From nobody Sat Apr 20 11:46:49 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1534415733426122.33667092451185;
 Thu, 16 Aug 2018 03:35:33 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com
 [10.5.11.27])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 66D245F73B;
	Thu, 16 Aug 2018 10:35:31 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 230AEAD025;
	Thu, 16 Aug 2018 10:35:31 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id B8EF03F7FF;
	Thu, 16 Aug 2018 10:35:30 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
	[10.11.54.3])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w7GAZSo4009806 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 16 Aug 2018 06:35:28 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 3A55B111AF30; Thu, 16 Aug 2018 10:35:28 +0000 (UTC)
Received: from beluga.usersys.redhat.com (unknown [10.43.2.166])
	by smtp.corp.redhat.com (Postfix) with ESMTP id AC14910EE991;
	Thu, 16 Aug 2018 10:35:27 +0000 (UTC)
From: Erik Skultety <eskultet@redhat.com>
To: libvir-list@redhat.com
Date: Thu, 16 Aug 2018 12:35:15 +0200
Message-Id: 
 <415ea072b63cc1e138db7e98d8f65ab43c6827a3.1534414409.git.eskultet@redhat.com>
In-Reply-To: <cover.1534414409.git.eskultet@redhat.com>
References: <cover.1534414409.git.eskultet@redhat.com>
In-Reply-To: <cover.1534414409.git.eskultet@redhat.com>
References: <cover.1534414409.git.eskultet@redhat.com>
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
X-loop: libvir-list@redhat.com
Cc: Erik Skultety <eskultet@redhat.com>
Subject: [libvirt] [PATCH v2 1/4] tests: sev: Test launch-security with
	specific QEMU version
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.27
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]);
 Thu, 16 Aug 2018 10:35:32 +0000 (UTC)
X-ZohoMail: RDMRC_0  RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

In order to test SEV we need real QEMU capabilities. Ideally, this would
be tested with -latest capabilities, however, our capabilities are
currently tied to Intel HW, even the 2.12.0 containing SEV were edited by
hand, so we can only use that one for now, as splitting the capabilities
according to the vendor is a refactor for another day. The need for real
capabilities comes from the extended SEV platform data (PDH, cbitpos,
etc.) we'll need to cache/parse.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Acked-by: Peter Krempa <pkrempa@redhat.com>
---
 ...ev.args =3D> launch-security-sev.x86_64-2.12.0.args} | 19 ++++++++++++-=
------
 tests/qemuxml2argvtest.c                              |  4 +---
 2 files changed, 13 insertions(+), 10 deletions(-)
 rename tests/qemuxml2argvdata/{launch-security-sev.args =3D> launch-securi=
ty-sev.x86_64-2.12.0.args} (54%)

diff --git a/tests/qemuxml2argvdata/launch-security-sev.args b/tests/qemuxm=
l2argvdata/launch-security-sev.x86_64-2.12.0.args
similarity index 54%
rename from tests/qemuxml2argvdata/launch-security-sev.args
rename to tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args
index 219a242e51..6da068e1a5 100644
--- a/tests/qemuxml2argvdata/launch-security-sev.args
+++ b/tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args
@@ -5,25 +5,30 @@ USER=3Dtest \
 LOGNAME=3Dtest \
 QEMU_AUDIO_DRV=3Dnone \
 /usr/bin/qemu-system-x86_64 \
--name QEMUGuest1 \
+-name guest=3DQEMUGuest1,debug-threads=3Don \
 -S \
+-object secret,id=3DmasterKey0,format=3Draw,\
+file=3D/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
 -machine pc-1.0,accel=3Dkvm,usb=3Doff,dump-guest-core=3Doff,memory-encrypt=
ion=3Dsev0 \
 -m 214 \
+-realtime mlock=3Doff \
 -smp 1,sockets=3D1,cores=3D1,threads=3D1 \
 -uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
 -display none \
 -no-user-config \
 -nodefaults \
--chardev socket,id=3Dcharmonitor,path=3D/tmp/lib/domain--1-QEMUGuest1/moni=
tor.sock,\
-server,nowait \
+-chardev socket,id=3Dcharmonitor,fd=3D1729,server,nowait \
 -mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \
 -rtc base=3Dutc \
 -no-shutdown \
 -no-acpi \
--usb \
+-boot strict=3Don \
+-device piix3-usb-uhci,id=3Dusb,bus=3Dpci.0,addr=3D0x1.0x2 \
 -drive file=3D/dev/HostVG/QEMUGuest1,format=3Draw,if=3Dnone,id=3Ddrive-ide=
0-0-0 \
--device ide-drive,bus=3Dide.0,unit=3D0,drive=3Ddrive-ide0-0-0,id=3Dide0-0-=
0,\
-bootindex=3D1 \
+-device ide-hd,bus=3Dide.0,unit=3D0,drive=3Ddrive-ide0-0-0,id=3Dide0-0-0,b=
ootindex=3D1 \
 -object sev-guest,id=3Dsev0,cbitpos=3D47,reduced-phys-bits=3D1,policy=3D0x=
1,\
 dh-cert-file=3D/tmp/lib/domain--1-QEMUGuest1/dh_cert.base64,\
-session-file=3D/tmp/lib/domain--1-QEMUGuest1/session.base64
+session-file=3D/tmp/lib/domain--1-QEMUGuest1/session.base64 \
+-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,\
+resourcecontrol=3Ddeny \
+-msg timestamp=3Don
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 5de92e67e7..0e9eef66ee 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2972,9 +2972,7 @@ mymain(void)
     DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw", "s390x");
     DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw-auto", "s390x");
=20
-    DO_TEST("launch-security-sev",
-            QEMU_CAPS_KVM,
-            QEMU_CAPS_SEV_GUEST);
+    DO_TEST_CAPS_VER("launch-security-sev", "2.12.0");
=20
     if (getenv("LIBVIRT_SKIP_CLEANUP") =3D=3D NULL)
         virFileDeleteTree(fakerootdir);
--=20
2.14.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list