From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
by lore.proxmox.com (Postfix) with ESMTPS id C2D391FF16E
for <inbox@lore.proxmox.com>; Mon, 31 Mar 2025 16:00:26 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id AE04C78F6;
Mon, 31 Mar 2025 16:00:06 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1743429604;
x=1744034404; d=canarybit.eu; s=rsa2;
h=content-transfer-encoding:mime-version:references:in-reply-to:message-id:date:
subject:cc:to:from:from;
bh=4h8dcCNF0HUtoTPJAv+P4yPJhmAAD4TxKNTKYtAgz18=;
b=T7hXhPRgG3IFADWvozaJU+MscadmZJqLDzSmUX5iUc18RyhCQvEepUfRJ4iz5g43VtFs4spXZnAhh
nHKj4nkECvdx4oZJk6iRIMu48nVpUK/oIzM44niWXPDYPJsdQkP+cTkBUTOHo5Bl6zhHoH8GvTYMyR
A0QhLuAA7I5Y6QFd/DWeyfT9ZATclcMTLqDanc+uqZiSIeXgwbwxcQRELZ4DFh57w8sYssGjWNG/LG
aIHnvosvRmISS7ZZxpBD1H8d3sIfKE3cOouMEliSypsPfGWZUKxjcy6QDtw/S6ukVTypqEHAil15Zc
r1DiCj5sx2pzc0DOb8tG/TDHgX3pn5Q==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; t=1743429604;
x=1744034404; d=canarybit.eu; s=ed2;
h=content-transfer-encoding:mime-version:references:in-reply-to:message-id:date:
subject:cc:to:from:from;
bh=4h8dcCNF0HUtoTPJAv+P4yPJhmAAD4TxKNTKYtAgz18=;
b=gT/oIEGSvQ+gI2nO94HINY9B8iCnt60OQWeqrUxQlm4FYArcffQivnLrHGiHSSGhzO+0/b7x9eMeR
O6FKDsUAg==
X-HalOne-ID: 70bd3ca4-0e38-11f0-bd4f-2b8368a4d5c5
From: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
To: pve-devel@lists.proxmox.com
Date: Mon, 31 Mar 2025 15:59:31 +0200
Message-Id: <20250331135931.50568-5-philipp.giersfeld@canarybit.eu>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20250331135931.50568-1-philipp.giersfeld@canarybit.eu>
References: <20250331135931.50568-1-philipp.giersfeld@canarybit.eu>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results: 0
AWL 0.119 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DKIM_SIGNED 0.1 Message has a DKIM or DK signature,
not necessarily valid
DKIM_VALID -0.1 Message has at least one valid DKIM or DK signature
DKIM_VALID_AU -0.1 Message has a valid DKIM or DK signature from author's
domain
DKIM_VALID_EF -0.1 Message has a valid DKIM or DK signature from envelope-from
domain DMARC_MISSING 0.1 Missing DMARC policy
RCVD_IN_DNSWL_NONE -0.0001 Sender listed at https://www.dnswl.org/,
no trust
SPF_HELO_PASS -0.001 SPF: HELO matches SPF record
SPF_NONE 0.001 SPF: sender does not publish an SPF Record
Subject: [pve-devel] [PATCH pve-manager v5 4/4] Add configuration options
for AMD SEV-SNP
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>,
<mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>,
<mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>
Expand input panel with AMD SEV-SNP selection, and relevant optional
parameters similar to existing options for AMD SEV(-ES).
Further, upon selecting AMD SEV-SNP, issue a warning that EFI disks are
not included when using SEV-SNP.
Signed-off-by: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
---
changes since v4: https://lists.proxmox.com/pipermail/pve-devel/2025-March/069033.html
* fix bugs related to SMT option
www/manager6/qemu/Options.js | 1 +
www/manager6/qemu/SevEdit.js | 44 ++++++++++++++++++++++++++++++++----
2 files changed, 40 insertions(+), 5 deletions(-)
diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js
index cbe9e52b..49a921cd 100644
--- a/www/manager6/qemu/Options.js
+++ b/www/manager6/qemu/Options.js
@@ -346,6 +346,7 @@ Ext.define('PVE.qemu.Options', {
let amd_sev = PVE.Parser.parsePropertyString(value, "type");
if (amd_sev.type === 'std') return 'AMD SEV (' + value + ')';
if (amd_sev.type === 'es') return 'AMD SEV-ES (' + value + ')';
+ if (amd_sev.type === 'snp') return 'AMD SEV-SNP (' + value + ')';
return value;
},
},
diff --git a/www/manager6/qemu/SevEdit.js b/www/manager6/qemu/SevEdit.js
index a2080f2d..891581a0 100644
--- a/www/manager6/qemu/SevEdit.js
+++ b/www/manager6/qemu/SevEdit.js
@@ -9,7 +9,8 @@ Ext.define('PVE.qemu.SevInputPanel', {
type: '__default__',
},
formulas: {
- sevEnabled: get => get('type') !== '__default__',
+ sevEnabled: get => get('type') === 'std' || get('type') === 'es' || get('type') === 'snp',
+ snpEnabled: get => get('type') === 'snp',
},
},
@@ -21,10 +22,14 @@ Ext.define('PVE.qemu.SevInputPanel', {
if (!values.debug) {
values["no-debug"] = 1;
}
- if (!values["key-sharing"]) {
+ if (!values.smt && values.type === 'snp') {
+ values["allow-smt"] = 0;
+ }
+ if (!values["key-sharing"] && values.type !== 'snp') {
values["no-key-sharing"] = 1;
}
delete values.debug;
+ delete values.smt;
delete values["key-sharing"];
let ret = {};
ret['amd-sev'] = PVE.Parser.printPropertyString(values, 'type');
@@ -36,13 +41,14 @@ Ext.define('PVE.qemu.SevInputPanel', {
if (PVE.Parser.parseBoolean(values["no-debug"])) {
values.debug = 0;
}
+ values.smt = PVE.Parser.parseBoolean(values["allow-smt"], 1);
if (PVE.Parser.parseBoolean(values["no-key-sharing"])) {
values["key-sharing"] = 0;
}
this.callParent(arguments);
},
- items: {
+ items: [{
xtype: 'proxmoxKVComboBox',
fieldLabel: gettext('AMD SEV Type'),
labelWidth: 150,
@@ -52,11 +58,28 @@ Ext.define('PVE.qemu.SevInputPanel', {
['__default__', Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')'],
['std', 'AMD SEV'],
['es', 'AMD SEV-ES (highly experimental)'],
+ ['snp', 'AMD SEV-SNP (highly experimental)'],
],
bind: {
value: '{type}',
},
},
+ {
+ xtype: 'displayfield',
+ userCls: 'pmx-hint',
+ value: gettext('WARNING: When using SEV-SNP no EFI disk is loaded as pflash.'),
+ bind: {
+ hidden: '{!snpEnabled}',
+ },
+ },
+ {
+ xtype: 'displayfield',
+ userCls: 'pmx-hint',
+ value: gettext('Note: SEV-SNP requires host kernel version 6.11 or higher.'),
+ bind: {
+ hidden: '{!snpEnabled}',
+ },
+ }],
advancedItems: [
{
@@ -77,8 +100,19 @@ Ext.define('PVE.qemu.SevInputPanel', {
name: 'key-sharing',
value: 1,
bind: {
- hidden: '{!sevEnabled}',
- disabled: '{!sevEnabled}',
+ hidden: '{!sevEnabled || snpEnabled}',
+ disabled: '{!sevEnabled || snpEnabled}',
+ },
+ },
+ {
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('Allow SMT'),
+ labelWidth: 150,
+ name: 'smt',
+ value: 1,
+ bind: {
+ hidden: '{!snpEnabled}',
+ disabled: '{!snpEnabled}',
},
},
{
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel