[libvirt PATCH 5/5] tests: add launch-security-sev test with latest capabilities

Pavel Hrdina phrdina at redhat.com
Fri Jun 11 13:24:13 UTC 2021 

QEMU 6.0.0 introduced `confidential-guest-support` -machine option as
a replacement for `memory-encryption`. In order to test it use latest
capabilities as well.

Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
---
 .../launch-security-sev.x86_64-latest.args    | 36 +++++++++++++++++++
 tests/qemuxml2argvtest.c                      |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 tests/qemuxml2argvdata/launch-security-sev.x86_64-latest.args

diff --git a/tests/qemuxml2argvdata/launch-security-sev.x86_64-latest.args b/tests/qemuxml2argvdata/launch-security-sev.x86_64-latest.args
new file mode 100644
index 0000000000..189e6956dd
--- /dev/null
+++ b/tests/qemuxml2argvdata/launch-security-sev.x86_64-latest.args
@@ -0,0 +1,36 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/tmp/lib/domain--1-QEMUGuest1 \
+USER=test \
+LOGNAME=test \
+XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
+/usr/bin/qemu-system-x86_64 \
+-name guest=QEMUGuest1,debug-threads=on \
+-S \
+-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/tmp/lib/domain--1-QEMUGuest1/master-key.aes"}' \
+-machine pc-i440fx-2.12,accel=kvm,usb=off,dump-guest-core=off,confidential-guest-support=sev0,memory-backend=pc.ram \
+-cpu qemu64 \
+-m 214 \
+-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \
+-overcommit mem-lock=off \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \
+-mon chardev=charmonitor,id=monitor,mode=control \
+-rtc base=utc \
+-no-shutdown \
+-no-acpi \
+-boot strict=on \
+-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
+-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}' \
+-blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw","file":"libvirt-1-storage"}' \
+-device ide-hd,bus=ide.0,unit=0,drive=libvirt-1-format,id=ide0-0-0,bootindex=1 \
+-audiodev id=audio1,driver=none \
+-object '{"qom-type":"sev-guest","id":"sev0","cbitpos":47,"reduced-phys-bits":1,"policy":1,"dh-cert-file":"/tmp/lib/domain--1-QEMUGuest1/dh_cert.base64","session-file":"/tmp/lib/domain--1-QEMUGuest1/session.base64"}' \
+-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
+-msg timestamp=on
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index a886ba4b0a..ee86738973 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -3489,6 +3489,7 @@ mymain(void)
     DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw-auto", "s390x");
     DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw-iommu", "s390x");
 
+    DO_TEST_CAPS_LATEST("launch-security-sev");
     DO_TEST_CAPS_VER("launch-security-sev", "2.12.0");
     DO_TEST_CAPS_VER("launch-security-sev-missing-platform-info", "2.12.0");
 
-- 
2.31.1

More information about the libvir-list mailing list