[libvirt][PATCH v13 5/6] conf: Introduce SGX EPC element into device memory xml
Michal Prívozník
mprivozn at redhat.com
Wed Jul 20 11:26:44 UTC 2022
On 7/1/22 21:14, Lin Yang wrote:
> With NUMA config:
>
> <devices>
> ...
> <memory model='sgx-epc'>
> <source>
> <nodemask>0-1</nodemask>
> </source>
> <target>
> <size unit='KiB'>512</size>
> <node>0</node>
> </target>
> </memory>
> ...
> </devices>
>
> Without NUMA config:
>
> <devices>
> ...
> <memory model='sgx-epc'>
> <target>
> <size unit='KiB'>512</size>
> </target>
> </memory>
> ...
> </devices>
>
> Signed-off-by: Lin Yang <lin.a.yang at intel.com>
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
> docs/formatdomain.rst | 27 +++++++-
> src/conf/domain_conf.c | 27 ++++++++
> src/conf/domain_conf.h | 1 +
> src/conf/domain_validate.c | 9 +++
> src/conf/schemas/domaincommon.rng | 1 +
> src/qemu/qemu_alias.c | 3 +
> src/qemu/qemu_command.c | 1 +
> src/qemu/qemu_domain.c | 48 ++++++++++----
> src/qemu/qemu_domain_address.c | 6 ++
> src/qemu/qemu_driver.c | 1 +
> src/qemu/qemu_process.c | 2 +
> src/qemu/qemu_validate.c | 8 +++
> src/security/security_apparmor.c | 1 +
> src/security/security_dac.c | 2 +
> src/security/security_selinux.c | 2 +
> tests/qemuxml2argvdata/sgx-epc-numa.xml | 50 +++++++++++++++
> tests/qemuxml2argvdata/sgx-epc.xml | 36 +++++++++++
> .../sgx-epc-numa.x86_64-latest.xml | 64 +++++++++++++++++++
> .../sgx-epc.x86_64-6.2.0.xml | 52 +++++++++++++++
> tests/qemuxml2xmltest.c | 3 +
> 20 files changed, 329 insertions(+), 15 deletions(-)
> create mode 100644 tests/qemuxml2argvdata/sgx-epc-numa.xml
> create mode 100644 tests/qemuxml2argvdata/sgx-epc.xml
> create mode 100644 tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml
> create mode 100644 tests/qemuxml2xmloutdata/sgx-epc.x86_64-6.2.0.xml
>
> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
> index 62a94890f0..b95c930d73 100644
> --- a/docs/formatdomain.rst
> +++ b/docs/formatdomain.rst
> @@ -7910,6 +7910,20 @@ Example: usage of the memory devices
> <current unit='KiB'>524288</current>
> </target>
> </memory>
> + <memory model='sgx-epc'>
> + <source>
> + <nodemask>0-1</nodemask>
> + </source>
> + <target>
> + <size unit='KiB'>16384</size>
> + <node>0</node>
> + </target>
> + </memory>
> + <memory model='sgx-epc'>
> + <target>
> + <size unit='KiB'>16384</size>
> + </target>
> + </memory>
> </devices>
> ...
>
> @@ -7918,7 +7932,9 @@ Example: usage of the memory devices
> 1.2.14` Provide ``nvdimm`` model that adds a Non-Volatile DIMM module.
> :since:`Since 3.2.0` Provide ``virtio-pmem`` model to add a paravirtualized
> persistent memory device. :since:`Since 7.1.0` Provide ``virtio-mem`` model
> - to add paravirtualized memory device. :since:`Since 7.9.0`
> + to add paravirtualized memory device. :since:`Since 7.9.0` Provide
> + ``sgx-epc`` model to add a SGX enclave page cache (EPC) memory to the guest.
> + :since:`Since 8.6.0 and QEMU 6.2.0`
>
> ``access``
> An optional attribute ``access`` ( :since:`since 3.2.0` ) that provides
> @@ -7978,6 +7994,13 @@ Example: usage of the memory devices
> Represents a path in the host that backs the virtio memory module in the
> guest. It is mandatory.
>
> + For model ``sgx-epc`` this element is optional. The following optional
> + elements may be used:
> +
> + ``nodemask``
> + This element can be used to override the default set of NUMA nodes where
> + the memory would be allocated. :since:`Since 8.6.0 and QEMU 7.0.0`
> +
> ``target``
> The mandatory ``target`` element configures the placement and sizing of the
> added memory from the perspective of the guest.
> @@ -7988,6 +8011,8 @@ Example: usage of the memory devices
>
> The ``node`` subelement configures the guest NUMA node to attach the memory
> to. The element shall be used only if the guest has NUMA nodes configured.
> + For model ``sgx-epc`` this element is optional.
This looks redudnand. The sentence right before suggests that the
element is optional.
> It will be set to 0 as
> + default. :since:`Since 8.6.0 and QEMU 7.0.0`
This is a bit misleading as we don't report this back in the domain XML.
If you really want to document the default then say it's hypervisor
dependant. But I'd just leave these two sentences out.
>
> The following optional elements may be used:
>
> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> index 709ca53790..f8b67eb375 100644
> --- a/src/conf/domain_conf.c
> +++ b/src/conf/domain_conf.c
> @@ -1431,6 +1431,7 @@ VIR_ENUM_IMPL(virDomainMemoryModel,
> "nvdimm",
> "virtio-pmem",
> "virtio-mem",
> + "sgx-epc",
> );
>
> VIR_ENUM_IMPL(virDomainShmemModel,
> @@ -5680,6 +5681,7 @@ virDomainMemoryDefPostParse(virDomainMemoryDef *mem,
>
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -14697,6 +14699,20 @@ virDomainMemorySourceDefParseXML(xmlNodePtr node,
> def->nvdimmPath = virXPathString("string(./path)", ctxt);
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + if ((nodemask = virXPathString("string(./nodemask)", ctxt))) {
> + if (virBitmapParse(nodemask, &def->sourceNodes,
> + VIR_DOMAIN_CPUMASK_LEN) < 0)
> + return -1;
> +
> + if (virBitmapIsAllClear(def->sourceNodes)) {
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
> + _("Invalid value of 'nodemask': %s"), nodemask);
> + return -1;
> + }
> + }
> + break;
> +
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -14765,6 +14781,7 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> }
> @@ -16561,6 +16578,7 @@ virDomainMemoryFindByDefInternal(virDomainDef *def,
> continue;
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -26153,6 +26171,15 @@ virDomainMemorySourceDefFormat(virBuffer *buf,
> virBufferEscapeString(&childBuf, "<path>%s</path>\n", def->nvdimmPath);
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + if (def->sourceNodes) {
> + if (!(bitmap = virBitmapFormat(def->sourceNodes)))
> + return -1;
> +
> + virBufferAsprintf(&childBuf, "<nodemask>%s</nodemask>\n", bitmap);
> + }
> + break;
> +
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index 4c8c42b7eb..a15798463c 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -2559,6 +2559,7 @@ typedef enum {
> VIR_DOMAIN_MEMORY_MODEL_NVDIMM, /* nvdimm memory device */
> VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM, /* virtio-pmem memory device */
> VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM, /* virtio-mem memory device */
> + VIR_DOMAIN_MEMORY_MODEL_SGX_EPC, /* SGX enclave page cache */
>
> VIR_DOMAIN_MEMORY_MODEL_LAST
> } virDomainMemoryModel;
> diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
> index 28b0481d4e..c8f03cb844 100644
> --- a/src/conf/domain_validate.c
> +++ b/src/conf/domain_validate.c
> @@ -2231,6 +2231,15 @@ virDomainMemoryDefValidate(const virDomainMemoryDef *mem,
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + if (mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
> + _("memory device address is not supported for model '%s'"),
> + virDomainMemoryModelTypeToString(mem->model));
> + return -1;
> + }
> + break;
> +
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> default:
> diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincommon.rng
> index da2fb0d5cb..c6377b2e90 100644
> --- a/src/conf/schemas/domaincommon.rng
> +++ b/src/conf/schemas/domaincommon.rng
> @@ -6833,6 +6833,7 @@
> <value>nvdimm</value>
> <value>virtio-pmem</value>
> <value>virtio-mem</value>
> + <value>sgx-epc</value>
> </choice>
> </attribute>
> <optional>
> diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
> index 7efd91051e..5ebeb82f92 100644
> --- a/src/qemu/qemu_alias.c
> +++ b/src/qemu/qemu_alias.c
> @@ -515,6 +515,9 @@ qemuAssignDeviceMemoryAlias(virDomainDef *def,
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> prefix = "virtiomem";
> break;
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + prefix = "epc";
> + break;
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> default:
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index b307d3139c..7ca183ded7 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -4010,6 +4010,7 @@ qemuBuildMemoryDeviceProps(virQEMUDriverConfig *cfg,
> return NULL;
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> default:
> diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
> index 60ed358871..fc64a5ca9c 100644
> --- a/src/qemu/qemu_domain.c
> +++ b/src/qemu/qemu_domain.c
> @@ -8448,6 +8448,7 @@ qemuDomainUpdateMemoryDeviceInfo(virQEMUDriver *driver,
> break;
>
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -9129,6 +9130,12 @@ qemuDomainDefValidateMemoryHotplugDevice(const virDomainMemoryDef *mem,
> }
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
> + _("hotplug is not supported for the %s device"),
> + virDomainMemoryModelTypeToString(mem->model));
> + return -1;
> +
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> return -1;
> @@ -9164,7 +9171,7 @@ int
> qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
> const virDomainMemoryDef *mem)
> {
> - unsigned int nmems = def->nmems;
> + unsigned int hotplugNum = 0;
> unsigned long long hotplugSpace;
> unsigned long long hotplugMemory = 0;
> size_t i;
> @@ -9172,15 +9179,37 @@ qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
> hotplugSpace = def->mem.max_memory - virDomainDefGetMemoryInitial(def);
>
> if (mem) {
> - nmems++;
> + hotplugNum++;
> hotplugMemory = mem->size;
>
> if (qemuDomainDefValidateMemoryHotplugDevice(mem, def) < 0)
> return -1;
> }
>
> + for (i = 0; i < def->nmems; i++) {
> + switch (def->mems[i]->model) {
> + case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
> + case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> + hotplugMemory += def->mems[i]->size;
> + hotplugNum++;
> + /* already existing devices don't need to be checked on hotplug */
> + if (!mem &&
> + qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def) < 0)
> + return -1;
> + break;
> +
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + /* sgx epc memory does not support hotplug */
> + case VIR_DOMAIN_MEMORY_MODEL_LAST:
> + case VIR_DOMAIN_MEMORY_MODEL_NONE:
> + break;
> + }
> + }
> +
> if (!virDomainDefHasMemoryHotplug(def)) {
> - if (nmems) {
> + if (hotplugNum) {
> virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> _("cannot use/hotplug a memory device when domain "
> "'maxMemory' is not defined"));
> @@ -9203,22 +9232,13 @@ qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
> }
> }
>
> - if (nmems > def->mem.memory_slots) {
> + if (hotplugNum > def->mem.memory_slots) {
> virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
> _("memory device count '%u' exceeds slots count '%u'"),
> - nmems, def->mem.memory_slots);
> + hotplugNum, def->mem.memory_slots);
> return -1;
> }
>
> - for (i = 0; i < def->nmems; i++) {
> - hotplugMemory += def->mems[i]->size;
> -
> - /* already existing devices don't need to be checked on hotplug */
> - if (!mem &&
> - qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def) < 0)
> - return -1;
> - }
> -
> if (hotplugMemory > hotplugSpace) {
> virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> _("memory device total size exceeds hotplug space"));
> diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
> index 753733d1b9..a111ae4d0c 100644
> --- a/src/qemu/qemu_domain_address.c
> +++ b/src/qemu/qemu_domain_address.c
> @@ -389,6 +389,7 @@ qemuDomainPrimeVirtioDeviceAddresses(virDomainDef *def,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> }
> @@ -1039,6 +1040,7 @@ qemuDomainDeviceCalculatePCIConnectFlags(virDomainDeviceDef *dev,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> return 0;
> }
> @@ -2421,6 +2423,7 @@ qemuDomainAssignDevicePCISlots(virDomainDef *def,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> }
> @@ -3081,6 +3084,7 @@ qemuDomainAssignMemoryDeviceSlot(virDomainObj *vm,
> return qemuDomainEnsurePCIAddress(vm, &dev);
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -3107,6 +3111,7 @@ qemuDomainReleaseMemoryDeviceSlot(virDomainObj *vm,
> qemuDomainReleaseDeviceAddress(vm, &mem->info);
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> @@ -3140,6 +3145,7 @@ qemuDomainAssignMemorySlots(virDomainDef *def)
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> /* handled in qemuDomainAssignPCIAddresses() */
> break;
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 3b5c3db67c..79a6c420c0 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -7156,6 +7156,7 @@ qemuDomainChangeMemoryLiveValidateChange(const virDomainMemoryDef *oldDef,
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
> _("cannot modify memory of model '%s'"),
> diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
> index 771a623ef7..b907387f21 100644
> --- a/src/qemu/qemu_process.c
> +++ b/src/qemu/qemu_process.c
> @@ -3935,6 +3935,7 @@ qemuProcessDomainMemoryDefNeedHugepagesPath(const virDomainMemoryDef *mem,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> /* None of these can be backed by hugepages. */
> return false;
> @@ -4009,6 +4010,7 @@ qemuProcessNeedMemoryBackingPath(virDomainDef *def,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> /* Backed by user provided path. Not stored in memory
> * backing dir anyway. */
> diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
> index 39210ba65b..fbbfedd095 100644
> --- a/src/qemu/qemu_validate.c
> +++ b/src/qemu/qemu_validate.c
> @@ -5173,6 +5173,14 @@ qemuValidateDomainDeviceDefMemory(virDomainMemoryDef *mem,
> }
> break;
>
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC)) {
> + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
> + _("sgx epc isn't supported by this QEMU binary"));
> + return -1;
> + }
> + break;
> +
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
> index 008384dee8..36e8ce42b5 100644
> --- a/src/security/security_apparmor.c
> +++ b/src/security/security_apparmor.c
> @@ -687,6 +687,7 @@ AppArmorSetMemoryLabel(virSecurityManager *mgr,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> }
> diff --git a/src/security/security_dac.c b/src/security/security_dac.c
> index 21cebae694..d94995c9cf 100644
> --- a/src/security/security_dac.c
> +++ b/src/security/security_dac.c
> @@ -1853,6 +1853,7 @@ virSecurityDACRestoreMemoryLabel(virSecurityManager *mgr,
>
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> ret = 0;
> @@ -2040,6 +2041,7 @@ virSecurityDACSetMemoryLabel(virSecurityManager *mgr,
>
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> ret = 0;
> diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
> index e2f34a27dc..6657663483 100644
> --- a/src/security/security_selinux.c
> +++ b/src/security/security_selinux.c
> @@ -1580,6 +1580,7 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManager *mgr,
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> break;
> }
> @@ -1608,6 +1609,7 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityManager *mgr,
>
> case VIR_DOMAIN_MEMORY_MODEL_DIMM:
> case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
> + case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
> case VIR_DOMAIN_MEMORY_MODEL_NONE:
> case VIR_DOMAIN_MEMORY_MODEL_LAST:
> ret = 0;
> diff --git a/tests/qemuxml2argvdata/sgx-epc-numa.xml b/tests/qemuxml2argvdata/sgx-epc-numa.xml
> new file mode 100644
> index 0000000000..f28b06dd79
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/sgx-epc-numa.xml
> @@ -0,0 +1,50 @@
> +<domain type='qemu'>
> + <name>QEMUGuest1</name>
> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
> + <memory unit='KiB'>219100</memory>
> + <currentMemory unit='KiB'>219100</currentMemory>
> + <vcpu placement='static'>2</vcpu>
> + <cpu>
> + <numa>
> + <cell id="0" cpus="0" memory="109550" unit="KiB"/>
> + <cell id="1" cpus="1" memory="109550" unit="KiB"/>
> + </numa>
> + </cpu>
> + <os>
> + <type arch='x86_64' machine='q35'>hvm</type>
> + <boot dev='hd'/>
> + </os>
> + <clock offset='utc'/>
> + <on_poweroff>destroy</on_poweroff>
> + <on_reboot>restart</on_reboot>
> + <on_crash>destroy</on_crash>
> + <devices>
> + <emulator>/usr/bin/qemu-system-x86_64</emulator>
> + <controller type='pci' index='0' model='pcie-root'/>
> + <controller type='usb' index='0' model='none'/>
> + <controller type='sata' index='0'>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
> + </controller>
> + <input type='mouse' bus='ps2'/>
> + <input type='keyboard' bus='ps2'/>
> + <audio id='1' type='none'/>
> + <memory model='sgx-epc'>
> + <source>
> + <nodemask>0-1</nodemask>
> + </source>
> + <target>
> + <size unit='MiB'>64</size>
> + <node>0</node>
> + </target>
> + </memory>
> + <memory model='sgx-epc'>
> + <source>
> + <nodemask>2-3</nodemask>
> + </source>
> + <target>
> + <size unit='MiB'>16</size>
> + <node>1</node>
> + </target>
> + </memory>
> + </devices>
> +</domain>
> diff --git a/tests/qemuxml2argvdata/sgx-epc.xml b/tests/qemuxml2argvdata/sgx-epc.xml
> new file mode 100644
> index 0000000000..65ae8ae296
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/sgx-epc.xml
> @@ -0,0 +1,36 @@
> +<domain type='qemu'>
> + <name>QEMUGuest1</name>
> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
> + <memory unit='KiB'>219100</memory>
> + <currentMemory unit='KiB'>219100</currentMemory>
> + <vcpu placement='static'>1</vcpu>
> + <os>
> + <type arch='x86_64' machine='q35'>hvm</type>
> + <boot dev='hd'/>
> + </os>
> + <clock offset='utc'/>
> + <on_poweroff>destroy</on_poweroff>
> + <on_reboot>restart</on_reboot>
> + <on_crash>destroy</on_crash>
> + <devices>
> + <emulator>/usr/bin/qemu-system-x86_64</emulator>
> + <controller type='pci' index='0' model='pcie-root'/>
> + <controller type='usb' index='0' model='none'/>
> + <controller type='sata' index='0'>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
> + </controller>
> + <input type='mouse' bus='ps2'/>
> + <input type='keyboard' bus='ps2'/>
> + <audio id='1' type='none'/>
> + <memory model='sgx-epc'>
> + <target>
> + <size unit='MiB'>64</size>
> + </target>
> + </memory>
> + <memory model='sgx-epc'>
> + <target>
> + <size unit='MiB'>16</size>
> + </target>
> + </memory>
> + </devices>
> +</domain>
> diff --git a/tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml b/tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml
> new file mode 100644
> index 0000000000..ceab82110c
> --- /dev/null
> +++ b/tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml
This, and the other xmloutdata file can be just a symlink to their
originals in xml2argvdata/ dirs.
Michal
More information about the libvir-list
mailing list