|
|
9c6c51 |
From 9f03a9e4bf2c5aad056f44ef1fe6c57eac3a7e74 Mon Sep 17 00:00:00 2001
|
|
|
9c6c51 |
Message-Id: <9f03a9e4bf2c5aad056f44ef1fe6c57eac3a7e74@dist-git>
|
|
|
9c6c51 |
From: Erik Skultety <eskultet@redhat.com>
|
|
|
9c6c51 |
Date: Mon, 20 Aug 2018 17:18:53 +0200
|
|
|
9c6c51 |
Subject: [PATCH] qemu: caps: Format SEV platform data into qemuCaps cache
|
|
|
9c6c51 |
MIME-Version: 1.0
|
|
|
9c6c51 |
Content-Type: text/plain; charset=UTF-8
|
|
|
9c6c51 |
Content-Transfer-Encoding: 8bit
|
|
|
9c6c51 |
|
|
|
9c6c51 |
Since we're not saving the platform-specific data into a cache, we're
|
|
|
9c6c51 |
not going to populate the structure, which in turn will cause a crash
|
|
|
9c6c51 |
upon calling virNodeGetSEVInfo because of a NULL pointer dereference.
|
|
|
9c6c51 |
Ultimately, we should start caching this data along with host-specific
|
|
|
9c6c51 |
capabilities like NUMA and SELinux stuff into a separate cache, but for
|
|
|
9c6c51 |
the time being, this is a semi-proper fix for a potential crash.
|
|
|
9c6c51 |
|
|
|
9c6c51 |
Backtrace (requires libvirtd restart to load qemu caps from cache):
|
|
|
9c6c51 |
#0 qemuGetSEVInfoToParams
|
|
|
9c6c51 |
#1 qemuNodeGetSEVInfo
|
|
|
9c6c51 |
#2 virNodeGetSEVInfo
|
|
|
9c6c51 |
#3 remoteDispatchNodeGetSevInfo
|
|
|
9c6c51 |
#4 remoteDispatchNodeGetSevInfoHelper
|
|
|
9c6c51 |
#5 virNetServerProgramDispatchCall
|
|
|
9c6c51 |
#6 virNetServerProgramDispatch
|
|
|
9c6c51 |
#7 virNetServerProcessMsg
|
|
|
9c6c51 |
#8 virNetServerHandleJob
|
|
|
9c6c51 |
#9 virThreadPoolWorker
|
|
|
9c6c51 |
#10 virThreadHelper
|
|
|
9c6c51 |
|
|
|
9c6c51 |
https: //bugzilla.redhat.com/show_bug.cgi?id=1612009
|
|
|
9c6c51 |
Signed-off-by: Erik Skultety <eskultet@redhat.com>
|
|
|
9c6c51 |
Acked-by: Peter Krempa <pkrempa@redhat.com>
|
|
|
9c6c51 |
Tested-by: Brijesh Singh <brijesh.singh@amd.com>
|
|
|
9c6c51 |
(cherry picked from commit 77f51ab52049734d80a8ccb79b80189c7fb95c41)
|
|
|
9c6c51 |
|
|
|
9c6c51 |
https://bugzilla.redhat.com/show_bug.cgi?id=1612009
|
|
|
9c6c51 |
https://bugzilla.redhat.com/show_bug.cgi?id=1619150
|
|
|
9c6c51 |
|
|
|
9c6c51 |
Amend:
|
|
|
9c6c51 |
- fixed the VIR_AUTOPTR bits which downstream doesn't support
|
|
|
9c6c51 |
and wouldn't compile
|
|
|
9c6c51 |
|
|
|
9c6c51 |
Signed-off-by: Erik Skultety <eskultet@redhat.com>
|
|
|
9c6c51 |
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
|
9c6c51 |
---
|
|
|
9c6c51 |
src/qemu/qemu_capabilities.c | 109 ++++++++++++++++++
|
|
|
9c6c51 |
.../qemu_2.12.0.x86_64.xml | 5 +-
|
|
|
9c6c51 |
.../caps_2.12.0.x86_64.xml | 6 +
|
|
|
9c6c51 |
3 files changed, 119 insertions(+), 1 deletion(-)
|
|
|
9c6c51 |
|
|
|
9c6c51 |
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
|
|
|
9c6c51 |
index 55024ad735..1321696d11 100644
|
|
|
9c6c51 |
--- a/src/qemu/qemu_capabilities.c
|
|
|
9c6c51 |
+++ b/src/qemu/qemu_capabilities.c
|
|
|
9c6c51 |
@@ -1572,6 +1572,30 @@ virQEMUCapsHostCPUDataClear(virQEMUCapsHostCPUDataPtr cpuData)
|
|
|
9c6c51 |
}
|
|
|
9c6c51 |
|
|
|
9c6c51 |
|
|
|
9c6c51 |
+static int
|
|
|
9c6c51 |
+virQEMUCapsSEVInfoCopy(virSEVCapabilityPtr *dst,
|
|
|
9c6c51 |
+ virSEVCapabilityPtr src)
|
|
|
9c6c51 |
+{
|
|
|
9c6c51 |
+ int ret = -1;
|
|
|
9c6c51 |
+ virSEVCapabilityPtr tmp = NULL;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ if (VIR_ALLOC(tmp) < 0 ||
|
|
|
9c6c51 |
+ VIR_STRDUP(tmp->pdh, src->pdh) < 0 ||
|
|
|
9c6c51 |
+ VIR_STRDUP(tmp->cert_chain, src->cert_chain) < 0)
|
|
|
9c6c51 |
+ goto cleanup;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ tmp->cbitpos = src->cbitpos;
|
|
|
9c6c51 |
+ tmp->reduced_phys_bits = src->reduced_phys_bits;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ VIR_STEAL_PTR(*dst, tmp);
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ ret = 0;
|
|
|
9c6c51 |
+ cleanup:
|
|
|
9c6c51 |
+ virSEVCapabilitiesFree(tmp);
|
|
|
9c6c51 |
+ return ret;
|
|
|
9c6c51 |
+}
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
virQEMUCapsPtr virQEMUCapsNewCopy(virQEMUCapsPtr qemuCaps)
|
|
|
9c6c51 |
{
|
|
|
9c6c51 |
virQEMUCapsPtr ret = virQEMUCapsNew();
|
|
|
9c6c51 |
@@ -1634,6 +1658,11 @@ virQEMUCapsPtr virQEMUCapsNewCopy(virQEMUCapsPtr qemuCaps)
|
|
|
9c6c51 |
for (i = 0; i < qemuCaps->ngicCapabilities; i++)
|
|
|
9c6c51 |
ret->gicCapabilities[i] = qemuCaps->gicCapabilities[i];
|
|
|
9c6c51 |
|
|
|
9c6c51 |
+ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST) &&
|
|
|
9c6c51 |
+ virQEMUCapsSEVInfoCopy(&ret->sevCapabilities,
|
|
|
9c6c51 |
+ qemuCaps->sevCapabilities) < 0)
|
|
|
9c6c51 |
+ goto error;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
return ret;
|
|
|
9c6c51 |
|
|
|
9c6c51 |
error:
|
|
|
9c6c51 |
@@ -3272,6 +3301,62 @@ virQEMUCapsCachePrivFree(void *privData)
|
|
|
9c6c51 |
}
|
|
|
9c6c51 |
|
|
|
9c6c51 |
|
|
|
9c6c51 |
+static int
|
|
|
9c6c51 |
+virQEMUCapsParseSEVInfo(virQEMUCapsPtr qemuCaps, xmlXPathContextPtr ctxt)
|
|
|
9c6c51 |
+{
|
|
|
9c6c51 |
+ int ret = -1;
|
|
|
9c6c51 |
+ virSEVCapabilityPtr sev = NULL;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST))
|
|
|
9c6c51 |
+ return 0;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ if (virXPathBoolean("boolean(./sev)", ctxt) == 0) {
|
|
|
9c6c51 |
+ virReportError(VIR_ERR_XML_ERROR, "%s",
|
|
|
9c6c51 |
+ _("missing SEV platform data in QEMU "
|
|
|
9c6c51 |
+ "capabilities cache"));
|
|
|
9c6c51 |
+ return -1;
|
|
|
9c6c51 |
+ }
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ if (VIR_ALLOC(sev) < 0)
|
|
|
9c6c51 |
+ return -1;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ if (virXPathUInt("string(./sev/cbitpos)", ctxt, &sev->cbitpos) < 0) {
|
|
|
9c6c51 |
+ virReportError(VIR_ERR_XML_ERROR, "%s",
|
|
|
9c6c51 |
+ _("missing or malformed SEV cbitpos information "
|
|
|
9c6c51 |
+ "in QEMU capabilities cache"));
|
|
|
9c6c51 |
+ goto cleanup;
|
|
|
9c6c51 |
+ }
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ if (virXPathUInt("string(./sev/reducedPhysBits)", ctxt,
|
|
|
9c6c51 |
+ &sev->reduced_phys_bits) < 0) {
|
|
|
9c6c51 |
+ virReportError(VIR_ERR_XML_ERROR, "%s",
|
|
|
9c6c51 |
+ _("missing or malformed SEV reducedPhysBits information "
|
|
|
9c6c51 |
+ "in QEMU capabilities cache"));
|
|
|
9c6c51 |
+ goto cleanup;
|
|
|
9c6c51 |
+ }
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ if (!(sev->pdh = virXPathString("string(./sev/pdh)", ctxt))) {
|
|
|
9c6c51 |
+ virReportError(VIR_ERR_XML_ERROR, "%s",
|
|
|
9c6c51 |
+ _("missing SEV pdh information "
|
|
|
9c6c51 |
+ "in QEMU capabilities cache"));
|
|
|
9c6c51 |
+ goto cleanup;
|
|
|
9c6c51 |
+ }
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ if (!(sev->cert_chain = virXPathString("string(./sev/certChain)", ctxt))) {
|
|
|
9c6c51 |
+ virReportError(VIR_ERR_XML_ERROR, "%s",
|
|
|
9c6c51 |
+ _("missing SEV certChain information "
|
|
|
9c6c51 |
+ "in QEMU capabilities cache"));
|
|
|
9c6c51 |
+ goto cleanup;
|
|
|
9c6c51 |
+ }
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ VIR_STEAL_PTR(qemuCaps->sevCapabilities, sev);
|
|
|
9c6c51 |
+ ret = 0;
|
|
|
9c6c51 |
+ cleanup:
|
|
|
9c6c51 |
+ virSEVCapabilitiesFree(sev);
|
|
|
9c6c51 |
+ return ret;
|
|
|
9c6c51 |
+}
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
/*
|
|
|
9c6c51 |
* Parsing a doc that looks like
|
|
|
9c6c51 |
*
|
|
|
9c6c51 |
@@ -3520,6 +3605,9 @@ virQEMUCapsLoadCache(virArch hostArch,
|
|
|
9c6c51 |
}
|
|
|
9c6c51 |
VIR_FREE(nodes);
|
|
|
9c6c51 |
|
|
|
9c6c51 |
+ if (virQEMUCapsParseSEVInfo(qemuCaps, ctxt) < 0)
|
|
|
9c6c51 |
+ goto cleanup;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
virQEMUCapsInitHostCPUModel(qemuCaps, hostArch, VIR_DOMAIN_VIRT_KVM);
|
|
|
9c6c51 |
virQEMUCapsInitHostCPUModel(qemuCaps, hostArch, VIR_DOMAIN_VIRT_QEMU);
|
|
|
9c6c51 |
|
|
|
9c6c51 |
@@ -3637,6 +3725,24 @@ virQEMUCapsFormatCPUModels(virQEMUCapsPtr qemuCaps,
|
|
|
9c6c51 |
}
|
|
|
9c6c51 |
|
|
|
9c6c51 |
|
|
|
9c6c51 |
+static void
|
|
|
9c6c51 |
+virQEMUCapsFormatSEVInfo(virQEMUCapsPtr qemuCaps, virBufferPtr buf)
|
|
|
9c6c51 |
+{
|
|
|
9c6c51 |
+ virSEVCapabilityPtr sev = virQEMUCapsGetSEVCapabilities(qemuCaps);
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+ virBufferAddLit(buf, "<sev>\n");
|
|
|
9c6c51 |
+ virBufferAdjustIndent(buf, 2);
|
|
|
9c6c51 |
+ virBufferAsprintf(buf, "<cbitpos>%u</cbitpos>\n", sev->cbitpos);
|
|
|
9c6c51 |
+ virBufferAsprintf(buf, "<reducedPhysBits>%u</reducedPhysBits>\n",
|
|
|
9c6c51 |
+ sev->reduced_phys_bits);
|
|
|
9c6c51 |
+ virBufferEscapeString(buf, "<pdh>%s</pdh>\n", sev->pdh);
|
|
|
9c6c51 |
+ virBufferEscapeString(buf, "<certChain>%s</certChain>\n",
|
|
|
9c6c51 |
+ sev->cert_chain);
|
|
|
9c6c51 |
+ virBufferAdjustIndent(buf, -2);
|
|
|
9c6c51 |
+ virBufferAddLit(buf, "</sev>\n");
|
|
|
9c6c51 |
+}
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
char *
|
|
|
9c6c51 |
virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps)
|
|
|
9c6c51 |
{
|
|
|
9c6c51 |
@@ -3718,6 +3824,9 @@ virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps)
|
|
|
9c6c51 |
emulated ? "yes" : "no");
|
|
|
9c6c51 |
}
|
|
|
9c6c51 |
|
|
|
9c6c51 |
+ if (qemuCaps->sevCapabilities)
|
|
|
9c6c51 |
+ virQEMUCapsFormatSEVInfo(qemuCaps, &buf;;
|
|
|
9c6c51 |
+
|
|
|
9c6c51 |
virBufferAdjustIndent(&buf, -2);
|
|
|
9c6c51 |
virBufferAddLit(&buf, "</qemuCaps>\n");
|
|
|
9c6c51 |
|
|
|
9c6c51 |
diff --git a/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml b/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml
|
|
|
9c6c51 |
index 7a1be4c093..a8d6a4d629 100644
|
|
|
9c6c51 |
--- a/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml
|
|
|
9c6c51 |
+++ b/tests/domaincapsschemadata/qemu_2.12.0.x86_64.xml
|
|
|
9c6c51 |
@@ -142,6 +142,9 @@
|
|
|
9c6c51 |
<gic supported='no'/>
|
|
|
9c6c51 |
<vmcoreinfo supported='yes'/>
|
|
|
9c6c51 |
<genid supported='yes'/>
|
|
|
9c6c51 |
- <sev supported='no'/>
|
|
|
9c6c51 |
+ <sev supported='yes'>
|
|
|
9c6c51 |
+ <cbitpos>47</cbitpos>
|
|
|
9c6c51 |
+ <reducedPhysBits>1</reducedPhysBits>
|
|
|
9c6c51 |
+ </sev>
|
|
|
9c6c51 |
</features>
|
|
|
9c6c51 |
</domainCapabilities>
|
|
|
9c6c51 |
diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
|
|
|
9c6c51 |
index 78889facce..f0dc082640 100644
|
|
|
9c6c51 |
--- a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
|
|
|
9c6c51 |
+++ b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml
|
|
|
9c6c51 |
@@ -1254,4 +1254,10 @@
|
|
|
9c6c51 |
<machine name='pc-0.11' hotplugCpus='yes' maxCpus='255'/>
|
|
|
9c6c51 |
<machine name='pc-0.12' hotplugCpus='yes' maxCpus='255'/>
|
|
|
9c6c51 |
<machine name='pc-0.10' hotplugCpus='yes' maxCpus='255'/>
|
|
|
9c6c51 |
+ <sev>
|
|
|
9c6c51 |
+ <cbitpos>47</cbitpos>
|
|
|
9c6c51 |
+ <reducedPhysBits>1</reducedPhysBits>
|
|
|
9c6c51 |
+ <pdh>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</pdh>
|
|
|
9c6c51 |
+ <certChain>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</certChain>
|
|
|
9c6c51 |
+ </sev>
|
|
|
9c6c51 |
</qemuCaps>
|
|
|
9c6c51 |
--
|
|
|
9c6c51 |
2.18.0
|
|
|
9c6c51 |
|