Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
libvirt.11329
764491c9-qemu-fix-probing-sev-support.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 764491c9-qemu-fix-probing-sev-support.patch of Package libvirt.11329
commit 764491c9dddf063292adf1433769ccccb1a50db6 Author: Erik Skultety <eskultet@redhat.com> Date: Tue Aug 14 15:54:46 2018 +0200 qemu: Fix probing of AMD SEV support So the procedure to detect SEV support works like this: 1) we detect that sev-guest is among the QOM types and set the cap flag 2) we probe the monitor for SEV support - this is tricky, because QEMU with compiled SEV support will always report -object sev-guest and query-sev-capabilities command, that however doesn't mean SEV is supported 3) depending on what the monitor returned, we either keep or clear the capability flag for SEV Commit a349c6c21c6 added an explicit check for "GenericError" in the monitor reply to prevent libvirtd to spam logs about missing 'query-sev-capabilities' command. At the same time though, it returned success in this case which means that we didn't clear the capability flag afterwards and happily formatted SEV into qemuCaps. Therefore, adjust all the relevant callers to handle -1 on errors, 0 on SEV being unsupported and 1 on SEV being supported. Signed-off-by: Erik Skultety <eskultet@redhat.com> Acked-by: Peter Krempa <pkrempa@redhat.com> Index: libvirt-4.0.0/src/qemu/qemu_capabilities.c =================================================================== --- libvirt-4.0.0.orig/src/qemu/qemu_capabilities.c +++ libvirt-4.0.0/src/qemu/qemu_capabilities.c @@ -3322,18 +3322,20 @@ virQEMUCapsProbeQMPGICCapabilities(virQE } +/* Returns -1 on error, 0 if SEV is not supported, 1 if SEV is supported */ static int virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps, qemuMonitorPtr mon) { + int rc = -1; virSEVCapability *caps = NULL; - if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0) - return -1; + if ((rc = qemuMonitorGetSEVCapabilities(mon, &caps)) <= 0) + return rc; virSEVCapabilitiesFree(qemuCaps->sevCapabilities); qemuCaps->sevCapabilities = caps; - return 0; + return rc; } @@ -4949,7 +4951,12 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr /* Probe for SEV capabilities */ if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) { - if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0) + int rc = virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon); + + if (rc < 0) + goto cleanup; + + if (rc == 0) virQEMUCapsClear(qemuCaps, QEMU_CAPS_SEV_GUEST); } Index: libvirt-4.0.0/src/qemu/qemu_monitor_json.c =================================================================== --- libvirt-4.0.0.orig/src/qemu/qemu_monitor_json.c +++ libvirt-4.0.0/src/qemu/qemu_monitor_json.c @@ -6263,6 +6263,20 @@ qemuMonitorJSONGetGICCapabilities(qemuMo } +/** + * qemuMonitorJSONGetSEVCapabilities: + * @mon: qemu monitor object + * @capabilities: pointer to pointer to a SEV capability structure to be filled + * + * This function queries and fills in AMD's SEV platform-specific data. + * Note that from QEMU's POV both -object sev-guest and query-sev-capabilities + * can be present even if SEV is not available, which basically leaves us with + * checking for JSON "GenericError" in order to differentiate between + * compiled-in support and actual SEV support on the platform. + * + * Returns -1 on error, 0 if SEV is not supported, and 1 if SEV is supported on + * the platform. + */ int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, virSEVCapability **capabilities) @@ -6284,8 +6298,7 @@ qemuMonitorJSONGetSEVCapabilities(qemuMo if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) goto cleanup; - /* Both -object sev-guest and query-sev-capabilities can be present - * even if SEV is not available */ + /* QEMU has only compiled-in support of SEV */ if (qemuMonitorJSONHasError(reply, "GenericError")) { ret = 0; goto cleanup; @@ -6337,8 +6350,7 @@ qemuMonitorJSONGetSEVCapabilities(qemuMo capability->cbitpos = cbitpos; capability->reduced_phys_bits = reduced_phys_bits; VIR_STEAL_PTR(*capabilities, capability); - ret = 0; - + ret = 1; cleanup: virSEVCapabilitiesFree(capability); virJSONValueFree(cmd);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor