    </p>
+
     <dl>
       <dt><code>cbitpos</code></dt>
       <dd>When memory encryption is enabled, one of the physical address bits
diff --git a/docs/schemas/domaincaps.rng b/docs/schemas/domaincaps.rng
index d7ee60dd16..60001b3c43 100644
--- a/docs/schemas/domaincaps.rng
+++ b/docs/schemas/domaincaps.rng
@@ -253,6 +253,9 @@
       <optional>
         <ref name="sev"/>
       </optional>
+      <optional>
+        <ref name="tdx"/>
+      </optional>
     </element>
   </define>
 
@@ -307,6 +310,12 @@
     </element>
   </define>
 
+  <define name="tdx">
+    <element name="tdx">
+      <ref name="supported"/>
+    </element>
+  </define>
+
   <define name="value">
     <zeroOrMore>
       <element name="value">
diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c
index 83d3320980..2380eacde9 100644
--- a/src/conf/domain_capabilities.c
+++ b/src/conf/domain_capabilities.c
@@ -43,6 +43,7 @@ VIR_ENUM_IMPL(virDomainCapsFeature,
               "backingStoreInput",
               "backup",
               "s390-pv",
+              "tdx",
 );
 
 static virClass *virDomainCapsClass;
diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h
index 34b9b8a693..cd3f5be472 100644
--- a/src/conf/domain_capabilities.h
+++ b/src/conf/domain_capabilities.h
@@ -180,6 +180,7 @@ typedef enum {
     VIR_DOMAIN_CAPS_FEATURE_BACKING_STORE_INPUT,
     VIR_DOMAIN_CAPS_FEATURE_BACKUP,
     VIR_DOMAIN_CAPS_FEATURE_S390_PV,
+    VIR_DOMAIN_CAPS_FEATURE_TDX,
 
     VIR_DOMAIN_CAPS_FEATURE_LAST
 } virDomainCapsFeature;
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 6a29ec607a..e9906a2f32 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -6351,6 +6351,21 @@ virQEMUCapsFillDomainFeatureS390PVCaps(virQEMUCaps *qemuCaps,
 }
 
 
+static void
+virQEMUCapsFillDomainFeatureTDXCaps(virQEMUCaps *qemuCaps,
+                                    virDomainCaps *domCaps)
+{
+    if (ARCH_IS_X86(qemuCaps->arch)) {
+        if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_SUPPORT) &&
+            virQEMUCapsGet(qemuCaps, QEMU_CAPS_TDX_GUEST) &&
+            virQEMUCapsGetKVMSupportsSecureGuest(qemuCaps))
+            domCaps->features[VIR_DOMAIN_CAPS_FEATURE_TDX] = VIR_TRISTATE_BOOL_YES;
+        else
+            domCaps->features[VIR_DOMAIN_CAPS_FEATURE_TDX] = VIR_TRISTATE_BOOL_NO;
+    }
+}
+
+
 int
 virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps,
                           virArch hostarch,
@@ -6398,6 +6413,7 @@ virQEMUCapsFillDomainCaps(virQEMUCaps *qemuCaps,
     virQEMUCapsFillDomainFeatureGICCaps(qemuCaps, domCaps);
     virQEMUCapsFillDomainFeatureSEVCaps(qemuCaps, domCaps);
     virQEMUCapsFillDomainFeatureS390PVCaps(qemuCaps, domCaps);
+    virQEMUCapsFillDomainFeatureTDXCaps(qemuCaps, domCaps);
 
     return 0;
 }
-- 
2.25.1


