[libvirt][PATCH v7 1/5] conf: Introduce SGX EPC element into device memory xml
Daniel P. Berrangé
berrange at redhat.com
Tue Sep 28 13:56:14 UTC 2021
On Wed, Sep 08, 2021 at 09:15:54AM +0800, Haibin Huang wrote:
> From: Lin Yang <lin.a.yang at intel.com>
>
> <devices>
> ...
> <memory model='sgx-epc'>
> <target>
> <size unit='KiB'>512</size>
> </target>
> </memory>
> ...
> </devices>
> ---
> docs/schemas/domaincommon.rng | 1 +
> src/conf/domain_conf.c | 5 +++++
> src/conf/domain_conf.h | 1 +
> src/conf/domain_validate.c | 1 +
> src/qemu/qemu_alias.c | 3 +++
> src/qemu/qemu_command.c | 1 +
> src/qemu/qemu_domain.c | 1 +
> src/qemu/qemu_domain_address.c | 4 ++++
> src/qemu/qemu_process.c | 2 ++
> src/qemu/qemu_validate.c | 8 ++++++++
> src/security/security_apparmor.c | 1 +
> src/security/security_dac.c | 2 ++
> src/security/security_selinux.c | 2 ++
> 13 files changed, 32 insertions(+)
> diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
> index e5c4e3af26..545af727f7 100644
> --- a/src/qemu/qemu_validate.c
> +++ b/src/qemu/qemu_validate.c
> @@ -4929,6 +4929,14 @@ qemuValidateDomainDeviceDefMemory(virDomainMemoryDef *mem,
> }
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC)) {
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> + _("sgx epc isn't supported by this QEMU binary"));
> + return -1;
> + }
> + break;
This doesn't compile at thi point, becuase QEMU_CAPS_SGX_EPC is not
introduced until patch 4.
In this initial patch you need to just do an unconditional error
report
case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("sgx epc isn't supported by this QEMU binary"));
return -1;
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
> index 84363015dc..46fbadb97a 100644
> --- a/src/security/security_apparmor.c
> +++ b/src/security/security_apparmor.c
> @@ -693,6 +693,7 @@ AppArmorSetMemoryLabel(virSecurityManager *mgr,
> return reload_profile(mgr, def, mem->nvdimmPath, true);
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> }
> diff --git a/src/security/security_dac.c b/src/security/security_dac.c
> index 04b9ecf028..64b6fabb7d 100644
> --- a/src/security/security_dac.c
> +++ b/src/security/security_dac.c
> @@ -1849,6 +1849,7 @@ virSecurityDACRestoreMemoryLabel(virSecurityManager *mgr,
> break;
>
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> ret = 0;
> @@ -2033,6 +2034,7 @@ virSecurityDACSetMemoryLabel(virSecurityManager *mgr,
> break;
>
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> ret = 0;
> diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
> index 0e5ea0366d..0034ad4495 100644
> --- a/src/security/security_selinux.c
> +++ b/src/security/security_selinux.c
> @@ -1582,6 +1582,7 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManager *mgr,
>
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> }
> @@ -1609,6 +1610,7 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityManager *mgr,
> break;
>
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> ret = 0;
> --
> 2.17.1
>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list