public inbox for pve-devel@lists.proxmox.com
 help / color / mirror / Atom feed
From: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH pve-manager 4/4] Add configuration options for AMD SEV-SNP
Date: Fri,  7 Feb 2025 09:51:20 +0100	[thread overview]
Message-ID: <20250207085120.959234-5-philipp.giersfeld@canarybit.eu> (raw)
In-Reply-To: <20250207085120.959234-1-philipp.giersfeld@canarybit.eu>

Expand input panel with AMD SEV-SNP selection, and relevant optional
parameters similar to existing options for AMD SEV(-ES).

Further, upon selecting AMD SEV-SNP, issue a warning that EFI disks are
not included when using SEV-SNP.

Signed-off-by: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
---
 www/manager6/qemu/Options.js |  1 +
 www/manager6/qemu/SevEdit.js | 40 ++++++++++++++++++++++++++++++------
 2 files changed, 35 insertions(+), 6 deletions(-)

diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js
index cbe9e52b..49a921cd 100644
--- a/www/manager6/qemu/Options.js
+++ b/www/manager6/qemu/Options.js
@@ -346,6 +346,7 @@ Ext.define('PVE.qemu.Options', {
 		    let amd_sev = PVE.Parser.parsePropertyString(value, "type");
 		    if (amd_sev.type === 'std') return 'AMD SEV (' + value + ')';
 		    if (amd_sev.type === 'es') return 'AMD SEV-ES (' + value + ')';
+		    if (amd_sev.type === 'snp') return 'AMD SEV-SNP (' + value + ')';
 		    return value;
 		},
 	    },
diff --git a/www/manager6/qemu/SevEdit.js b/www/manager6/qemu/SevEdit.js
index a2080f2d..9605cf59 100644
--- a/www/manager6/qemu/SevEdit.js
+++ b/www/manager6/qemu/SevEdit.js
@@ -9,7 +9,8 @@ Ext.define('PVE.qemu.SevInputPanel', {
 	    type: '__default__',
 	},
 	formulas: {
-	    sevEnabled: get => get('type') !== '__default__',
+			sevEnabled: get => get('type') === 'std' || get('type') === 'es',
+			snpEnabled: get => get('type') === 'snp',
 	},
     },
 
@@ -21,10 +22,14 @@ Ext.define('PVE.qemu.SevInputPanel', {
 	if (!values.debug) {
 	    values["no-debug"] = 1;
 	}
+	if (values.smt) {
+		values["allow-smt"] = 1;
+	}
 	if (!values["key-sharing"]) {
 	    values["no-key-sharing"] = 1;
 	}
 	delete values.debug;
+	delete values.smt;
 	delete values["key-sharing"];
 	let ret = {};
 	ret['amd-sev'] = PVE.Parser.printPropertyString(values, 'type');
@@ -36,13 +41,16 @@ Ext.define('PVE.qemu.SevInputPanel', {
 	if (PVE.Parser.parseBoolean(values["no-debug"])) {
 	    values.debug = 0;
 	}
+	if (PVE.Parser.parseBoolean(values["allow-smt"])) {
+		values.smt = 1;
+	}
 	if (PVE.Parser.parseBoolean(values["no-key-sharing"])) {
 	    values["key-sharing"] = 0;
 	}
 	this.callParent(arguments);
     },
 
-    items: {
+	items: [{
 	xtype: 'proxmoxKVComboBox',
 	fieldLabel: gettext('AMD SEV Type'),
 	labelWidth: 150,
@@ -52,11 +60,20 @@ Ext.define('PVE.qemu.SevInputPanel', {
 	    ['__default__', Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')'],
 	    ['std', 'AMD SEV'],
 	    ['es', 'AMD SEV-ES (highly experimental)'],
+	    ['snp', 'AMD SEV-SNP (highly experimental)'],
 	],
 	bind: {
 	    value: '{type}',
 	},
     },
+    {
+	xtype: 'displayfield',
+	userCls: 'pmx-hint',
+	value: gettext('WARNING: When using SEV-SNP no variable store is loaded as pflash.'),
+	bind: {
+	    hidden: '{!snpEnabled}',
+	},
+    }],
 
     advancedItems: [
 	{
@@ -66,8 +83,8 @@ Ext.define('PVE.qemu.SevInputPanel', {
 	    name: 'debug',
 	    value: 1,
 	    bind: {
-		hidden: '{!sevEnabled}',
-		disabled: '{!sevEnabled}',
+		hidden: '{!sevEnabled && !snpEnabled}',
+		disabled: '{!sevEnabled && !snpEnabled}',
 	    },
 	},
 	{
@@ -81,6 +98,17 @@ Ext.define('PVE.qemu.SevInputPanel', {
 		disabled: '{!sevEnabled}',
 	    },
 	},
+	{
+	    xtype: 'proxmoxcheckbox',
+	    fieldLabel: gettext('Allow SMT'),
+	    labelWidth: 150,
+	    name: 'smt',
+	    value: 1,
+	    bind: {
+		hidden: '{!snpEnabled}',
+		disabled: '{!snpEnabled}',
+	    },
+	},
 	{
 	    xtype: 'proxmoxcheckbox',
 	    fieldLabel: gettext('Enable Kernel Hashes'),
@@ -88,8 +116,8 @@ Ext.define('PVE.qemu.SevInputPanel', {
 	    name: 'kernel-hashes',
 	    deleteDefaultValue: false,
 	    bind: {
-		hidden: '{!sevEnabled}',
-		disabled: '{!sevEnabled}',
+		hidden: '{!sevEnabled && !snpEnabled}',
+		disabled: '{!sevEnabled && !snpEnabled}',
 	    },
 	},
     ],
-- 
2.39.5


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel


  parent reply	other threads:[~2025-02-07  8:52 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-02-07  8:51 [pve-devel] [PATCH edk2-firmware/qemu-server/manager 0/4] " Philipp Giersfeld
2025-02-07  8:51 ` [pve-devel] [PATCH pve-edk2-firmware 1/4] Update edk2 to edkstable202411 Philipp Giersfeld
2025-02-07  8:51 ` [pve-devel] [PATCH pve-edk2-firmware 2/4] Add OVMF targets for AMD SEV-ES and SEV-SNP Philipp Giersfeld
2025-02-07  8:51 ` [pve-devel] [PATCH qemu-server 3/4] config: add AMD SEV-SNP support Philipp Giersfeld
2025-02-07 10:55   ` Daniel Kral
2025-02-07  8:51 ` Philipp Giersfeld [this message]
2025-02-07 10:56   ` [pve-devel] [PATCH pve-manager 4/4] Add configuration options for AMD SEV-SNP Daniel Kral
2025-02-13 15:08 ` [pve-devel] [PATCH edk2-firmware/qemu-server/manager 0/4] " Markus Frank

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250207085120.959234-5-philipp.giersfeld@canarybit.eu \
    --to=philipp.giersfeld@canarybit.eu \
    --cc=pve-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal