From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 193C31FF2F6 for ; Wed, 29 May 2024 14:23:45 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0B7AE5B39; Wed, 29 May 2024 14:24:00 +0200 (CEST) From: Markus Frank To: pve-devel@lists.proxmox.com Date: Wed, 29 May 2024 14:23:48 +0200 Message-Id: <20240529122348.1267369-6-m.frank@proxmox.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240529122348.1267369-1-m.frank@proxmox.com> References: <20240529122348.1267369-1-m.frank@proxmox.com> MIME-Version: 1.0 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.021 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pve-devel] [PATCH manager v11 5/5] ui: add AMD SEV configuration to Options X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" By adding a new input panel with an AMD SEV technology selection combo box and checkboxes for the optional parameters in an advanced section, the user can configure the amd_sev option via the WebUI's Options tab. Signed-off-by: Markus Frank --- changes v11: * instead of the no-debug and no-key-sharing checkboxes there are now "allow debug/key-sharing" checkboxes with true beeing the default. www/manager6/Makefile | 1 + www/manager6/qemu/Options.js | 11 ++++ www/manager6/qemu/SevEdit.js | 121 +++++++++++++++++++++++++++++++++++ 3 files changed, 133 insertions(+) create mode 100644 www/manager6/qemu/SevEdit.js diff --git a/www/manager6/Makefile b/www/manager6/Makefile index 2c3a822b..801683a3 100644 --- a/www/manager6/Makefile +++ b/www/manager6/Makefile @@ -264,6 +264,7 @@ JSSRC= \ qemu/SSHKey.js \ qemu/ScsiHwEdit.js \ qemu/SerialEdit.js \ + qemu/SevEdit.js \ qemu/Smbios1Edit.js \ qemu/SystemEdit.js \ qemu/USBEdit.js \ diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js index 7b112400..6907699c 100644 --- a/www/manager6/qemu/Options.js +++ b/www/manager6/qemu/Options.js @@ -338,6 +338,17 @@ Ext.define('PVE.qemu.Options', { }, } : undefined, }, + amd_sev: { + header: gettext('AMD SEV'), + editor: caps.vms['VM.Config.HWType'] ? 'PVE.qemu.SevEdit' : undefined, + defaultValue: Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')', + renderer: function(value, metaData, record, ri, ci, store, pending) { + let amd_sev = PVE.Parser.parsePropertyString(value, "type"); + if (amd_sev.type === 'std') return 'AMD SEV (' + value + ')'; + if (amd_sev.type === 'es') return 'AMD SEV-ES (' + value + ')'; + return value; + }, + }, hookscript: { header: gettext('Hookscript'), }, diff --git a/www/manager6/qemu/SevEdit.js b/www/manager6/qemu/SevEdit.js new file mode 100644 index 00000000..db7ff3a8 --- /dev/null +++ b/www/manager6/qemu/SevEdit.js @@ -0,0 +1,121 @@ +Ext.define('PVE.qemu.SevInputPanel', { + extend: 'Proxmox.panel.InputPanel', + xtype: 'pveSevInputPanel', + onlineHelp: 'qm_memory_encryption', + + viewModel: { + data: { + type: '__default__', + }, + formulas: { + sevEnabled: get => get('type') !== '__default__', + }, + }, + + onGetValues: function(values) { + if (values.delete === 'type') { + values.delete = 'amd_sev'; + return values; + } + if (!values.debug) { + values["no-debug"] = 1; + } + if (!values["key-sharing"]) { + values["no-key-sharing"] = 1; + } + delete values.debug; + delete values["key-sharing"]; + let ret = {}; + ret.amd_sev = PVE.Parser.printPropertyString(values, 'type'); + return ret; + }, + + + setValues: function(values) { + if (PVE.Parser.parseBoolean(values["no-debug"])) { + values.debug = 0; + } + if (PVE.Parser.parseBoolean(values["no-key-sharing"])) { + values["key-sharing"] = 0; + } + this.callParent(arguments); + }, + + items: { + xtype: 'proxmoxKVComboBox', + fieldLabel: gettext('AMD Secure Encrypted Virtualization (SEV)'), + labelWidth: 150, + name: 'type', + value: '__default__', + comboItems: [ + ['__default__', Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')'], + ['std', 'AMD SEV'], + ['es', 'AMD SEV-ES (highly experimental)'], + ], + bind: { + value: '{type}', + }, + }, + + advancedItems: [ + { + xtype: 'proxmoxcheckbox', + fieldLabel: gettext('Allow Debugging'), + labelWidth: 150, + name: 'debug', + value: 1, + bind: { + hidden: '{!sevEnabled}', + disabled: '{!sevEnabled}', + }, + }, + { + xtype: 'proxmoxcheckbox', + fieldLabel: gettext('Allow Key-Sharing'), + labelWidth: 150, + name: 'key-sharing', + value: 1, + bind: { + hidden: '{!sevEnabled}', + disabled: '{!sevEnabled}', + }, + }, + { + xtype: 'proxmoxcheckbox', + fieldLabel: gettext('Enable Kernel Hashes'), + labelWidth: 150, + name: 'kernel-hashes', + deleteDefaultValue: false, + bind: { + hidden: '{!sevEnabled}', + disabled: '{!sevEnabled}', + }, + }, + ], +}); + +Ext.define('PVE.qemu.SevEdit', { + extend: 'Proxmox.window.Edit', + + subject: gettext('SEV'), + + items: { + xtype: 'pveSevInputPanel', + }, + + width: 400, + + initComponent: function() { + let me = this; + + me.callParent(); + + me.load({ + success: function(response) { + let conf = response.result.data; + let amd_sev = conf.amd_sev || '__default__'; + me.setValues(PVE.Parser.parsePropertyString(amd_sev, 'type')); + }, + }); + }, +}); -- 2.39.2 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel