From cd8950459e48de23b86e330542434745ac906afc Mon Sep 17 00:00:00 2001 From: Adam Spiers Date: Thu, 3 Jan 2019 18:15:49 +0000 Subject: [PATCH] AMD SEV: address final feedback received prior to merge The AMD SEV spec was just merged, but there were a few minor nits outstanding, so address them here. blueprint: amd-sev-libvirt-support Change-Id: I93840aa852b837c03ede9e21e720c1e1c1c773f2 --- .../approved/amd-sev-libvirt-support.rst | 37 +++++++++++-------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/specs/stein/approved/amd-sev-libvirt-support.rst b/specs/stein/approved/amd-sev-libvirt-support.rst index 7156d81f6..80714c077 100644 --- a/specs/stein/approved/amd-sev-libvirt-support.rst +++ b/specs/stein/approved/amd-sev-libvirt-support.rst @@ -164,7 +164,7 @@ development and testing would include the following deliverables: It is also recommended to include an additional padding of at least 256KB for safety, since ROM sizes can occasionally change. For example the total of 10832KB required here for ROMs / ACPI - tables could be rounded up to 16MB. + tables should be rounded up to 16MB. The first two values are expected to commonly vary per VM, and are already accounted for dynamically by the placement service. @@ -311,9 +311,11 @@ The following limitations are expected long-term: break images with legacy OS's which expect the config drive to be an IDE CD-ROM. It would also not deal with other CD-ROM devices. - #. Set the (largely undocumented) ``hw_cdrom_bus`` image property to - ``virtio-scsi``, which is recommended as a replacement for - ``ide``. + #. Set the (largely `undocumented + `_) + ``hw_cdrom_bus`` image property to ``virtio``, which is + recommended as a replacement for ``ide``, and ``hw_scsi_model`` + to ``virtio-scsi``. Some potentially cleaner long-term solutions which require code changes are suggested as a stretch goal in the `Work Items`_ section @@ -323,7 +325,9 @@ For the sake of eliminating any doubt, the following actions are *not* expected to be limited when SEV encryption is used: - Cold migration or shelve, since they power off the VM before the - operation at which point there is no encrypted memory + operation at which point there is no encrypted memory (although this + could change since there is work underway to add support for `PMEM + `_) - Snapshot, since it only snapshots the disk @@ -335,7 +339,8 @@ expected to be limited when SEV encryption is used: - Use of spice / VNC / serial / RDP consoles -- vNUMA +- `VM guest virtual NUMA (a.k.a. vNUMA) + `_ Alternatives ------------ @@ -598,15 +603,15 @@ need to be made to nova's libvirt driver: #. Introduce a new ``nova.conf`` option for specifying the default bus to use for CD-ROMs. Then for instance the default could be ``scsi`` (for consistency with other CPU architectures) or - ``virtio-scsi``, with ``hw_cdrom_bus`` overriding this value - where needed. This is likely to be more future-proof as the use - of very old machine types is gradually phased out, although the + ``virtio``, with ``hw_cdrom_bus`` overriding this value where + needed. This is likely to be more future-proof as the use of + very old machine types is gradually phased out, although the downside is a small risk of breaking legacy images. If there exist clouds where such legacy x86 images are common, the option could then be set to ``ide`` and - ``hw_cdrom_bus=virtio-scsi`` overriding when newer machine types - are required for SEV (or any other reason). Although this is + ``hw_cdrom_bus=virtio`` overriding when newer machine types are + required for SEV (or any other reason). Although this is perhaps sufficiently unlikely as to make a new config option overkill. @@ -687,10 +692,12 @@ Documentation Impact `_ should be updated with details of how to set up SEV-capable hypervisors. It would be prudent to mention the current - `limitations`_ here too, including the impact on compute host - maintenance, and the need to correctly calculate - `reserved_host_memory_mb`_ based on the expected maximum number of - SEV guests simultaneously running on the host. + `limitations`_ here too, including the impact on config drive + configuration, compute host maintenance, the need to correctly + calculate `reserved_host_memory_mb`_ based on the expected maximum + number of SEV guests simultaneously running on the host, and the + details provided above (such as memory region sizes) which cover how + to calculate it correctly. Other non-nova documentation should be updated too: