conf: extend domain capabilities for max SEV guest count

There are limits on the number of SEV/SEV-ES guests that can
be run on machines, which may be influenced by firmware
settings. This is important to expose to users.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

docs/formatdomaincaps.html.in

@@ -681,6 +681,12 @@
       <dt><code>reducedPhysBits</code></dt>
       <dd>When memory encryption is enabled, we lose certain bits in physical
       address space. The number of bits we lose is hypervisor dependent.</dd>
+      <dt><code>maxGuests</code></dt>
+      <dd>The maximum number of SEV guests that can be launched on the host.
+      This value may be configurable in the firmware for some hosts.</dd>
+      <dt><code>maxESGuests</code></dt>
+      <dd>The maximum number of SEV-ES guests that can be launched on the host.
+      This value may be configurable in the firmware for some hosts.</dd>
     </dl>
 
   </body>

docs/schemas/domaincaps.rng

@@ -323,6 +323,12 @@
         <element name="reducedPhysBits">
           <data type="unsignedInt"/>
         </element>
+        <element name="maxGuests">
+          <data type="unsignedInt"/>
+        </element>
+        <element name="maxESGuests">
+          <data type="unsignedInt"/>
+        </element>
       </optional>
     </element>
   </define>

src/conf/domain_capabilities.c

@@ -597,6 +597,10 @@ virDomainCapsFeatureSEVFormat(virBuffer *buf,
         virBufferAsprintf(buf, "<cbitpos>%d</cbitpos>\n", sev->cbitpos);
         virBufferAsprintf(buf, "<reducedPhysBits>%d</reducedPhysBits>\n",
                           sev->reduced_phys_bits);
+        virBufferAsprintf(buf, "<maxGuests>%d</maxGuests>\n",
+                          sev->max_guests);
+        virBufferAsprintf(buf, "<maxESGuests>%d</maxESGuests>\n",
+                          sev->max_es_guests);
         virBufferAdjustIndent(buf, -2);
         virBufferAddLit(buf, "</sev>\n");
     }

src/conf/domain_capabilities.h

@@ -187,6 +187,8 @@ struct _virSEVCapability {
     char *cert_chain;
     unsigned int cbitpos;
     unsigned int reduced_phys_bits;
+    unsigned int max_guests;
+    unsigned int max_es_guests;
 };
 
 typedef enum {

tests/domaincapsdata/qemu_2.12.0-q35.x86_64.xml

@@ -205,6 +205,8 @@
     <sev supported='yes'>
       <cbitpos>47</cbitpos>
       <reducedPhysBits>1</reducedPhysBits>
+      <maxGuests>0</maxGuests>
+      <maxESGuests>0</maxESGuests>
     </sev>
   </features>
 </domainCapabilities>

tests/domaincapsdata/qemu_2.12.0-tcg.x86_64.xml

@@ -215,6 +215,8 @@
     <sev supported='yes'>
       <cbitpos>47</cbitpos>
       <reducedPhysBits>1</reducedPhysBits>
+      <maxGuests>0</maxGuests>
+      <maxESGuests>0</maxESGuests>
     </sev>
   </features>
 </domainCapabilities>

tests/domaincapsdata/qemu_2.12.0.x86_64.xml

@@ -205,6 +205,8 @@
     <sev supported='yes'>
       <cbitpos>47</cbitpos>
       <reducedPhysBits>1</reducedPhysBits>
+      <maxGuests>0</maxGuests>
+      <maxESGuests>0</maxESGuests>
     </sev>
   </features>
 </domainCapabilities>

tests/domaincapsdata/qemu_6.0.0-q35.x86_64.xml

@@ -227,6 +227,8 @@
     <sev supported='yes'>
       <cbitpos>47</cbitpos>
       <reducedPhysBits>1</reducedPhysBits>
+      <maxGuests>0</maxGuests>
+      <maxESGuests>0</maxESGuests>
     </sev>
   </features>
 </domainCapabilities>

tests/domaincapsdata/qemu_6.0.0-tcg.x86_64.xml

@@ -233,6 +233,8 @@
     <sev supported='yes'>
       <cbitpos>47</cbitpos>
       <reducedPhysBits>1</reducedPhysBits>
+      <maxGuests>0</maxGuests>
+      <maxESGuests>0</maxESGuests>
     </sev>
   </features>
 </domainCapabilities>

tests/domaincapsdata/qemu_6.0.0.x86_64.xml

@@ -227,6 +227,8 @@
     <sev supported='yes'>
       <cbitpos>47</cbitpos>
       <reducedPhysBits>1</reducedPhysBits>
+      <maxGuests>0</maxGuests>
+      <maxESGuests>0</maxESGuests>
     </sev>
   </features>
 </domainCapabilities>