[PATCH v4 1/4] conf: Introduce SGX related element into domain xml

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: Lin Yang <lin.a.yang@xxxxxxxxx>

  <launchSecurity type='sgx'>
    <epc_size unit='KiB'>1024</epc_size>
  </launchSecurity>
---
 src/conf/domain_conf.c  | 106 +++++++++++++++++++++++++++++-----------
 src/conf/domain_conf.h  |  10 ++++
 src/conf/virconftypes.h |   3 ++
 3 files changed, 91 insertions(+), 28 deletions(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index ef67efa1da..4336dafd82 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1336,6 +1336,7 @@ VIR_ENUM_IMPL(virDomainLaunchSecurity,
               VIR_DOMAIN_LAUNCH_SECURITY_LAST,
               "",
               "sev",
+              "sgx",
 );
 
 static virClassPtr virDomainObjClass;
@@ -3409,6 +3410,16 @@ virDomainSEVDefFree(virDomainSEVDefPtr def)
 }
 
 
+static void
+virDomainSGXDefFree(virDomainSGXDefPtr def)
+{
+    if (!def)
+        return;
+
+    VIR_FREE(def);
+}
+
+
 void virDomainDefFree(virDomainDefPtr def)
 {
     size_t i;
@@ -3597,6 +3608,7 @@ void virDomainDefFree(virDomainDefPtr def)
         (def->ns.free)(def->namespaceData);
 
     virDomainSEVDefFree(def->sev);
+    virDomainSGXDefFree(def->sgx);
 
     xmlFreeNode(def->metadata);
 
@@ -16700,39 +16712,17 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node,
     return 0;
 }
 
-
 static virDomainSEVDefPtr
-virDomainSEVDefParseXML(xmlNodePtr sevNode,
-                        xmlXPathContextPtr ctxt)
+virDomainSEVDefParseXML(xmlXPathContextPtr ctxt)
 {
     VIR_XPATH_NODE_AUTORESTORE(ctxt);
     virDomainSEVDefPtr def;
     unsigned long policy;
-    g_autofree char *type = NULL;
 
     if (VIR_ALLOC(def) < 0)
         return NULL;
 
-    ctxt->node = sevNode;
-
-    if (!(type = virXMLPropString(sevNode, "type"))) {
-        virReportError(VIR_ERR_XML_ERROR, "%s",
-                       _("missing launch security type"));
-        goto error;
-    }
-
-    def->sectype = virDomainLaunchSecurityTypeFromString(type);
-    switch ((virDomainLaunchSecurity) def->sectype) {
-    case VIR_DOMAIN_LAUNCH_SECURITY_SEV:
-        break;
-    case VIR_DOMAIN_LAUNCH_SECURITY_NONE:
-    case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
-    default:
-        virReportError(VIR_ERR_XML_ERROR,
-                       _("unsupported launch security type '%s'"),
-                       type);
-        goto error;
-    }
+    def->sectype = VIR_DOMAIN_LAUNCH_SECURITY_SEV;
 
     if (virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos) < 0) {
         virReportError(VIR_ERR_XML_ERROR, "%s",
@@ -16764,6 +16754,63 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode,
     return NULL;
 }
 
+static virDomainSGXDefPtr
+virDomainSGXDefParseXML(xmlXPathContextPtr ctxt)
+{
+    VIR_XPATH_NODE_AUTORESTORE(ctxt);
+    virDomainSGXDefPtr def;
+
+    if (VIR_ALLOC(def) < 0)
+        return NULL;
+
+    def->sectype = VIR_DOMAIN_LAUNCH_SECURITY_SGX;
+
+    if (virDomainParseMemory("./epc_size", "./epc_size/@unit", ctxt,
+                             &def->epc_size, false, false) < 0)
+        goto error;
+
+    return def;
+
+ error:
+    virDomainSGXDefFree(def);
+    return NULL;
+}
+
+static int
+virDomainLaunchSecurityDefParseXML(xmlNodePtr launchSecurityNode,
+                                   xmlXPathContextPtr ctxt,
+                                   virDomainDefPtr def)
+{
+    VIR_XPATH_NODE_AUTORESTORE(ctxt);
+    g_autofree char *type = NULL;
+
+    ctxt->node = launchSecurityNode;
+
+    if (!(type = virXMLPropString(launchSecurityNode, "type"))) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("missing launch security type"));
+        return -1;
+    }
+
+    switch ((virDomainLaunchSecurity) virDomainLaunchSecurityTypeFromString(type)) {
+    case VIR_DOMAIN_LAUNCH_SECURITY_SEV:
+        def->sev = virDomainSEVDefParseXML(ctxt);
+        break;
+    case VIR_DOMAIN_LAUNCH_SECURITY_SGX:
+        def->sgx = virDomainSGXDefParseXML(ctxt);
+        break;
+    case VIR_DOMAIN_LAUNCH_SECURITY_NONE:
+    case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
+    default:
+        virReportError(VIR_ERR_XML_ERROR,
+                       _("unsupported launch security type '%s'"),
+                       type);
+        return -1;
+    }
+
+    return 0;
+}
+
 static virDomainMemoryDefPtr
 virDomainMemoryDefParseXML(virDomainXMLOptionPtr xmlopt,
                            xmlNodePtr memdevNode,
@@ -22227,12 +22274,15 @@ virDomainDefParseXML(xmlDocPtr xml,
     ctxt->node = node;
     VIR_FREE(nodes);
 
-    /* Check for SEV feature */
-    if ((node = virXPathNode("./launchSecurity", ctxt)) != NULL) {
-        def->sev = virDomainSEVDefParseXML(node, ctxt);
-        if (!def->sev)
+    /* analysis of launch security */
+    if ((n = virXPathNodeSet("./launchSecurity", ctxt, &nodes)) < 0)
+        goto error;
+
+    for (i = 0; i < n; i++) {
+        if (virDomainLaunchSecurityDefParseXML(nodes[i], ctxt, def) != 0)
             goto error;
     }
+    VIR_FREE(nodes);
 
     /* analysis of memory devices */
     if ((n = virXPathNodeSet("./devices/memory", ctxt, &nodes)) < 0)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 011bf66cb4..88adf461df 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2447,6 +2447,7 @@ struct _virDomainKeyWrapDef {
 typedef enum {
     VIR_DOMAIN_LAUNCH_SECURITY_NONE,
     VIR_DOMAIN_LAUNCH_SECURITY_SEV,
+    VIR_DOMAIN_LAUNCH_SECURITY_SGX,
 
     VIR_DOMAIN_LAUNCH_SECURITY_LAST,
 } virDomainLaunchSecurity;
@@ -2462,6 +2463,12 @@ struct _virDomainSEVDef {
 };
 
 
+struct _virDomainSGXDef {
+    int sectype; /* enum virDomainLaunchSecurity */
+    unsigned long long epc_size; /* kibibytes */
+};
+
+
 typedef enum {
     VIR_DOMAIN_IOMMU_MODEL_INTEL,
     VIR_DOMAIN_IOMMU_MODEL_SMMUV3,
@@ -2670,6 +2677,9 @@ struct _virDomainDef {
     /* SEV-specific domain */
     virDomainSEVDefPtr sev;
 
+    /* SGX-specific domain */
+    virDomainSGXDefPtr sgx;
+
     /* Application-specific custom metadata */
     xmlNodePtr metadata;
 
diff --git a/src/conf/virconftypes.h b/src/conf/virconftypes.h
index 1c62cde251..084bcc7687 100644
--- a/src/conf/virconftypes.h
+++ b/src/conf/virconftypes.h
@@ -291,6 +291,9 @@ typedef virDomainResourceDef *virDomainResourceDefPtr;
 typedef struct _virDomainSEVDef virDomainSEVDef;
 typedef virDomainSEVDef *virDomainSEVDefPtr;
 
+typedef struct _virDomainSGXDef virDomainSGXDef;
+typedef virDomainSGXDef *virDomainSGXDefPtr;
+
 typedef struct _virDomainShmemDef virDomainShmemDef;
 typedef virDomainShmemDef *virDomainShmemDefPtr;
 
-- 
2.17.1




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux