From 36ea83449f023a04a0405ed0912358d719f5611e Mon Sep 17 00:00:00 2001 From: Cole Robinson Date: Tue, 10 Sep 2024 12:51:06 -0400 Subject: [PATCH] Add sev-snp changes from upstream https://fedoraproject.org/wiki/Changes/ConfidentialVirtHostAMDSEVSNP Signed-off-by: Cole Robinson --- ...tinst-add-properties-for-AMD-SEV-SNP.patch | 69 +++++++++++++++++++ virt-manager.spec | 6 ++ 2 files changed, 75 insertions(+) create mode 100644 0001-virtinst-add-properties-for-AMD-SEV-SNP.patch diff --git a/0001-virtinst-add-properties-for-AMD-SEV-SNP.patch b/0001-virtinst-add-properties-for-AMD-SEV-SNP.patch new file mode 100644 index 0000000..d3995af --- /dev/null +++ b/0001-virtinst-add-properties-for-AMD-SEV-SNP.patch @@ -0,0 +1,69 @@ +From 848635bd8fc915bb2b7b9128e660cea9f20c42a5 Mon Sep 17 00:00:00 2001 +Message-ID: <848635bd8fc915bb2b7b9128e660cea9f20c42a5.1725987015.git.crobinso@redhat.com> +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= +Date: Tue, 20 Aug 2024 10:03:56 +0100 +Subject: [PATCH virt-manager] virtinst: add properties for AMD SEV-SNP +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +Content-type: text/plain + +Signed-off-by: Daniel P. Berrangé +--- + virtinst/cli.py | 7 ++++++- + virtinst/domain/launch_security.py | 12 ++++++++++++ + 2 files changed, 18 insertions(+), 1 deletion(-) + +diff --git a/virtinst/cli.py b/virtinst/cli.py +index c4dffd34..43b5fb52 100644 +--- a/virtinst/cli.py ++++ b/virtinst/cli.py +@@ -4805,8 +4805,13 @@ class ParserLaunchSecurity(VirtCLIParser): + cls.add_arg("policy", "policy") + cls.add_arg("session", "session") + cls.add_arg("dhCert", "dhCert") ++ cls.add_arg("guestVisibleWorkarounds", "guestVisibleWorkarounds") ++ cls.add_arg("idBlock", "idBlock") ++ cls.add_arg("idAuth", "idAuth") ++ cls.add_arg("hostData", "hostData") + cls.add_arg("kernelHashes", "kernelHashes", is_onoff=True) +- ++ cls.add_arg("authorKey", "authorKey", is_onoff=True) ++ cls.add_arg("vcek", "vcek", is_onoff=True) + + ########################### + # Public virt parser APIs # +diff --git a/virtinst/domain/launch_security.py b/virtinst/domain/launch_security.py +index 9d2998d9..f56527cb 100644 +--- a/virtinst/domain/launch_security.py ++++ b/virtinst/domain/launch_security.py +@@ -16,7 +16,13 @@ class DomainLaunchSecurity(XMLBuilder): + policy = XMLProperty("./policy") + session = XMLProperty("./session") + dhCert = XMLProperty("./dhCert") ++ guestVisibleWorkarounds = XMLProperty("./guestVisibleWorkarounds") ++ idBlock = XMLProperty("./idBlock") ++ idAuth = XMLProperty("./idAuth") ++ hostData = XMLProperty("./hostData") + kernelHashes = XMLProperty("./@kernelHashes", is_yesno=True) ++ authorKey = XMLProperty("./@authorKey", is_yesno=True) ++ vcek = XMLProperty("./@vcek", is_yesno=True) + + def _set_defaults_sev(self, guest): + if not guest.os.is_q35() or not guest.is_uefi(): +@@ -32,6 +38,12 @@ class DomainLaunchSecurity(XMLBuilder): + if domcaps.supports_sev_launch_security(check_es=True): + self.policy = "0x07" + ++ def _set_defaults_sev_snp(self, guest): ++ if not guest.os.is_q35() or not guest.is_uefi(): ++ raise RuntimeError(_("SEV-SNP launch security requires a Q35 UEFI machine")) ++ + def set_defaults(self, guest): + if self.type == "sev": + return self._set_defaults_sev(guest) ++ elif self.type == "sev-snp": ++ return self._set_defaults_sev_snp(guest) +-- +2.46.0 + diff --git a/virt-manager.spec b/virt-manager.spec index 3b7ba07..29cc82a 100644 --- a/virt-manager.spec +++ b/virt-manager.spec @@ -20,6 +20,9 @@ Source0: https://virt-manager.org/download/sources/%{name}/%{name}-%{version}.ta # https://bugzilla.redhat.com/show_bug.cgi?id=2294201 Patch1: 0001-Fix-pylint-pycodestyle-warnings-with-latest-versions.patch +# https://fedoraproject.org/wiki/Changes/ConfidentialVirtHostAMDSEVSNP +Patch2: 0001-virtinst-add-properties-for-AMD-SEV-SNP.patch + Requires: virt-manager-common = %{verrel} Requires: python3-gobject >= 3.31.3 Requires: gtk3 >= 3.22.0 @@ -178,6 +181,9 @@ machine). %changelog +* Tue Sep 10 2024 Cole Robinson - 4.1.0-8 +- Add sev-snp changes for feature ConfidentialVirtHostAMDSEVSNP + * Mon Aug 05 2024 Cole Robinson - 4.1.0-8 - Fix flatpak build - Add /usr/share/virt-manager/ui/ to rpm db (bz 2283244)