The 'launch-security-sev' and
'launch-security-sev-missing-platform-info' tests run agains the
qemu-6.0.0 caps which were manually doctored to support SEV.
Since we now have the '+amdsev' variant dumped from a more modern qemu
add another invocation of the tests.
The only relevant difference in the output data is 'cbitpos' being '51'
on the new platform, for the test case which explicitly doesn't
configure it.
Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
...ng-platform-info.x86_64-latest+amdsev.args | 35 +++++++++++++++
...ing-platform-info.x86_64-latest+amdsev.xml | 43 ++++++++++++++++++
...nch-security-sev.x86_64-latest+amdsev.args | 35 +++++++++++++++
...unch-security-sev.x86_64-latest+amdsev.xml | 45 +++++++++++++++++++
tests/qemuxmlconftest.c | 9 ++++
5 files changed, 167 insertions(+)
create mode 100644 tests/qemuxmlconfdata/launch-security-sev-missing-platform-info.x86_64-latest+amdsev.args
create mode 100644 tests/qemuxmlconfdata/launch-security-sev-missing-platform-info.x86_64-latest+amdsev.xml
create mode 100644 tests/qemuxmlconfdata/launch-security-sev.x86_64-latest+amdsev.args
create mode 100644 tests/qemuxmlconfdata/launch-security-sev.x86_64-latest+amdsev.xml
diff --git a/tests/qemuxmlconfdata/launch-security-sev-missing-platform-info.x86_64-latest+amdsev.args b/tests/qemuxmlconfdata/launch-security-sev-missing-platform-info.x86_64-latest+amdsev.args
new file mode 100644
index 0000000000..cbbda6345f
--- /dev/null
+++ b/tests/qemuxmlconfdata/launch-security-sev-missing-platform-info.x86_64-latest+amdsev.args
@@ -0,0 +1,35 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1 \
+USER=test \
+LOGNAME=test \
+XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
+/usr/bin/qemu-system-x86_64 \
+-name guest=QEMUGuest1,debug-threads=on \
+-S \
+-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/master-key.aes"}' \
+-machine pc,usb=off,dump-guest-core=off,memory-backend=pc.ram,confidential-guest-support=lsec0,acpi=off \
+-accel kvm \
+-cpu qemu64 \
+-m size=219136k \
+-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \
+-overcommit mem-lock=off \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \
+-mon chardev=charmonitor,id=monitor,mode=control \
+-rtc base=utc \
+-no-shutdown \
+-boot strict=on \
+-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \
+-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","node-name":"libvirt-1-storage","read-only":false}' \
+-device '{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-storage","id":"ide0-0-0","bootindex":1}' \
+-audiodev '{"id":"audio1","driver":"none"}' \
+-object '{"qom-type":"sev-guest","id":"lsec0","cbitpos":51,"reduced-phys-bits":1,"policy":1,"dh-cert-file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/dh_cert.base64","session-file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/session.base64"}' \
+-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
+-msg timestamp=on
diff --git a/tests/qemuxmlconfdata/launch-security-sev-missing-platform-info.x86_64-latest+amdsev.xml b/tests/qemuxmlconfdata/launch-security-sev-missing-platform-info.x86_64-latest+amdsev.xml
new file mode 100644
index 0000000000..6a0048aeae
--- /dev/null
+++ b/tests/qemuxmlconfdata/launch-security-sev-missing-platform-info.x86_64-latest+amdsev.xml
@@ -0,0 +1,43 @@
+<domain type='kvm'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <cpu mode='custom' match='exact' check='none'>
+ <model fallback='forbid'>qemu64</model>
+ </cpu>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <disk type='block' device='disk'>
+ <driver name='qemu' type='raw'/>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='hda' bus='ide'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='usb' index='0' model='piix3-uhci'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
+ </controller>
+ <controller type='ide' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+ </controller>
+ <controller type='pci' index='0' model='pci-root'/>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <audio id='1' type='none'/>
+ <memballoon model='none'/>
+ </devices>
+ <launchSecurity type='sev'>
+ <policy>0x0001</policy>
+ <dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
+ <session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
+ </launchSecurity>
+</domain>
diff --git a/tests/qemuxmlconfdata/launch-security-sev.x86_64-latest+amdsev.args b/tests/qemuxmlconfdata/launch-security-sev.x86_64-latest+amdsev.args
new file mode 100644
index 0000000000..a71b08e4da
--- /dev/null
+++ b/tests/qemuxmlconfdata/launch-security-sev.x86_64-latest+amdsev.args
@@ -0,0 +1,35 @@
+LC_ALL=C \
+PATH=/bin \
+HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1 \
+USER=test \
+LOGNAME=test \
+XDG_DATA_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.local/share \
+XDG_CACHE_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.cache \
+XDG_CONFIG_HOME=/var/lib/libvirt/qemu/domain--1-QEMUGuest1/.config \
+/usr/bin/qemu-system-x86_64 \
+-name guest=QEMUGuest1,debug-threads=on \
+-S \
+-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/master-key.aes"}' \
+-machine pc,usb=off,dump-guest-core=off,memory-backend=pc.ram,confidential-guest-support=lsec0,acpi=off \
+-accel kvm \
+-cpu qemu64 \
+-m size=219136k \
+-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":224395264}' \
+-overcommit mem-lock=off \
+-smp 1,sockets=1,cores=1,threads=1 \
+-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
+-display none \
+-no-user-config \
+-nodefaults \
+-chardev socket,id=charmonitor,fd=1729,server=on,wait=off \
+-mon chardev=charmonitor,id=monitor,mode=control \
+-rtc base=utc \
+-no-shutdown \
+-boot strict=on \
+-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}' \
+-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","node-name":"libvirt-1-storage","read-only":false}' \
+-device '{"driver":"ide-hd","bus":"ide.0","unit":0,"drive":"libvirt-1-storage","id":"ide0-0-0","bootindex":1}' \
+-audiodev '{"id":"audio1","driver":"none"}' \
+-object '{"qom-type":"sev-guest","id":"lsec0","cbitpos":47,"reduced-phys-bits":1,"policy":1,"dh-cert-file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/dh_cert.base64","session-file":"/var/lib/libvirt/qemu/domain--1-QEMUGuest1/session.base64"}' \
+-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,resourcecontrol=deny \
+-msg timestamp=on
diff --git a/tests/qemuxmlconfdata/launch-security-sev.x86_64-latest+amdsev.xml b/tests/qemuxmlconfdata/launch-security-sev.x86_64-latest+amdsev.xml
new file mode 100644
index 0000000000..a3ee54ed44
--- /dev/null
+++ b/tests/qemuxmlconfdata/launch-security-sev.x86_64-latest+amdsev.xml
@@ -0,0 +1,45 @@
+<domain type='kvm'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219100</memory>
+ <currentMemory unit='KiB'>219100</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='x86_64' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <cpu mode='custom' match='exact' check='none'>
+ <model fallback='forbid'>qemu64</model>
+ </cpu>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-x86_64</emulator>
+ <disk type='block' device='disk'>
+ <driver name='qemu' type='raw'/>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='hda' bus='ide'/>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
+ <controller type='usb' index='0' model='piix3-uhci'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
+ </controller>
+ <controller type='ide' index='0'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
+ </controller>
+ <controller type='pci' index='0' model='pci-root'/>
+ <input type='mouse' bus='ps2'/>
+ <input type='keyboard' bus='ps2'/>
+ <audio id='1' type='none'/>
+ <memballoon model='none'/>
+ </devices>
+ <launchSecurity type='sev'>
+ <cbitpos>47</cbitpos>
+ <reducedPhysBits>1</reducedPhysBits>
+ <policy>0x0001</policy>
+ <dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
+ <session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
+ </launchSecurity>
+</domain>
diff --git a/tests/qemuxmlconftest.c b/tests/qemuxmlconftest.c
index 84eea4967a..9b9733e4dd 100644
--- a/tests/qemuxmlconftest.c
+++ b/tests/qemuxmlconftest.c
@@ -2876,8 +2876,17 @@ mymain(void)
DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw-auto", "s390x");
DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw-iommu", "s390x");
+ /* The 'caps_6.0.0_x86_64' test data was doctored to add SEV support prior
+ * to the time when capability variants existed */
DO_TEST_CAPS_VER("launch-security-sev", "6.0.0");
+ DO_TEST_CAPS_ARCH_LATEST_FULL("launch-security-sev", "x86_64",
+ ARG_CAPS_VARIANT, "+amdsev", ARG_END);
+
DO_TEST_CAPS_VER("launch-security-sev-missing-platform-info", "6.0.0");
+ DO_TEST_CAPS_ARCH_LATEST_FULL("launch-security-sev-missing-platform-info", "x86_64",
+ ARG_CAPS_VARIANT, "+amdsev", ARG_END);
+
+
DO_TEST_CAPS_ARCH_LATEST_FULL("launch-security-sev-direct",
"x86_64",
ARG_QEMU_CAPS,
--
2.48.1
