From nobody Tue Apr 16 14:43:21 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1534415738762497.1142577157856;
 Thu, 16 Aug 2018 03:35:38 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 75C5D461CE;
	Thu, 16 Aug 2018 10:35:36 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 3EAB05B681;
	Thu, 16 Aug 2018 10:35:36 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id E24B918037F0;
	Thu, 16 Aug 2018 10:35:35 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
	[10.11.54.3])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w7GAZT03009822 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 16 Aug 2018 06:35:30 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id C9B5F10EE95C; Thu, 16 Aug 2018 10:35:29 +0000 (UTC)
Received: from beluga.usersys.redhat.com (unknown [10.43.2.166])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 47CBA10EE991;
	Thu, 16 Aug 2018 10:35:29 +0000 (UTC)
From: Erik Skultety <eskultet@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 16 Aug 2018 12:35:17 +0200
Message-Id: 
 <1b57cd78740a1faa76d52dcbf603b83d6270cee8.1534414409.git.eskultet@redhat.com>
In-Reply-To: <cover.1534414409.git.eskultet@redhat.com>
References: <cover.1534414409.git.eskultet@redhat.com>
In-Reply-To: <cover.1534414409.git.eskultet@redhat.com>
References: <cover.1534414409.git.eskultet@redhat.com>
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
X-loop: libvir-list@redhat.com
Cc: Erik Skultety <eskultet@redhat.com>
Subject: [libvirt] [PATCH v2 3/4] qemu: Fix probing of AMD SEV support
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]);
 Thu, 16 Aug 2018 10:35:37 +0000 (UTC)
X-ZohoMail: RDMRC_0  RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

So the procedure to detect SEV support works like this:
1) we detect that sev-guest is among the QOM types and set the cap flag
2) we probe the monitor for SEV support
    - this is tricky, because QEMU with compiled SEV support will always
    report -object sev-guest and query-sev-capabilities command, that
    however doesn't mean SEV is supported
3) depending on what the monitor returned, we either keep or clear the
capability flag for SEV

Commit a349c6c21c6 added an explicit check for "GenericError" in the
monitor reply to prevent libvirtd to spam logs about missing
'query-sev-capabilities' command. At the same time though, it returned
success in this case which means that we didn't clear the capability
flag afterwards and happily formatted SEV into qemuCaps. Therefore,
adjust all the relevant callers to handle -1 on errors, 0 on SEV being
unsupported and 1 on SEV being supported.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
---
 src/qemu/qemu_capabilities.c                     | 15 +++++++++++----
 src/qemu/qemu_monitor_json.c                     | 20 ++++++++++++++++----
 tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml |  1 -
 3 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index c17d26801e..fc46a380f6 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -2767,18 +2767,20 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr q=
emuCaps,
 }
=20
=20
+/* Returns -1 on error, 0 if SEV is not supported, 1 if SEV is supported */
 static int
 virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps,
                                    qemuMonitorPtr mon)
 {
+    int rc =3D -1;
     virSEVCapability *caps =3D NULL;
=20
-    if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0)
-        return -1;
+    if ((rc =3D qemuMonitorGetSEVCapabilities(mon, &caps)) <=3D 0)
+        return rc;
=20
     virSEVCapabilitiesFree(qemuCaps->sevCapabilities);
     qemuCaps->sevCapabilities =3D caps;
-    return 0;
+    return rc;
 }
=20
=20
@@ -4188,7 +4190,12 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps,
=20
     /* Probe for SEV capabilities */
     if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) {
-        if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0)
+        int rc =3D virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon);
+
+        if (rc < 0)
+            goto cleanup;
+
+        if (rc =3D=3D 0)
             virQEMUCapsClear(qemuCaps, QEMU_CAPS_SEV_GUEST);
     }
=20
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 3f99f39120..ed6caf4c2f 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -6435,6 +6435,20 @@ qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon,
 }
=20
=20
+/**
+ * qemuMonitorJSONGetSEVCapabilities:
+ * @mon: qemu monitor object
+ * @capabilities: pointer to pointer to a SEV capability structure to be f=
illed
+ *
+ * This function queries and fills in AMD's SEV platform-specific data.
+ * Note that from QEMU's POV both -object sev-guest and query-sev-capabili=
ties
+ * can be present even if SEV is not available, which basically leaves us =
with
+ * checking for JSON "GenericError" in order to differentiate between
+ * compiled-in support and actual SEV support on the platform.
+ *
+ * Returns -1 on error, 0 if SEV is not supported, and 1 if SEV is support=
ed on
+ * the platform.
+ */
 int
 qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon,
                                   virSEVCapability **capabilities)
@@ -6458,8 +6472,7 @@ qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon,
     if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0)
         goto cleanup;
=20
-    /* Both -object sev-guest and query-sev-capabilities can be present
-     * even if SEV is not available */
+    /* QEMU has only compiled-in support of SEV */
     if (qemuMonitorJSONHasError(reply, "GenericError")) {
         ret =3D 0;
         goto cleanup;
@@ -6511,8 +6524,7 @@ qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon,
     capability->cbitpos =3D cbitpos;
     capability->reduced_phys_bits =3D reduced_phys_bits;
     VIR_STEAL_PTR(*capabilities, capability);
-    ret =3D 0;
-
+    ret =3D 1;
  cleanup:
     virJSONValueFree(cmd);
     virJSONValueFree(reply);
diff --git a/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml b/tests/qemuc=
apabilitiesdata/caps_3.0.0.x86_64.xml
index c8da1c5696..a9e8fe2dab 100644
--- a/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_3.0.0.x86_64.xml
@@ -211,7 +211,6 @@
   <flag name=3D'tpm-emulator'/>
   <flag name=3D'mch'/>
   <flag name=3D'mch.extended-tseg-mbytes'/>
-  <flag name=3D'sev-guest'/>
   <flag name=3D'usb-storage.werror'/>
   <flag name=3D'egl-headless'/>
   <flag name=3D'vfio-pci.display'/>
--=20
2.14.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list