91 lines
3.6 KiB
Diff
91 lines
3.6 KiB
Diff
From 2e0bf808c6d2543b2279a365f3175d1a9c384617 Mon Sep 17 00:00:00 2001
|
|
Message-ID: <2e0bf808c6d2543b2279a365f3175d1a9c384617.1759835600.git.jdenemar@redhat.com>
|
|
From: Zhenzhong Duan <zhenzhong.duan@intel.com>
|
|
Date: Thu, 10 Jul 2025 03:21:12 -0400
|
|
Subject: [PATCH] conf: Expose TDX type in domain launch security capability
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
As the tdx launch security type support is added, expose it in domain
|
|
capabilities so that domain definition validation check can take
|
|
effect.
|
|
|
|
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
|
|
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
(cherry picked from commit 0a825f910bb863ddc46c23e8a98834d1903dc526)
|
|
Resolves: https://issues.redhat.com/browse/RHEL-111840
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
|
|
RHEL: missing 10.1 data files
|
|
---
|
|
src/qemu/qemu_capabilities.c | 2 ++
|
|
tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml | 6 +++++-
|
|
tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml | 6 +++++-
|
|
tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml | 6 +++++-
|
|
4 files changed, 17 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
|
|
index dbec00c99d..4f239ae77b 100644
|
|
--- a/src/qemu/qemu_capabilities.c
|
|
+++ b/src/qemu/qemu_capabilities.c
|
|
@@ -6762,6 +6762,8 @@ virQEMUCapsFillDomainLaunchSecurity(virQEMUCaps *qemuCaps,
|
|
if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_S390_PV_GUEST) &&
|
|
virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_SUPPORT))
|
|
VIR_DOMAIN_CAPS_ENUM_SET(launchSecurity->sectype, VIR_DOMAIN_LAUNCH_SECURITY_PV);
|
|
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_TDX_GUEST))
|
|
+ VIR_DOMAIN_CAPS_ENUM_SET(launchSecurity->sectype, VIR_DOMAIN_LAUNCH_SECURITY_TDX);
|
|
|
|
if (launchSecurity->sectype.values == 0) {
|
|
launchSecurity->supported = VIR_TRISTATE_BOOL_NO;
|
|
diff --git a/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
|
|
index 1d0f9f1362..fedf50a52a 100644
|
|
--- a/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
|
|
+++ b/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
|
|
@@ -757,6 +757,10 @@
|
|
<value>xmm_input</value>
|
|
</enum>
|
|
</hyperv>
|
|
- <launchSecurity supported='no'/>
|
|
+ <launchSecurity supported='yes'>
|
|
+ <enum name='sectype'>
|
|
+ <value>tdx</value>
|
|
+ </enum>
|
|
+ </launchSecurity>
|
|
</features>
|
|
</domainCapabilities>
|
|
diff --git a/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
|
|
index ea79280179..c9913316b8 100644
|
|
--- a/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
|
|
+++ b/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
|
|
@@ -1804,6 +1804,10 @@
|
|
<value>xmm_input</value>
|
|
</enum>
|
|
</hyperv>
|
|
- <launchSecurity supported='no'/>
|
|
+ <launchSecurity supported='yes'>
|
|
+ <enum name='sectype'>
|
|
+ <value>tdx</value>
|
|
+ </enum>
|
|
+ </launchSecurity>
|
|
</features>
|
|
</domainCapabilities>
|
|
diff --git a/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
|
|
index a5c781c67c..c1aebf16b2 100644
|
|
--- a/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
|
|
+++ b/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
|
|
@@ -757,6 +757,10 @@
|
|
<value>xmm_input</value>
|
|
</enum>
|
|
</hyperv>
|
|
- <launchSecurity supported='no'/>
|
|
+ <launchSecurity supported='yes'>
|
|
+ <enum name='sectype'>
|
|
+ <value>tdx</value>
|
|
+ </enum>
|
|
+ </launchSecurity>
|
|
</features>
|
|
</domainCapabilities>
|
|
--
|
|
2.51.0
|