File e56ff8bc-prefer-camelCase-launchSecurity.patch of Package libvirt.22293
commit e56ff8bc72be884213c27036d0623fab6a7b28ec
Author: Ján Tomko <jtomko@redhat.com>
Date: Tue Jun 12 13:50:25 2018 +0200
conf: prefer camelCase for launchSecurity
Adjust the documentation, parser and tests to change:
launch-security -> launchSecurity
reduced-phys-bits -> reducedPhysBits
dh-cert -> dhCert
Also fix the headline in formatdomain.html to be more generic,
and some leftover closing elements in the documentation.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Tested-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Index: libvirt-4.0.0/docs/formatdomain.html.in
===================================================================
--- libvirt-4.0.0.orig/docs/formatdomain.html.in
+++ libvirt-4.0.0/docs/formatdomain.html.in
@@ -8092,12 +8092,12 @@ qemu-kvm -net nic,model=? /dev/null
<p>Note: DEA/TDEA is synonymous with DES/TDES.</p>
- <h3><a id="sev">Secure Encrypted Virtualization (SEV)</a></h3>
+ <h3><a id="sev">Launch Security</a></h3>
<p>
- The contents of the <code><launch-security type='sev'></code> element
+ The contents of the <code><launchSecurity type='sev'></code> element
is used to provide the guest owners input used for creating an encrypted
- VM using the AMD SEV feature.
+ VM using the AMD SEV feature (Secure Encrypted Virtualization).
SEV is an extension to the AMD-V architecture which supports running
encrypted virtual machine (VMs) under the control of KVM. Encrypted
@@ -8114,13 +8114,13 @@ qemu-kvm -net nic,model=? /dev/null
<pre>
<domain>
...
- <launch-security type='sev'>
+ <launchSecurity type='sev'>
<policy> 0x0001 </policy>
<cbitpos> 47 </cbitpos>
- <reduced-phys-bits> 1 </reduced-phys-bits>
+ <reducedPhysBits> 1 </reducedPhysBits>
+ <dhCert> RBBBSDDD=FDDCCCDDDG </dhCert>
<session> AAACCCDD=FFFCCCDSDS </session>
- <dh-cert> RBBBSDDD=FDDCCCDDDG </dh>
- </sev>
+ </launchSecurity>
...
</domain>
</pre>
@@ -8132,8 +8132,8 @@ qemu-kvm -net nic,model=? /dev/null
hypervisor dependent and can be obtained through the <code>sev</code> element
from the domain capabilities.
</dd>
- <dt><code>reduced-phys-bits</code></dt>
- <dd>The required <code>reduced-phys-bits</code> element provides the physical
+ <dt><code>reducedPhysBits</code></dt>
+ <dd>The required <code>reducedPhysBits</code> element provides the physical
address bit reducation. Similar to <code>cbitpos</code> the value of <code>
reduced-phys-bit</code> is hypervisor dependent and can be obtained
through the <code>sev</code> element from the domain capabilities.
@@ -8192,8 +8192,8 @@ qemu-kvm -net nic,model=? /dev/null
</table>
</dd>
- <dt><code>dh-cert</code></dt>
- <dd>The optional <code>dh-cert</code> element provides the guest owners
+ <dt><code>dhCert</code></dt>
+ <dd>The optional <code>dhCert</code> element provides the guest owners
base64 encoded Diffie-Hellman (DH) key. The key is used to negotiate a
master secret key between the SEV firmware and guest owner. This master
secret key is then used to establish a trusted channel between SEV
Index: libvirt-4.0.0/docs/schemas/domaincommon.rng
===================================================================
--- libvirt-4.0.0.orig/docs/schemas/domaincommon.rng
+++ libvirt-4.0.0/docs/schemas/domaincommon.rng
@@ -78,7 +78,7 @@
<ref name='keywrap'/>
</optional>
<optional>
- <ref name='launch-security'/>
+ <ref name='launchSecurity'/>
</optional>
</interleave>
</element>
@@ -439,8 +439,8 @@
</element>
</define>
- <define name="launch-security">
- <element name="launch-security">
+ <define name="launchSecurity">
+ <element name="launchSecurity">
<attribute name="type">
<value>sev</value>
</attribute>
@@ -448,7 +448,7 @@
<element name="cbitpos">
<data type='unsignedInt'/>
</element>
- <element name="reduced-phys-bits">
+ <element name="reducedPhysBits">
<data type='unsignedInt'/>
</element>
<element name="policy">
@@ -460,7 +460,7 @@
</element>
</optional>
<optional>
- <element name="dh-cert">
+ <element name="dhCert">
<data type="string"/>
</element>
</optional>
Index: libvirt-4.0.0/src/conf/domain_conf.c
===================================================================
--- libvirt-4.0.0.orig/src/conf/domain_conf.c
+++ libvirt-4.0.0/src/conf/domain_conf.c
@@ -15445,7 +15445,7 @@ virDomainSEVDefParseXML(xmlNodePtr sevNo
if (!(type = virXMLPropString(sevNode, "type"))) {
virReportError(VIR_ERR_XML_ERROR, "%s",
- _("missing launch-security type"));
+ _("missing launch security type"));
goto error;
}
@@ -15457,33 +15457,33 @@ virDomainSEVDefParseXML(xmlNodePtr sevNo
case VIR_DOMAIN_LAUNCH_SECURITY_LAST:
default:
virReportError(VIR_ERR_XML_ERROR,
- _("unsupported launch-security type '%s'"),
+ _("unsupported launch security type '%s'"),
type);
goto error;
}
if (virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
- _("failed to get launch-security cbitpos"));
+ _("failed to get launch security cbitpos"));
goto error;
}
- if (virXPathUInt("string(./reduced-phys-bits)", ctxt,
+ if (virXPathUInt("string(./reducedPhysBits)", ctxt,
&def->reduced_phys_bits) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
- _("failed to get launch-security reduced-phys-bits"));
+ _("failed to get launch security reduced-phys-bits"));
goto error;
}
if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
- _("failed to get launch-security policy"));
+ _("failed to get launch security policy"));
goto error;
}
def->policy = policy;
- if ((tmp = virXPathString("string(./dh-cert)", ctxt))) {
+ if ((tmp = virXPathString("string(./dhCert)", ctxt))) {
if (VIR_STRDUP(def->dh_cert, tmp) < 0)
goto error;
@@ -19982,7 +19982,7 @@ virDomainDefParseXML(xmlDocPtr xml,
VIR_FREE(nodes);
/* Check for SEV feature */
- if ((node = virXPathNode("./launch-security", ctxt)) != NULL) {
+ if ((node = virXPathNode("./launchSecurity", ctxt)) != NULL) {
def->sev = virDomainSEVDefParseXML(node, ctxt);
if (!def->sev)
goto error;
@@ -25836,22 +25836,22 @@ virDomainSEVDefFormat(virBufferPtr buf,
if (!sev)
return;
- virBufferAsprintf(buf, "<launch-security type='%s'>\n",
+ virBufferAsprintf(buf, "<launchSecurity type='%s'>\n",
virDomainLaunchSecurityTypeToString(sev->sectype));
virBufferAdjustIndent(buf, 2);
virBufferAsprintf(buf, "<cbitpos>%d</cbitpos>\n", sev->cbitpos);
- virBufferAsprintf(buf, "<reduced-phys-bits>%d</reduced-phys-bits>\n",
+ virBufferAsprintf(buf, "<reducedPhysBits>%d</reducedPhysBits>\n",
sev->reduced_phys_bits);
virBufferAsprintf(buf, "<policy>0x%04x</policy>\n", sev->policy);
if (sev->dh_cert)
- virBufferEscapeString(buf, "<dh-cert>%s</dh-cert>\n", sev->dh_cert);
+ virBufferEscapeString(buf, "<dhCert>%s</dhCert>\n", sev->dh_cert);
if (sev->session)
virBufferEscapeString(buf, "<session>%s</session>\n", sev->session);
virBufferAdjustIndent(buf, -2);
- virBufferAddLit(buf, "</launch-security>\n");
+ virBufferAddLit(buf, "</launchSecurity>\n");
}
Index: libvirt-4.0.0/tests/genericxml2xmlindata/launch-security-sev.xml
===================================================================
--- libvirt-4.0.0.orig/tests/genericxml2xmlindata/launch-security-sev.xml
+++ libvirt-4.0.0/tests/genericxml2xmlindata/launch-security-sev.xml
@@ -14,11 +14,11 @@
<on_crash>destroy</on_crash>
<devices>
</devices>
- <launch-security type='sev'>
+ <launchSecurity type='sev'>
<cbitpos>47</cbitpos>
- <reduced-phys-bits>1</reduced-phys-bits>
+ <reducedPhysBits>1</reducedPhysBits>
<policy>0x0001</policy>
- <dh-cert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dh-cert>
+ <dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
<session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
- </launch-security>
+ </launchSecurity>
</domain>
Index: libvirt-4.0.0/tests/qemuxml2argvdata/launch-security-sev.xml
===================================================================
--- libvirt-4.0.0.orig/tests/qemuxml2argvdata/launch-security-sev.xml
+++ libvirt-4.0.0/tests/qemuxml2argvdata/launch-security-sev.xml
@@ -27,11 +27,11 @@
<input type='keyboard' bus='ps2'/>
<memballoon model='none'/>
</devices>
- <launch-security type='sev'>
+ <launchSecurity type='sev'>
<cbitpos>47</cbitpos>
- <reduced-phys-bits>1</reduced-phys-bits>
+ <reducedPhysBits>1</reducedPhysBits>
<policy>0x0001</policy>
- <dh-cert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dh-cert>
+ <dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
<session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
- </launch-security>
+ </launchSecurity>
</domain>
