On 04/02/2018 10:18 AM, Brijesh Singh wrote:
> QEMU version >= 2.12 provides support for launching an encrypted VMs on
> AMD x86 platform using Secure Encrypted Virtualization (SEV) feature.
> This patch adds support to query the SEV capability from the qemu.
>
> Reviewed-by: "Daniel P. Berrangé" <berrange@xxxxxxxxxx>
> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
> ---
> src/conf/domain_capabilities.h | 13 ++++
> src/qemu/qemu_capabilities.c | 38 +++++++++++
> src/qemu/qemu_capabilities.h | 1 +
> src/qemu/qemu_capspriv.h | 4 ++
> src/qemu/qemu_monitor.c | 9 +++
> src/qemu/qemu_monitor.h | 3 +
> src/qemu/qemu_monitor_json.c | 73 ++++++++++++++++++++++
> src/qemu/qemu_monitor_json.h | 3 +
> .../caps_2.12.0.x86_64.replies | 10 +++
> tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 3 +-
> 10 files changed, 156 insertions(+), 1 deletion(-)
>
Should have noted the first time - should have 2 blank lines around new
methods...
e.g.:
> diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
> index e54dde6..0f6e6fb 100644
> --- a/src/qemu/qemu_capabilities.c
> +++ b/src/qemu/qemu_capabilities.c
> @@ -466,6 +466,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
> /* 285 */
> "virtio-mouse-ccw",
> "virtio-tablet-ccw",
> + "sev-guest",
> );
>
>
> @@ -532,6 +533,8 @@ struct _virQEMUCaps {
> size_t ngicCapabilities;
> virGICCapability *gicCapabilities;
>
> + virSEVCapability *sevCapabilities;
> +
> virQEMUCapsHostCPUData kvmCPU;
> virQEMUCapsHostCPUData tcgCPU;
> };
> @@ -1705,6 +1708,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] = {
> { "virtio-keyboard-ccw", QEMU_CAPS_DEVICE_VIRTIO_KEYBOARD_CCW },
> { "virtio-mouse-ccw", QEMU_CAPS_DEVICE_VIRTIO_MOUSE_CCW },
> { "virtio-tablet-ccw", QEMU_CAPS_DEVICE_VIRTIO_TABLET_CCW },
> + { "sev-guest", QEMU_CAPS_SEV_GUEST },
> };
>
> static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBalloon[] = {
> @@ -2784,6 +2788,21 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps,
> qemuCaps->ngicCapabilities = ncapabilities;
> }
>
Extra blank line here...
> +void
> +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps,
> + virSEVCapability *capabilities)
> +{
> + virSEVCapability *cap = qemuCaps->sevCapabilities;
> +
> + if (cap) {
> + VIR_FREE(cap->pdh);
> + VIR_FREE(cap->cert_chain);
> + }
> +
> + VIR_FREE(qemuCaps->sevCapabilities);
> +
> + qemuCaps->sevCapabilities = capabilities;
> +}
and here
>
> static int
> virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps,
> @@ -3287,6 +3306,19 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr qemuCaps,
> return 0;
> }
>
and here
> +static int
> +virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps,
> + qemuMonitorPtr mon)
> +{
> + virSEVCapability *caps = NULL;
> +
> + if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0)
> + return -1;
> +
> + virQEMUCapsSetSEVCapabilities(qemuCaps, caps);
> +
> + return 0;
> +}
and here
>
> bool
> virQEMUCapsCPUFilterFeatures(const char *name,
[...]
John
(I would normally fix it for you; however, I have more questions and
comments as I've gone on, so if a v6 will be needed, then you'd need to
fix. I may be able to alter for you depending on some decisions in the
middle patches).
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
