RE: [PATCH v4 1/4] conf: Introduce SGX related element into domain xml

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ok, got it. Thanks.
> -----Original Message-----
> From: Pavel Hrdina <phrdina@xxxxxxxxxx>
> Sent: Wednesday, July 7, 2021 4:36 PM
> To: Huang, Haibin <haibin.huang@xxxxxxxxx>
> Cc: libvir-list@xxxxxxxxxx; Ding, Jian-feng <jian-feng.ding@xxxxxxxxx>; Yang,
> Lin A <lin.a.yang@xxxxxxxxx>; Lu, Lianhao <lianhao.lu@xxxxxxxxx>
> Subject: Re: [PATCH v4 1/4] conf: Introduce SGX related element into
> domain xml
> 
> On Thu, Jul 01, 2021 at 08:10:26PM +0800, Haibin Huang wrote:
> > From: Lin Yang <lin.a.yang@xxxxxxxxx>
> >
> >   <launchSecurity type='sgx'>
> >     <epc_size unit='KiB'>1024</epc_size>
> >   </launchSecurity>
> > ---
> >  src/conf/domain_conf.c  | 106
> > +++++++++++++++++++++++++++++-----------
> >  src/conf/domain_conf.h  |  10 ++++
> >  src/conf/virconftypes.h |   3 ++
> >  3 files changed, 91 insertions(+), 28 deletions(-)
> 
> Not commenting the code for now as there is already ongoing work adding
> s390-pv-guest support that refactors exactly the same functions as this patch so
> we should coordinate the work to not introduce merge conflicts and
> unnecessary work for both contributors.
> 
> https://listman.redhat.com/archives/libvir-list/2021-June/msg00653.html
> 
> Pavel
> 
> > diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index
> > ef67efa1da..4336dafd82 100644
> > --- a/src/conf/domain_conf.c
> > +++ b/src/conf/domain_conf.c
> > @@ -1336,6 +1336,7 @@ VIR_ENUM_IMPL(virDomainLaunchSecurity,
> >                VIR_DOMAIN_LAUNCH_SECURITY_LAST,
> >                "",
> >                "sev",
> > +              "sgx",
> >  );
> >
> >  static virClassPtr virDomainObjClass; @@ -3409,6 +3410,16 @@
> > virDomainSEVDefFree(virDomainSEVDefPtr def)  }
> >
> >
> > +static void
> > +virDomainSGXDefFree(virDomainSGXDefPtr def) {
> > +    if (!def)
> > +        return;
> > +
> > +    VIR_FREE(def);
> > +}
> > +
> > +
> >  void virDomainDefFree(virDomainDefPtr def)  {
> >      size_t i;
> > @@ -3597,6 +3608,7 @@ void virDomainDefFree(virDomainDefPtr def)
> >          (def->ns.free)(def->namespaceData);
> >
> >      virDomainSEVDefFree(def->sev);
> > +    virDomainSGXDefFree(def->sgx);
> >
> >      xmlFreeNode(def->metadata);
> >
> > @@ -16700,39 +16712,17 @@
> virDomainMemoryTargetDefParseXML(xmlNodePtr node,
> >      return 0;
> >  }
> >
> > -
> >  static virDomainSEVDefPtr
> > -virDomainSEVDefParseXML(xmlNodePtr sevNode,
> > -                        xmlXPathContextPtr ctxt)
> > +virDomainSEVDefParseXML(xmlXPathContextPtr ctxt)
> >  {
> >      VIR_XPATH_NODE_AUTORESTORE(ctxt);
> >      virDomainSEVDefPtr def;
> >      unsigned long policy;
> > -    g_autofree char *type = NULL;
> >
> >      if (VIR_ALLOC(def) < 0)
> >          return NULL;
> >
> > -    ctxt->node = sevNode;
> > -
> > -    if (!(type = virXMLPropString(sevNode, "type"))) {
> > -        virReportError(VIR_ERR_XML_ERROR, "%s",
> > -                       _("missing launch security type"));
> > -        goto error;
> > -    }
> > -
> > -    def->sectype = virDomainLaunchSecurityTypeFromString(type);
> > -    switch ((virDomainLaunchSecurity) def->sectype) {
> > -    case VIR_DOMAIN_LAUNCH_SECURITY_SEV:
> > -        break;
> > -    case VIR_DOMAIN_LAUNCH_SECURITY_NONE:
> > -    case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
> > -    default:
> > -        virReportError(VIR_ERR_XML_ERROR,
> > -                       _("unsupported launch security type '%s'"),
> > -                       type);
> > -        goto error;
> > -    }
> > +    def->sectype = VIR_DOMAIN_LAUNCH_SECURITY_SEV;
> >
> >      if (virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos) < 0) {
> >          virReportError(VIR_ERR_XML_ERROR, "%s", @@ -16764,6 +16754,63
> > @@ virDomainSEVDefParseXML(xmlNodePtr sevNode,
> >      return NULL;
> >  }
> >
> > +static virDomainSGXDefPtr
> > +virDomainSGXDefParseXML(xmlXPathContextPtr ctxt) {
> > +    VIR_XPATH_NODE_AUTORESTORE(ctxt);
> > +    virDomainSGXDefPtr def;
> > +
> > +    if (VIR_ALLOC(def) < 0)
> > +        return NULL;
> > +
> > +    def->sectype = VIR_DOMAIN_LAUNCH_SECURITY_SGX;
> > +
> > +    if (virDomainParseMemory("./epc_size", "./epc_size/@unit", ctxt,
> > +                             &def->epc_size, false, false) < 0)
> > +        goto error;
> > +
> > +    return def;
> > +
> > + error:
> > +    virDomainSGXDefFree(def);
> > +    return NULL;
> > +}
> > +
> > +static int
> > +virDomainLaunchSecurityDefParseXML(xmlNodePtr launchSecurityNode,
> > +                                   xmlXPathContextPtr ctxt,
> > +                                   virDomainDefPtr def) {
> > +    VIR_XPATH_NODE_AUTORESTORE(ctxt);
> > +    g_autofree char *type = NULL;
> > +
> > +    ctxt->node = launchSecurityNode;
> > +
> > +    if (!(type = virXMLPropString(launchSecurityNode, "type"))) {
> > +        virReportError(VIR_ERR_XML_ERROR, "%s",
> > +                       _("missing launch security type"));
> > +        return -1;
> > +    }
> > +
> > +    switch ((virDomainLaunchSecurity)
> virDomainLaunchSecurityTypeFromString(type)) {
> > +    case VIR_DOMAIN_LAUNCH_SECURITY_SEV:
> > +        def->sev = virDomainSEVDefParseXML(ctxt);
> > +        break;
> > +    case VIR_DOMAIN_LAUNCH_SECURITY_SGX:
> > +        def->sgx = virDomainSGXDefParseXML(ctxt);
> > +        break;
> > +    case VIR_DOMAIN_LAUNCH_SECURITY_NONE:
> > +    case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
> > +    default:
> > +        virReportError(VIR_ERR_XML_ERROR,
> > +                       _("unsupported launch security type '%s'"),
> > +                       type);
> > +        return -1;
> > +    }
> > +
> > +    return 0;
> > +}
> > +
> >  static virDomainMemoryDefPtr
> >  virDomainMemoryDefParseXML(virDomainXMLOptionPtr xmlopt,
> >                             xmlNodePtr memdevNode, @@ -22227,12
> > +22274,15 @@ virDomainDefParseXML(xmlDocPtr xml,
> >      ctxt->node = node;
> >      VIR_FREE(nodes);
> >
> > -    /* Check for SEV feature */
> > -    if ((node = virXPathNode("./launchSecurity", ctxt)) != NULL) {
> > -        def->sev = virDomainSEVDefParseXML(node, ctxt);
> > -        if (!def->sev)
> > +    /* analysis of launch security */
> > +    if ((n = virXPathNodeSet("./launchSecurity", ctxt, &nodes)) < 0)
> > +        goto error;
> > +
> > +    for (i = 0; i < n; i++) {
> > +        if (virDomainLaunchSecurityDefParseXML(nodes[i], ctxt, def)
> > + != 0)
> >              goto error;
> >      }
> > +    VIR_FREE(nodes);
> >
> >      /* analysis of memory devices */
> >      if ((n = virXPathNodeSet("./devices/memory", ctxt, &nodes)) < 0)
> > diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index
> > 011bf66cb4..88adf461df 100644
> > --- a/src/conf/domain_conf.h
> > +++ b/src/conf/domain_conf.h
> > @@ -2447,6 +2447,7 @@ struct _virDomainKeyWrapDef {  typedef enum {
> >      VIR_DOMAIN_LAUNCH_SECURITY_NONE,
> >      VIR_DOMAIN_LAUNCH_SECURITY_SEV,
> > +    VIR_DOMAIN_LAUNCH_SECURITY_SGX,
> >
> >      VIR_DOMAIN_LAUNCH_SECURITY_LAST,
> >  } virDomainLaunchSecurity;
> > @@ -2462,6 +2463,12 @@ struct _virDomainSEVDef {  };
> >
> >
> > +struct _virDomainSGXDef {
> > +    int sectype; /* enum virDomainLaunchSecurity */
> > +    unsigned long long epc_size; /* kibibytes */ };
> > +
> > +
> >  typedef enum {
> >      VIR_DOMAIN_IOMMU_MODEL_INTEL,
> >      VIR_DOMAIN_IOMMU_MODEL_SMMUV3,
> > @@ -2670,6 +2677,9 @@ struct _virDomainDef {
> >      /* SEV-specific domain */
> >      virDomainSEVDefPtr sev;
> >
> > +    /* SGX-specific domain */
> > +    virDomainSGXDefPtr sgx;
> > +
> >      /* Application-specific custom metadata */
> >      xmlNodePtr metadata;
> >
> > diff --git a/src/conf/virconftypes.h b/src/conf/virconftypes.h index
> > 1c62cde251..084bcc7687 100644
> > --- a/src/conf/virconftypes.h
> > +++ b/src/conf/virconftypes.h
> > @@ -291,6 +291,9 @@ typedef virDomainResourceDef
> > *virDomainResourceDefPtr;  typedef struct _virDomainSEVDef
> > virDomainSEVDef;  typedef virDomainSEVDef *virDomainSEVDefPtr;
> >
> > +typedef struct _virDomainSGXDef virDomainSGXDef; typedef
> > +virDomainSGXDef *virDomainSGXDefPtr;
> > +
> >  typedef struct _virDomainShmemDef virDomainShmemDef;  typedef
> > virDomainShmemDef *virDomainShmemDefPtr;
> >
> > --
> > 2.17.1
> >




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux