edecca
From 3984480fb9a20cd47de94db3f0246c90eb8c3c14 Mon Sep 17 00:00:00 2001
edecca
Message-Id: <3984480fb9a20cd47de94db3f0246c90eb8c3c14@dist-git>
edecca
From: Erik Skultety <eskultet@redhat.com>
edecca
Date: Mon, 20 Aug 2018 17:18:51 +0200
edecca
Subject: [PATCH] tests: sev: Test launch-security with specific QEMU version
edecca
MIME-Version: 1.0
edecca
Content-Type: text/plain; charset=UTF-8
edecca
Content-Transfer-Encoding: 8bit
edecca
edecca
In order to test SEV we need real QEMU capabilities. Ideally, this would
edecca
be tested with -latest capabilities, however, our capabilities are
edecca
currently tied to Intel HW, even the 2.12.0 containing SEV were edited by
edecca
hand, so we can only use that one for now, as splitting the capabilities
edecca
according to the vendor is a refactor for another day. The need for real
edecca
capabilities comes from the extended SEV platform data (PDH, cbitpos,
edecca
etc.) we'll need to cache/parse.
edecca
edecca
Signed-off-by: Erik Skultety <eskultet@redhat.com>
edecca
Acked-by: Peter Krempa <pkrempa@redhat.com>
edecca
(cherry picked from commit 6c50cef8a3e4e3407fb42a713a353e42ae3f2bc6)
edecca
edecca
https://bugzilla.redhat.com/show_bug.cgi?id=1612009
edecca
https://bugzilla.redhat.com/show_bug.cgi?id=1619150
edecca
edecca
Signed-off-by: Erik Skultety <eskultet@redhat.com>
edecca
edecca
 Conflicts:
edecca
	tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args
edecca
            - this wasn't a 100% clean file rename and git doesn't like
edecca
            that
edecca
edecca
Reviewed-by: Ján Tomko <jtomko@redhat.com>
edecca
---
edecca
 ...=> launch-security-sev.x86_64-2.12.0.args} | 19 ++++++++++++-------
edecca
 tests/qemuxml2argvtest.c                      |  4 +---
edecca
 2 files changed, 13 insertions(+), 10 deletions(-)
edecca
 rename tests/qemuxml2argvdata/{launch-security-sev.args => launch-security-sev.x86_64-2.12.0.args} (54%)
edecca
edecca
diff --git a/tests/qemuxml2argvdata/launch-security-sev.args b/tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args
edecca
similarity index 54%
edecca
rename from tests/qemuxml2argvdata/launch-security-sev.args
edecca
rename to tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args
edecca
index db0be1a27d..6da068e1a5 100644
edecca
--- a/tests/qemuxml2argvdata/launch-security-sev.args
edecca
+++ b/tests/qemuxml2argvdata/launch-security-sev.x86_64-2.12.0.args
edecca
@@ -5,25 +5,30 @@ USER=test \
edecca
 LOGNAME=test \
edecca
 QEMU_AUDIO_DRV=none \
edecca
 /usr/bin/qemu-system-x86_64 \
edecca
--name QEMUGuest1 \
edecca
+-name guest=QEMUGuest1,debug-threads=on \
edecca
 -S \
edecca
+-object secret,id=masterKey0,format=raw,\
edecca
+file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
edecca
 -machine pc-1.0,accel=kvm,usb=off,dump-guest-core=off,memory-encryption=sev0 \
edecca
 -m 214 \
edecca
+-realtime mlock=off \
edecca
 -smp 1,sockets=1,cores=1,threads=1 \
edecca
 -uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
edecca
 -display none \
edecca
 -no-user-config \
edecca
 -nodefaults \
edecca
--chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/monitor.sock,\
edecca
-server,nowait \
edecca
+-chardev socket,id=charmonitor,fd=1729,server,nowait \
edecca
 -mon chardev=charmonitor,id=monitor,mode=control \
edecca
 -rtc base=utc \
edecca
 -no-shutdown \
edecca
 -no-acpi \
edecca
--boot c \
edecca
--usb \
edecca
+-boot strict=on \
edecca
+-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
edecca
 -drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \
edecca
--device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 \
edecca
+-device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \
edecca
 -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1,policy=0x1,\
edecca
 dh-cert-file=/tmp/lib/domain--1-QEMUGuest1/dh_cert.base64,\
edecca
-session-file=/tmp/lib/domain--1-QEMUGuest1/session.base64
edecca
+session-file=/tmp/lib/domain--1-QEMUGuest1/session.base64 \
edecca
+-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,\
edecca
+resourcecontrol=deny \
edecca
+-msg timestamp=on
edecca
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
edecca
index e6c0120670..02bb9889ee 100644
edecca
--- a/tests/qemuxml2argvtest.c
edecca
+++ b/tests/qemuxml2argvtest.c
edecca
@@ -2950,9 +2950,7 @@ mymain(void)
edecca
     DO_TEST_CAPS_LATEST("vhost-vsock");
edecca
     DO_TEST_CAPS_LATEST("vhost-vsock-auto");
edecca
 
edecca
-    DO_TEST("launch-security-sev",
edecca
-            QEMU_CAPS_KVM,
edecca
-            QEMU_CAPS_SEV_GUEST);
edecca
+    DO_TEST_CAPS_VER("launch-security-sev", "2.12.0");
edecca
 
edecca
     if (getenv("LIBVIRT_SKIP_CLEANUP") == NULL)
edecca
         virFileDeleteTree(fakerootdir);
edecca
-- 
edecca
2.18.0
edecca