91 lines
3.6 KiB
Diff
91 lines
3.6 KiB
Diff
From b349d91f45f77f2936ea9461ac221b672261e2a7 Mon Sep 17 00:00:00 2001
|
|
Message-ID: <b349d91f45f77f2936ea9461ac221b672261e2a7.1759908360.git.jdenemar@redhat.com>
|
|
From: Zhenzhong Duan <zhenzhong.duan@intel.com>
|
|
Date: Thu, 10 Jul 2025 03:21:12 -0400
|
|
Subject: [PATCH] conf: Expose TDX type in domain launch security capability
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
As the tdx launch security type support is added, expose it in domain
|
|
capabilities so that domain definition validation check can take
|
|
effect.
|
|
|
|
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
|
|
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
(cherry picked from commit 0a825f910bb863ddc46c23e8a98834d1903dc526)
|
|
Resolves: https://issues.redhat.com/browse/RHEL-111863
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
|
|
RHEL: missing data files
|
|
---
|
|
src/qemu/qemu_capabilities.c | 2 ++
|
|
tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml | 6 +++++-
|
|
tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml | 6 +++++-
|
|
tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml | 6 +++++-
|
|
4 files changed, 17 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
|
|
index f4f77a491c..d2b59ba1f4 100644
|
|
--- a/src/qemu/qemu_capabilities.c
|
|
+++ b/src/qemu/qemu_capabilities.c
|
|
@@ -6776,6 +6776,8 @@ virQEMUCapsFillDomainLaunchSecurity(virQEMUCaps *qemuCaps,
|
|
if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_S390_PV_GUEST) &&
|
|
virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_SUPPORT))
|
|
VIR_DOMAIN_CAPS_ENUM_SET(launchSecurity->sectype, VIR_DOMAIN_LAUNCH_SECURITY_PV);
|
|
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_TDX_GUEST))
|
|
+ VIR_DOMAIN_CAPS_ENUM_SET(launchSecurity->sectype, VIR_DOMAIN_LAUNCH_SECURITY_TDX);
|
|
|
|
if (launchSecurity->sectype.values == 0) {
|
|
launchSecurity->supported = VIR_TRISTATE_BOOL_NO;
|
|
diff --git a/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
|
|
index 61aa1aafd0..fafa28ecbe 100644
|
|
--- a/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
|
|
+++ b/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
|
|
@@ -774,6 +774,10 @@
|
|
<value>xmm_input</value>
|
|
</enum>
|
|
</hyperv>
|
|
- <launchSecurity supported='no'/>
|
|
+ <launchSecurity supported='yes'>
|
|
+ <enum name='sectype'>
|
|
+ <value>tdx</value>
|
|
+ </enum>
|
|
+ </launchSecurity>
|
|
</features>
|
|
</domainCapabilities>
|
|
diff --git a/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
|
|
index 1d2795c4df..eba8023fc8 100644
|
|
--- a/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
|
|
+++ b/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
|
|
@@ -1821,6 +1821,10 @@
|
|
<value>xmm_input</value>
|
|
</enum>
|
|
</hyperv>
|
|
- <launchSecurity supported='no'/>
|
|
+ <launchSecurity supported='yes'>
|
|
+ <enum name='sectype'>
|
|
+ <value>tdx</value>
|
|
+ </enum>
|
|
+ </launchSecurity>
|
|
</features>
|
|
</domainCapabilities>
|
|
diff --git a/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
|
|
index 6048a66b87..9ea7d779b5 100644
|
|
--- a/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
|
|
+++ b/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
|
|
@@ -774,6 +774,10 @@
|
|
<value>xmm_input</value>
|
|
</enum>
|
|
</hyperv>
|
|
- <launchSecurity supported='no'/>
|
|
+ <launchSecurity supported='yes'>
|
|
+ <enum name='sectype'>
|
|
+ <value>tdx</value>
|
|
+ </enum>
|
|
+ </launchSecurity>
|
|
</features>
|
|
</domainCapabilities>
|
|
--
|
|
2.51.0
|