Re: [PATCH v2 4/5] qemu: command: support crypto device

[Michal Prívozník <mprivozn@xxxxxxxxxx>]

On 1/17/23 02:46, zhenwei pi wrote:
> Support virtio-crypto device, also support cryptodev types:
> - builtin
> - lkcf
> 
> Finally, we can launch a VM(QEMU) with one or more crypto devices by
> libvirt.
> 
> Signed-off-by: zhenwei pi <pizhenwei@xxxxxxxxxxxxx>
> ---
>  src/qemu/qemu_command.c | 110 +++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 109 insertions(+), 1 deletion(-)
> 
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index bb7031f66d..996a13a77b 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -926,6 +926,12 @@ qemuBuildVirtioDevGetConfigDev(const virDomainDeviceDef *device,
>          }
>              break;
>  
> +        case VIR_DOMAIN_DEVICE_CRYPTO: {
> +            *baseName = "virtio-crypto";
> +            *virtioOptions = device->data.crypto->virtio;
> +            break;
> +        }
> +
>          case VIR_DOMAIN_DEVICE_LEASE:
>          case VIR_DOMAIN_DEVICE_SOUND:
>          case VIR_DOMAIN_DEVICE_WATCHDOG:
> @@ -942,7 +948,6 @@ qemuBuildVirtioDevGetConfigDev(const virDomainDeviceDef *device,
>          case VIR_DOMAIN_DEVICE_MEMORY:
>          case VIR_DOMAIN_DEVICE_IOMMU:
>          case VIR_DOMAIN_DEVICE_AUDIO:
> -        case VIR_DOMAIN_DEVICE_CRYPTO:
>          case VIR_DOMAIN_DEVICE_LAST:
>          default:
>              break;
> @@ -9894,6 +9899,106 @@ qemuBuildVsockCommandLine(virCommand *cmd,
>  }
>  
>  
> +static int
> +qemuBuildCryptoBackendProps(virDomainCryptoDef *crypto,
> +                            virJSONValue **props)
> +{
> +    g_autofree char *objAlias = NULL;
> +
> +    objAlias = g_strdup_printf("obj%s", crypto->info.alias);
> +
> +    switch ((virDomainCryptoBackend) crypto->backend) {
> +    case VIR_DOMAIN_CRYPTO_BACKEND_BUILTIN:
> +        if (qemuMonitorCreateObjectProps(props, "cryptodev-backend-builtin",
> +                                         objAlias, NULL) < 0)
> +            return -1;
> +
> +        break;
> +
> +    case VIR_DOMAIN_CRYPTO_BACKEND_LKCF:
> +        if (qemuMonitorCreateObjectProps(props, "cryptodev-backend-lkcf",
> +                                         objAlias, NULL) < 0)
> +            return -1;
> +
> +        break;
> +
> +    case VIR_DOMAIN_CRYPTO_BACKEND_LAST:
> +        break;
> +    }

This can be simplified a bit:

const char *backend = NULL;

switch(crypto->backend) {
case ..._BUILTIN: backend = "...-builtin"; break;
case ..._LKCF: backend = "...-lkcf"; break;
case ..._LAST: break;
}

if (qemuMonitorCreateObjectProps, props, backend, objAlias, ...

> +
> +    if (virJSONValueObjectAdd(props,
> +                              "p:queues", crypto->queues,

... and this can be moved into the call too then.

> +                              NULL) < 0)
> +        return -1;
> +
> +
> +    return 0;
> +}

What I'm missing in this patch is a xml2argv test case (to verify the
cmd line generator), e.g.:

diff --git c/tests/qemuxml2argvtest.c i/tests/qemuxml2argvtest.c
index 8c52feb83c..3e58a73e41 100644
--- c/tests/qemuxml2argvtest.c
+++ i/tests/qemuxml2argvtest.c
@@ -2983,6 +2983,8 @@ mymain(void)

     DO_TEST_CAPS_VER("sgx-epc", "7.0.0");

+    DO_TEST_CAPS_LATEST("crypto-builtin");
+
     if (getenv("LIBVIRT_SKIP_CLEANUP") == NULL)
         virFileDeleteTree(fakerootdir);


And then "writing" corresponding .args file. Okay, nobody really writes
it by hand, we all just:

libvirt.git/_build/tests $ VIR_TEST_REGENERATE_OUTPUT=1 ./qemuxml2argvtest

and then inspect generated file
(tests/qemuxml2argvdata/crypto-builtin.x86_64-latest.args), thoroughly.

Michal