On Tue, Dec 14, 2021 at 12:08:37PM +0100, Peter Krempa wrote: > On Fri, Dec 10, 2021 at 16:47:13 +0000, Daniel P. Berrangé wrote: > > Set the kernel-hashes property on the sev-guest object if > > the config asked for it explicitly. While QEMU machine > > types currently default to having this setting off, it > > is not guaranteed to remain this way. > > > > Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> > > --- > > src/qemu/qemu_command.c | 1 + > > src/qemu/qemu_validate.c | 7 ++++ > > ...unch-security-sev-direct.x86_64-6.2.0.args | 40 +++++++++++++++++++ > > .../launch-security-sev-direct.xml | 39 ++++++++++++++++++ > > tests/qemuxml2argvtest.c | 1 + > > 5 files changed, 88 insertions(+) > > create mode 100644 tests/qemuxml2argvdata/launch-security-sev-direct.x86_64-6.2.0.args > > create mode 100644 tests/qemuxml2argvdata/launch-security-sev-direct.xml > > > > diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c > > index 613f7a5d2a..dfbf4973f5 100644 > > --- a/src/qemu/qemu_command.c > > +++ b/src/qemu/qemu_command.c > > @@ -9894,6 +9894,7 @@ qemuBuildSEVCommandLine(virDomainObj *vm, virCommand *cmd, > > "u:policy", sev->policy, > > "S:dh-cert-file", dhpath, > > "S:session-file", sessionpath, > > + "T:kernel-hashes", sev->kernel_hashes, > > Since this is an '-object' ... > > > NULL) < 0) > > return -1; > > > > diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c > > index 29b01495ad..c0dc1f7b53 100644 > > --- a/src/qemu/qemu_validate.c > > +++ b/src/qemu/qemu_validate.c > > @@ -1200,6 +1200,13 @@ qemuValidateDomainDef(const virDomainDef *def, > > "this QEMU binary")); > > return -1; > > } > > + > > + if (def->sec->data.sev.kernel_hashes == VIR_TRISTATE_BOOL_YES && > > + !virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST_KERNEL_HASHES)) { > > ... and this flag means that the 'sev-guest' actually has the > 'kernel-hashes' property, the above check should be > > if (def->sec->data.sev.kernel_hashes != VIR_TRISTATE_BOOL_ABSENT && ... Lets do this, since if the user gave an explicit disable we want to pass that through to the CLI, in case qemu changes the future default for machine types to be enabled > as an explicit disable will also cause a qemu error when the property is > not defined inside sev-guest. > > Other option is to use 'B:kernel-hashes' above and extract the value of > sev->kernel_hashes into a temporary bool initialized to false via > virTristateBoolToBool which preserves the default. In such case it will > be always omitted when not enabled. > > > > Reviewed-by: Peter Krempa <pkrempa@xxxxxxxxxx> > Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|