From: Fiona Ebner <f.ebner@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>,
Anton Iacobaeus <anton.iacobaeus@canarybit.eu>
Cc: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
Subject: Re: [pve-devel] [PATCH qemu-server v2 1/3] Adapt AMD SEV code for compatibility with other platforms
Date: Tue, 7 Oct 2025 17:24:54 +0200 [thread overview]
Message-ID: <f77dd43e-3256-4253-ba13-37b869c6213c@proxmox.com> (raw)
In-Reply-To: <20251001151237.50385-6-anton.iacobaeus@canarybit.eu>
I plan to continue with the review tomorrow, looking good so far :)!
Am 04.10.25 um 3:24 PM schrieb Anton Iacobaeus:
> From: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
>
> Change variable and function names that are specific to AMD SEV to
> reflect this. Also, change name of general CC functions and variable
> names to be used in conjunction with other platforms.
>
> Signed-off-by: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
> Signed-off-by: Anton Iacobaeus <anton.iacobaeus@canarybit.eu>
Reviewed-by: Fiona Ebner <f.ebner@proxmox.com>
> ---
Note for applying: needs a depends and build-depends on new
pve-edk2-firmware-ovmf
> @@ -49,19 +49,19 @@ my $OVMF = {
> };
>
> my sub get_ovmf_files($$$$) {
> - my ($arch, $efidisk, $smm, $amd_sev_type) = @_;
> + my ($arch, $efidisk, $smm, $cvm_type) = @_;
>
> my $types = $OVMF->{$arch}
> or die "no OVMF images known for architecture '$arch'\n";
>
> my $type = 'default';
> if ($arch eq 'x86_64') {
> - if ($amd_sev_type && $amd_sev_type eq 'snp') {
> + if ($cvm_type && $cvm_type eq 'snp') {
> $type = "4m-snp";
> my ($ovmf) = $types->{$type}->@*;
> die "EFI base image '$ovmf' not found\n" if !-f $ovmf;
> return ($ovmf);
> - } elsif ($amd_sev_type) {
> + } elsif ($cvm_type && ($cvm_type eq 'std' || $cvm_type eq 'es')) {
> $type = "4m-sev";
Nit and this is pre-existing, but it would be nice to detect an unknown
type here for future-proofing/robustness (Perl's lack of type system
makes this hard to enforce up-front). Something like
} elsif ($cmv_type) {
die "unknown CMV type $cmv_type\n";
But this should be a separate patch and can also be done as a follow-up
after adding the branch for the Intel one.
> } elsif (defined($efidisk->{efitype}) && $efidisk->{efitype} eq '4m') {
> $type = $smm ? "4m" : "4m-no-smm";
> @@ -203,16 +203,16 @@ my sub generate_ovmf_blockdev {
> sub print_ovmf_commandline {
> my ($conf, $storecfg, $vmid, $hw_info, $version_guard, $readonly) = @_;
>
> - my $amd_sev_type = $hw_info->{'amd-sev-type'};
> + my $cvm_type = $hw_info->{'cvm-type'};
>
> my $cmd = [];
> my $machine_flags = [];
>
> - if ($amd_sev_type && $amd_sev_type eq 'snp') {
> + if ($cvm_type && $cvm_type eq 'snp') {
> if (defined($conf->{efidisk0})) {
> - log_warn("EFI disks are not supported with SEV-SNP and will be ignored");
> + log_warn("EFI disks are not supported with Confidential Virtual Machines and will be ignored");
Style nit: line longer than 100 characters
> }
> - push $cmd->@*, '-bios', get_ovmf_files($hw_info->{arch}, undef, undef, $amd_sev_type);
> + push $cmd->@*, '-bios', get_ovmf_files($hw_info->{arch}, undef, undef, $cvm_type);
> } else {
> if ($version_guard->(10, 0, 0)) { # for the switch to -blockdev
> my ($code_blockdev, $vars_blockdev, $throttle_group) =
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-10-07 15:24 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-01 15:11 [pve-devel] [PATCH edk2-firmware/manager/qemu-server v2 0/7] Add support for Intel TDX Anton Iacobaeus
2025-10-01 15:11 ` [pve-devel] [PATCH edk2-firmware v2 1/3] Change name of SEV-related OVMF files Anton Iacobaeus
2025-10-07 15:24 ` Fiona Ebner
2025-10-01 15:11 ` [pve-devel] [PATCH edk2-firmware v2 2/3] Add firmware target for TDFV Anton Iacobaeus
2025-10-07 15:24 ` Fiona Ebner
2025-10-01 15:11 ` [pve-devel] [PATCH edk2-firmware v2 3/3] Add SCSI in NCCFV for TD guest Anton Iacobaeus
2025-10-07 15:24 ` Fiona Ebner
2025-10-01 15:11 ` [pve-devel] [PATCH manager v2 1/1] Add support for Intel TDX Anton Iacobaeus
2025-10-01 15:11 ` [pve-devel] [PATCH qemu-server v2 1/3] Adapt AMD SEV code for compatibility with other platforms Anton Iacobaeus
2025-10-07 15:24 ` Fiona Ebner [this message]
2025-10-01 15:11 ` [pve-devel] [PATCH qemu-server v2 2/3] Add check for TDX support Anton Iacobaeus
2025-10-08 10:06 ` Fiona Ebner
2025-10-01 15:11 ` [pve-devel] [PATCH qemu-server v2 3/3] Add support for Intel TDX Anton Iacobaeus
2025-10-08 10:21 ` Fiona Ebner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f77dd43e-3256-4253-ba13-37b869c6213c@proxmox.com \
--to=f.ebner@proxmox.com \
--cc=anton.iacobaeus@canarybit.eu \
--cc=philipp.giersfeld@canarybit.eu \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox