External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-01 15:42:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

conf: prefer camelCase for launchSecurity

Browse Source 
Adjust the documentation, parser and tests to change:
launch-security -> launchSecurity
reduced-phys-bits -> reducedPhysBits
dh-cert -> dhCert

Also fix the headline in formatdomain.html to be more generic,
and some leftover closing elements in the documentation.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Tested-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Ján Tomko 2018-06-12 13:50:25 +02:00
parent a95b99d030
commit e56ff8bc72
5 changed files with 36 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/formatdomain.html.in
View File

@ -8458,12 +8458,12 @@ qemu-kvm -net nic,model=? /dev/null
<p>Note: DEA/TDEA is synonymous with DES/TDES.</p>
<h3><a id="sev">Secure Encrypted Virtualization (SEV)</a></h3>
<h3><a id="sev">Launch Security</a></h3>
<p>
The contents of the <code>&lt;launch-security type='sev'&gt;</code> element
The contents of the <code>&lt;launchSecurity type='sev'&gt;</code> element
is used to provide the guest owners input used for creating an encrypted
VM using the AMD SEV feature.
VM using the AMD SEV feature (Secure Encrypted Virtualization).
SEV is an extension to the AMD-V architecture which supports running
encrypted virtual machine (VMs) under the control of KVM. Encrypted
@ -8480,13 +8480,13 @@ qemu-kvm -net nic,model=? /dev/null
<pre>
&lt;domain&gt;
...
&lt;launch-security type='sev'&gt;
&lt;launchSecurity type='sev'&gt;
&lt;policy&gt; 0x0001 &lt;/policy&gt;
&lt;cbitpos&gt; 47 &lt;/cbitpos&gt;
&lt;reduced-phys-bits&gt; 1 &lt;/reduced-phys-bits&gt;
&lt;reducedPhysBits&gt; 1 &lt;/reducedPhysBits&gt;
&lt;dhCert&gt; RBBBSDDD=FDDCCCDDDG &lt;/dhCert&gt;
&lt;session&gt; AAACCCDD=FFFCCCDSDS &lt;/session&gt;
&lt;dh-cert&gt; RBBBSDDD=FDDCCCDDDG &lt;/dh&gt;
&lt;/sev&gt;
&lt;/launchSecurity&gt;
...
&lt;/domain&gt;
</pre>
@ -8498,8 +8498,8 @@ qemu-kvm -net nic,model=? /dev/null
hypervisor dependent and can be obtained through the <code>sev</code> element
from the domain capabilities.
</dd>
<dt><code>reduced-phys-bits</code></dt>
<dd>The required <code>reduced-phys-bits</code> element provides the physical
<dt><code>reducedPhysBits</code></dt>
<dd>The required <code>reducedPhysBits</code> element provides the physical
address bit reducation. Similar to <code>cbitpos</code> the value of <code>
reduced-phys-bit</code> is hypervisor dependent and can be obtained
through the <code>sev</code> element from the domain capabilities.
@ -8558,8 +8558,8 @@ qemu-kvm -net nic,model=? /dev/null
</table>
</dd>
<dt><code>dh-cert</code></dt>
<dd>The optional <code>dh-cert</code> element provides the guest owners
<dt><code>dhCert</code></dt>
<dd>The optional <code>dhCert</code> element provides the guest owners
base64 encoded Diffie-Hellman (DH) key. The key is used to negotiate a
master secret key between the SEV firmware and guest owner. This master
secret key is then used to establish a trusted channel between SEV

10
docs/schemas/domaincommon.rng
View File

@ -78,7 +78,7 @@
<ref name='keywrap'/>
</optional>
<optional>
<ref name='launch-security'/>
<ref name='launchSecurity'/>
</optional>
</interleave>
</element>
@ -439,8 +439,8 @@
</element>
</define>
<define name="launch-security">
<element name="launch-security">
<define name="launchSecurity">
<element name="launchSecurity">
<attribute name="type">
<value>sev</value>
</attribute>
@ -448,7 +448,7 @@
<element name="cbitpos">
<data type='unsignedInt'/>
</element>
<element name="reduced-phys-bits">
<element name="reducedPhysBits">
<data type='unsignedInt'/>
</element>
<element name="policy">
@ -460,7 +460,7 @@
</element>
</optional>
<optional>
<element name="dh-cert">
<element name="dhCert">
<data type="string"/>
</element>
</optional>

24
src/conf/domain_conf.c
View File

@ -15862,7 +15862,7 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode,
if (!(type = virXMLPropString(sevNode, "type"))) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("missing launch-security type"));
_("missing launch security type"));
goto error;
}
@ -15874,33 +15874,33 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode,
case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
default:
virReportError(VIR_ERR_XML_ERROR,
_("unsupported launch-security type '%s'"),
_("unsupported launch security type '%s'"),
type);
goto error;
}
if (virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch-security cbitpos"));
_("failed to get launch security cbitpos"));
goto error;
}
if (virXPathUInt("string(./reduced-phys-bits)", ctxt,
if (virXPathUInt("string(./reducedPhysBits)", ctxt,
&def->reduced_phys_bits) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch-security reduced-phys-bits"));
_("failed to get launch security reduced-phys-bits"));
goto error;
}
if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch-security policy"));
_("failed to get launch security policy"));
goto error;
}
def->policy = policy;
if ((tmp = virXPathString("string(./dh-cert)", ctxt))) {
if ((tmp = virXPathString("string(./dhCert)", ctxt))) {
if (VIR_STRDUP(def->dh_cert, tmp) < 0)
goto error;
@ -20730,7 +20730,7 @@ virDomainDefParseXML(xmlDocPtr xml,
VIR_FREE(nodes);
/* Check for SEV feature */
if ((node = virXPathNode("./launch-security", ctxt)) != NULL) {
if ((node = virXPathNode("./launchSecurity", ctxt)) != NULL) {
def->sev = virDomainSEVDefParseXML(node, ctxt);
if (!def->sev)
goto error;
@ -26771,22 +26771,22 @@ virDomainSEVDefFormat(virBufferPtr buf, virDomainSevDefPtr sev)
if (!sev)
return;
virBufferAsprintf(buf, "<launch-security type='%s'>\n",
virBufferAsprintf(buf, "<launchSecurity type='%s'>\n",
virDomainLaunchSecurityTypeToString(sev->sectype));
virBufferAdjustIndent(buf, 2);
virBufferAsprintf(buf, "<cbitpos>%d</cbitpos>\n", sev->cbitpos);
virBufferAsprintf(buf, "<reduced-phys-bits>%d</reduced-phys-bits>\n",
virBufferAsprintf(buf, "<reducedPhysBits>%d</reducedPhysBits>\n",
sev->reduced_phys_bits);
virBufferAsprintf(buf, "<policy>0x%04x</policy>\n", sev->policy);
if (sev->dh_cert)
virBufferEscapeString(buf, "<dh-cert>%s</dh-cert>\n", sev->dh_cert);
virBufferEscapeString(buf, "<dhCert>%s</dhCert>\n", sev->dh_cert);
if (sev->session)
virBufferEscapeString(buf, "<session>%s</session>\n", sev->session);
virBufferAdjustIndent(buf, -2);
virBufferAddLit(buf, "</launch-security>\n");
virBufferAddLit(buf, "</launchSecurity>\n");
}

8
tests/genericxml2xmlindata/launch-security-sev.xml
View File

@ -14,11 +14,11 @@
<on_crash>destroy</on_crash>
<devices>
</devices>
<launch-security type='sev'>
<launchSecurity type='sev'>
<cbitpos>47</cbitpos>
<reduced-phys-bits>1</reduced-phys-bits>
<reducedPhysBits>1</reducedPhysBits>
<policy>0x0001</policy>
<dh-cert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dh-cert>
<dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
<session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
</launch-security>
</launchSecurity>
</domain>

8
tests/qemuxml2argvdata/launch-security-sev.xml
View File

@ -27,11 +27,11 @@
<input type='keyboard' bus='ps2'/>
<memballoon model='none'/>
</devices>
<launch-security type='sev'>
<launchSecurity type='sev'>
<cbitpos>47</cbitpos>
<reduced-phys-bits>1</reduced-phys-bits>
<reducedPhysBits>1</reducedPhysBits>
<policy>0x0001</policy>
<dh-cert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dh-cert>
<dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
<session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
</launch-security>
</launchSecurity>
</domain>