From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id 6B06C1FF15F
	for <inbox@lore.proxmox.com>; Mon, 18 Nov 2024 15:38:11 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 48EE2125B0;
	Mon, 18 Nov 2024 15:38:15 +0100 (CET)
Mime-Version: 1.0
Date: Mon, 18 Nov 2024 15:38:12 +0100
Message-Id: <D5PDQI09Q0AZ.2VHO1JFL6DKNK@proxmox.com>
From: "Shannon Sterz" <s.sterz@proxmox.com>
To: "Proxmox VE development discussion" <pve-devel@lists.proxmox.com>
X-Mailer: aerc 0.17.0-69-g65571b67d7d3-dirty
References: <20241118111700.110077-1-m.frank@proxmox.com>
 <20241118111700.110077-6-m.frank@proxmox.com>
In-Reply-To: <20241118111700.110077-6-m.frank@proxmox.com>
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.043 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: Re: [pve-devel] [PATCH manager v13 5/5] ui: add AMD SEV
 configuration to Options
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

On Mon Nov 18, 2024 at 12:17 PM CET, Markus Frank wrote:
> By adding a new input panel with an AMD SEV technology selection combo
> box and checkboxes for the optional parameters in an advanced section,
> the user can configure the amd_sev option via the WebUI's Options tab.
>
> Signed-off-by: Markus Frank <m.frank@proxmox.com>
> ---
>  www/manager6/Makefile        |   1 +
>  www/manager6/qemu/Options.js |  11 ++++
>  www/manager6/qemu/SevEdit.js | 121 +++++++++++++++++++++++++++++++++++
>  3 files changed, 133 insertions(+)
>  create mode 100644 www/manager6/qemu/SevEdit.js
>
> diff --git a/www/manager6/Makefile b/www/manager6/Makefile
> index d623dfb9..cb6ee47f 100644
> --- a/www/manager6/Makefile
> +++ b/www/manager6/Makefile
> @@ -264,6 +264,7 @@ JSSRC= 							\
>  	qemu/SSHKey.js					\
>  	qemu/ScsiHwEdit.js				\
>  	qemu/SerialEdit.js				\
> +	qemu/SevEdit.js					\
>  	qemu/Smbios1Edit.js				\
>  	qemu/SystemEdit.js				\
>  	qemu/USBEdit.js					\
> diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js
> index 7b112400..cbe9e52b 100644
> --- a/www/manager6/qemu/Options.js
> +++ b/www/manager6/qemu/Options.js
> @@ -338,6 +338,17 @@ Ext.define('PVE.qemu.Options', {
>  		    },
>  		} : undefined,
>  	    },
> +	    'amd-sev': {
> +		header: gettext('AMD SEV'),
> +		editor: caps.vms['VM.Config.HWType'] ? 'PVE.qemu.SevEdit' : undefined,
> +		defaultValue: Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')',
> +		renderer: function(value, metaData, record, ri, ci, store, pending) {
> +		    let amd_sev = PVE.Parser.parsePropertyString(value, "type");
> +		    if (amd_sev.type === 'std') return 'AMD SEV (' + value + ')';
> +		    if (amd_sev.type === 'es') return 'AMD SEV-ES (' + value + ')';
> +		    return value;
> +		},
> +	    },
>  	    hookscript: {
>  		header: gettext('Hookscript'),
>  	    },
> diff --git a/www/manager6/qemu/SevEdit.js b/www/manager6/qemu/SevEdit.js
> new file mode 100644
> index 00000000..a3c2cdac
> --- /dev/null
> +++ b/www/manager6/qemu/SevEdit.js
> @@ -0,0 +1,121 @@
> +Ext.define('PVE.qemu.SevInputPanel', {
> +    extend: 'Proxmox.panel.InputPanel',
> +    xtype: 'pveSevInputPanel',
> +    onlineHelp: 'qm_memory_encryption',
> +
> +    viewModel: {
> +	data: {
> +	    type: '__default__',
> +	},
> +	formulas: {
> +	    sevEnabled: get => get('type') !== '__default__',
> +	},
> +    },
> +
> +    onGetValues: function(values) {
> +	if (values.delete === 'type') {
> +	    values.delete = 'amd-sev';
> +	    return values;
> +	}
> +	if (!values.debug) {
> +	    values["no-debug"] = 1;
> +	}
> +	if (!values["key-sharing"]) {
> +	    values["no-key-sharing"] = 1;
> +	}
> +	delete values.debug;
> +	delete values["key-sharing"];
> +	let ret = {};
> +	ret['amd-sev'] = PVE.Parser.printPropertyString(values, 'type');
> +	return ret;
> +    },
> +
> +
> +    setValues: function(values) {
> +	if (PVE.Parser.parseBoolean(values["no-debug"])) {
> +	    values.debug = 0;
> +	}
> +	if (PVE.Parser.parseBoolean(values["no-key-sharing"])) {
> +	    values["key-sharing"] = 0;
> +	}
> +	this.callParent(arguments);
> +    },
> +
> +    items: {
> +	xtype: 'proxmoxKVComboBox',
> +	fieldLabel: gettext('AMD Secure Encrypted Virtualization (SEV)'),
> +	labelWidth: 150,
> +	name: 'type',
> +	value: '__default__',
> +	comboItems: [
> +	    ['__default__', Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')'],
> +	    ['std', 'AMD SEV'],
> +	    ['es', 'AMD SEV-ES (highly experimental)'],
> +	],
> +	bind: {
> +	    value: '{type}',
> +	},
> +    },
> +
> +    advancedItems: [
> +	{
> +	    xtype: 'proxmoxcheckbox',
> +	    fieldLabel: gettext('Allow Debugging'),
> +	    labelWidth: 150,
> +	    name: 'debug',
> +	    value: 1,
> +	    bind: {
> +		hidden: '{!sevEnabled}',
> +		disabled: '{!sevEnabled}',
> +	    },
> +	},
> +	{
> +	    xtype: 'proxmoxcheckbox',
> +	    fieldLabel: gettext('Allow Key-Sharing'),
> +	    labelWidth: 150,
> +	    name: 'key-sharing',
> +	    value: 1,
> +	    bind: {
> +		hidden: '{!sevEnabled}',
> +		disabled: '{!sevEnabled}',
> +	    },
> +	},
> +	{
> +	    xtype: 'proxmoxcheckbox',
> +	    fieldLabel: gettext('Enable Kernel Hashes'),
> +	    labelWidth: 150,
> +	    name: 'kernel-hashes',
> +	    deleteDefaultValue: false,
> +	    bind: {
> +		hidden: '{!sevEnabled}',
> +		disabled: '{!sevEnabled}',
> +	    },
> +	},
> +    ],
> +});
> +
> +Ext.define('PVE.qemu.SevEdit', {
> +    extend: 'Proxmox.window.Edit',
> +
> +    subject: gettext('SEV'),

tiny nit: i think this falls into the same category as TFA and if we
don't translate that, we probably shouldn't translate SEV here either. i
also couldn't find any translations of this term on the internet, but
that's probably due to this feature being much more niche than TFA

> +
> +    items: {
> +	xtype: 'pveSevInputPanel',
> +    },
> +
> +    width: 400,
> +
> +    initComponent: function() {
> +	let me = this;
> +
> +	me.callParent();
> +
> +	me.load({
> +	    success: function(response) {
> +		let conf = response.result.data;
> +		let amd_sev = conf['amd-sev'] || '__default__';
> +		me.setValues(PVE.Parser.parsePropertyString(amd_sev, 'type'));
> +	    },
> +	});
> +    },
> +});

With the two tiny nits, consider this:

Reviewed-by: Shannon Sterz <s.sterz@proxmox.com>



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel