Skip to content

L
libvirt

openeuler / libvirt

通知 3
Star 0
Fork 0
L
libvirt

体验新版 GitCode,发现更多精彩内容 >>

提交 e56ff8bc 编写于 作者: J Ján Tomko
浏览文件
操作

conf: prefer camelCase for launchSecurity 

Adjust the documentation, parser and tests to change:
launch-security -> launchSecurity
reduced-phys-bits -> reducedPhysBits
dh-cert -> dhCert

Also fix the headline in formatdomain.html to be more generic,
and some leftover closing elements in the documentation.
Signed-off-by: NJán Tomko <jtomko@redhat.com>
Reviewed-by: NBrijesh Singh <brijesh.singh@amd.com>
Tested-by: NBrijesh Singh <brijesh.singh@amd.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
上级 a95b99d0
显示空白变更内容
内联 并排
Showing with 36 addition and 36 deletion
docs/formatdomain.html.in
浏览文件 @ e56ff8bc
......@@ -8458,12 +8458,12 @@ qemu-kvm -net nic,model=? /dev/null
<p>Note: DEA/TDEA is synonymous with DES/TDES.</p>
<h3><a id="sev">Secure Encrypted Virtualization (SEV)</a></h3>
<h3><a id="sev">Launch Security</a></h3>
<p>
The contents of the <code>&lt;launch-security type='sev'&gt;</code> element
The contents of the <code>&lt;launchSecurity type='sev'&gt;</code> element
is used to provide the guest owners input used for creating an encrypted
VM using the AMD SEV feature.
VM using the AMD SEV feature (Secure Encrypted Virtualization).
SEV is an extension to the AMD-V architecture which supports running
encrypted virtual machine (VMs) under the control of KVM. Encrypted
......@@ -8480,13 +8480,13 @@ qemu-kvm -net nic,model=? /dev/null
<pre>
&lt;domain&gt;
...
&lt;launch-security type='sev'&gt;
&lt;launchSecurity type='sev'&gt;
&lt;policy&gt; 0x0001 &lt;/policy&gt;
&lt;cbitpos&gt; 47 &lt;/cbitpos&gt;
&lt;reduced-phys-bits&gt; 1 &lt;/reduced-phys-bits&gt;
&lt;reducedPhysBits&gt; 1 &lt;/reducedPhysBits&gt;
&lt;dhCert&gt; RBBBSDDD=FDDCCCDDDG &lt;/dhCert&gt;
&lt;session&gt; AAACCCDD=FFFCCCDSDS &lt;/session&gt;
&lt;dh-cert&gt; RBBBSDDD=FDDCCCDDDG &lt;/dh&gt;
&lt;/sev&gt;
&lt;/launchSecurity&gt;
...
&lt;/domain&gt;
</pre>
......@@ -8498,8 +8498,8 @@ qemu-kvm -net nic,model=? /dev/null
hypervisor dependent and can be obtained through the <code>sev</code> element
from the domain capabilities.
</dd>
<dt><code>reduced-phys-bits</code></dt>
<dd>The required <code>reduced-phys-bits</code> element provides the physical
<dt><code>reducedPhysBits</code></dt>
<dd>The required <code>reducedPhysBits</code> element provides the physical
address bit reducation. Similar to <code>cbitpos</code> the value of <code>
reduced-phys-bit</code> is hypervisor dependent and can be obtained
through the <code>sev</code> element from the domain capabilities.
......@@ -8558,8 +8558,8 @@ qemu-kvm -net nic,model=? /dev/null
</table>
</dd>
<dt><code>dh-cert</code></dt>
<dd>The optional <code>dh-cert</code> element provides the guest owners
<dt><code>dhCert</code></dt>
<dd>The optional <code>dhCert</code> element provides the guest owners
base64 encoded Diffie-Hellman (DH) key. The key is used to negotiate a
master secret key between the SEV firmware and guest owner. This master
secret key is then used to establish a trusted channel between SEV
......
docs/schemas/domaincommon.rng
浏览文件 @ e56ff8bc
......@@ -78,7 +78,7 @@
<ref name='keywrap'/>
</optional>
<optional>
<ref name='launch-security'/>
<ref name='launchSecurity'/>
</optional>
</interleave>
</element>
......@@ -439,8 +439,8 @@
</element>
</define>
<define name="launch-security">
<element name="launch-security">
<define name="launchSecurity">
<element name="launchSecurity">
<attribute name="type">
<value>sev</value>
</attribute>
......@@ -448,7 +448,7 @@
<element name="cbitpos">
<data type='unsignedInt'/>
</element>
<element name="reduced-phys-bits">
<element name="reducedPhysBits">
<data type='unsignedInt'/>
</element>
<element name="policy">
......@@ -460,7 +460,7 @@
</element>
</optional>
<optional>
<element name="dh-cert">
<element name="dhCert">
<data type="string"/>
</element>
</optional>
......
src/conf/domain_conf.c
浏览文件 @ e56ff8bc
......@@ -15862,7 +15862,7 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode,
if (!(type = virXMLPropString(sevNode, "type"))) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("missing launch-security type"));
_("missing launch security type"));
goto error;
}
......@@ -15874,33 +15874,33 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode,
case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
default:
virReportError(VIR_ERR_XML_ERROR,
_("unsupported launch-security type '%s'"),
_("unsupported launch security type '%s'"),
type);
goto error;
}
if (virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch-security cbitpos"));
_("failed to get launch security cbitpos"));
goto error;
}
if (virXPathUInt("string(./reduced-phys-bits)", ctxt,
if (virXPathUInt("string(./reducedPhysBits)", ctxt,
&def->reduced_phys_bits) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch-security reduced-phys-bits"));
_("failed to get launch security reduced-phys-bits"));
goto error;
}
if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch-security policy"));
_("failed to get launch security policy"));
goto error;
}
def->policy = policy;
if ((tmp = virXPathString("string(./dh-cert)", ctxt))) {
if ((tmp = virXPathString("string(./dhCert)", ctxt))) {
if (VIR_STRDUP(def->dh_cert, tmp) < 0)
goto error;
......@@ -20730,7 +20730,7 @@ virDomainDefParseXML(xmlDocPtr xml,
VIR_FREE(nodes);
/* Check for SEV feature */
if ((node = virXPathNode("./launch-security", ctxt)) != NULL) {
if ((node = virXPathNode("./launchSecurity", ctxt)) != NULL) {
def->sev = virDomainSEVDefParseXML(node, ctxt);
if (!def->sev)
goto error;
......@@ -26771,22 +26771,22 @@ virDomainSEVDefFormat(virBufferPtr buf, virDomainSevDefPtr sev)
if (!sev)
return;
virBufferAsprintf(buf, "<launch-security type='%s'>\n",
virBufferAsprintf(buf, "<launchSecurity type='%s'>\n",
virDomainLaunchSecurityTypeToString(sev->sectype));
virBufferAdjustIndent(buf, 2);
virBufferAsprintf(buf, "<cbitpos>%d</cbitpos>\n", sev->cbitpos);
virBufferAsprintf(buf, "<reduced-phys-bits>%d</reduced-phys-bits>\n",
virBufferAsprintf(buf, "<reducedPhysBits>%d</reducedPhysBits>\n",
sev->reduced_phys_bits);
virBufferAsprintf(buf, "<policy>0x%04x</policy>\n", sev->policy);
if (sev->dh_cert)
virBufferEscapeString(buf, "<dh-cert>%s</dh-cert>\n", sev->dh_cert);
virBufferEscapeString(buf, "<dhCert>%s</dhCert>\n", sev->dh_cert);
if (sev->session)
virBufferEscapeString(buf, "<session>%s</session>\n", sev->session);
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "</launch-security>\n");
virBufferAddLit(buf, "</launchSecurity>\n");
}
......
tests/genericxml2xmlindata/launch-security-sev.xml
浏览文件 @ e56ff8bc
......@@ -14,11 +14,11 @@
<on_crash>destroy</on_crash>
<devices>
</devices>
<launch-security type='sev'>
<launchSecurity type='sev'>
<cbitpos>47</cbitpos>
<reduced-phys-bits>1</reduced-phys-bits>
<reducedPhysBits>1</reducedPhysBits>
<policy>0x0001</policy>
<dh-cert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dh-cert>
<dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
<session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
</launch-security>
</launchSecurity>
</domain>
tests/qemuxml2argvdata/launch-security-sev.xml
浏览文件 @ e56ff8bc
......@@ -27,11 +27,11 @@
<input type='keyboard' bus='ps2'/>
<memballoon model='none'/>
</devices>
<launch-security type='sev'>
<launchSecurity type='sev'>
<cbitpos>47</cbitpos>
<reduced-phys-bits>1</reduced-phys-bits>
<reducedPhysBits>1</reducedPhysBits>
<policy>0x0001</policy>
<dh-cert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dh-cert>
<dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
<session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
</launch-security>
</launchSecurity>
</domain>
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册