]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
projects / thirdparty / libvirt.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 67b0720)
conf: Expose TDX type in domain launch security capability
authorZhenzhong Duan <zhenzhong.duan@intel.com>
Thu, 10 Jul 2025 07:21:12 +0000 (03:21 -0400)
committerDaniel P. Berrangé <berrange@redhat.com>
Fri, 25 Jul 2025 10:28:01 +0000 (11:28 +0100)
As the tdx launch security type support is added, expose it in domain
capabilities so that domain definition validation check can take
effect.

Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
src/qemu/qemu_capabilities.c patch | blob | blame | history
tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml patch | blob | blame | history
tests/domaincapsdata/qemu_10.1.0-q35.x86_64.xml patch | blob | blame | history
tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml patch | blob | blame | history
tests/domaincapsdata/qemu_10.1.0-tcg.x86_64.xml patch | blob | blame | history
tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml patch | blob | blame | history
tests/domaincapsdata/qemu_10.1.0.x86_64.xml patch | blob | blame | history

diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index f4f77a491c009e0bd1a8d2d01f597f57f7e4065b..d2b59ba1f40ba912ccdff7d74d487e9224212da4 100644 (file)
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -6776,6 +6776,8 @@ virQEMUCapsFillDomainLaunchSecurity(virQEMUCaps *qemuCaps,
     if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_S390_PV_GUEST) &&
         virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GUEST_SUPPORT))
         VIR_DOMAIN_CAPS_ENUM_SET(launchSecurity->sectype, VIR_DOMAIN_LAUNCH_SECURITY_PV);
+    if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_TDX_GUEST))
+        VIR_DOMAIN_CAPS_ENUM_SET(launchSecurity->sectype, VIR_DOMAIN_LAUNCH_SECURITY_TDX);
 
     if (launchSecurity->sectype.values == 0) {
         launchSecurity->supported = VIR_TRISTATE_BOOL_NO;
diff --git a/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
index 61aa1aafd0be479f339d9cef200b80617b6b2e16..fafa28ecbef026ab5e726a68e6f2d852f469a42b 100644 (file)
--- a/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
+++ b/tests/domaincapsdata/qemu_10.1.0-q35.x86_64+inteltdx.xml
@@ -774,6 +774,10 @@
         <value>xmm_input</value>
       </enum>
     </hyperv>
-    <launchSecurity supported='no'/>
+    <launchSecurity supported='yes'>
+      <enum name='sectype'>
+        <value>tdx</value>
+      </enum>
+    </launchSecurity>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_10.1.0-q35.x86_64.xml b/tests/domaincapsdata/qemu_10.1.0-q35.x86_64.xml
index d85073300d591a75ec4c029483a722dba419ff32..4ea6cf920a68b27423793e2fe3f14db344376068 100644 (file)
--- a/tests/domaincapsdata/qemu_10.1.0-q35.x86_64.xml
+++ b/tests/domaincapsdata/qemu_10.1.0-q35.x86_64.xml
@@ -1718,6 +1718,10 @@
         <value>xmm_input</value>
       </enum>
     </hyperv>
-    <launchSecurity supported='no'/>
+    <launchSecurity supported='yes'>
+      <enum name='sectype'>
+        <value>tdx</value>
+      </enum>
+    </launchSecurity>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
index 1d2795c4df60ff89bd4eb71548b9d1db05ceaca6..eba8023fc836c02d0334d779a74593dcd5551dfd 100644 (file)
--- a/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
+++ b/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64+inteltdx.xml
@@ -1821,6 +1821,10 @@
         <value>xmm_input</value>
       </enum>
     </hyperv>
-    <launchSecurity supported='no'/>
+    <launchSecurity supported='yes'>
+      <enum name='sectype'>
+        <value>tdx</value>
+      </enum>
+    </launchSecurity>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64.xml b/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64.xml
index 509f4aefe3fa827086c6b7c07b1d135caf5826b4..fd4ea39d42946686cd6eaf8638c4cc6f3417cffd 100644 (file)
--- a/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64.xml
+++ b/tests/domaincapsdata/qemu_10.1.0-tcg.x86_64.xml
@@ -1822,6 +1822,10 @@
         <value>xmm_input</value>
       </enum>
     </hyperv>
-    <launchSecurity supported='no'/>
+    <launchSecurity supported='yes'>
+      <enum name='sectype'>
+        <value>tdx</value>
+      </enum>
+    </launchSecurity>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml b/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
index 6048a66b873f4593a45323df2bf99c60b93f2aef..9ea7d779b5124ca877b514e28dd7e73849582c03 100644 (file)
--- a/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
+++ b/tests/domaincapsdata/qemu_10.1.0.x86_64+inteltdx.xml
@@ -774,6 +774,10 @@
         <value>xmm_input</value>
       </enum>
     </hyperv>
-    <launchSecurity supported='no'/>
+    <launchSecurity supported='yes'>
+      <enum name='sectype'>
+        <value>tdx</value>
+      </enum>
+    </launchSecurity>
   </features>
 </domainCapabilities>
diff --git a/tests/domaincapsdata/qemu_10.1.0.x86_64.xml b/tests/domaincapsdata/qemu_10.1.0.x86_64.xml
index 3d69ed3af106200c6721f2754badb80b676ab31a..a46ab68b484745503b49a53576f2c4126104603d 100644 (file)
--- a/tests/domaincapsdata/qemu_10.1.0.x86_64.xml
+++ b/tests/domaincapsdata/qemu_10.1.0.x86_64.xml
@@ -1718,6 +1718,10 @@
         <value>xmm_input</value>
       </enum>
     </hyperv>
-    <launchSecurity supported='no'/>
+    <launchSecurity supported='yes'>
+      <enum name='sectype'>
+        <value>tdx</value>
+      </enum>
+    </launchSecurity>
   </features>
 </domainCapabilities>
Mirror of https://github.com/libvirt/libvirt.git