[pve-devel] [PATCH pve-manager 4/4] Add configuration options for AMD SEV-SNP
Philipp Giersfeld
philipp.giersfeld at canarybit.eu
Fri Feb 7 09:51:20 CET 2025
Expand input panel with AMD SEV-SNP selection, and relevant optional
parameters similar to existing options for AMD SEV(-ES).
Further, upon selecting AMD SEV-SNP, issue a warning that EFI disks are
not included when using SEV-SNP.
Signed-off-by: Philipp Giersfeld <philipp.giersfeld at canarybit.eu>
---
www/manager6/qemu/Options.js | 1 +
www/manager6/qemu/SevEdit.js | 40 ++++++++++++++++++++++++++++++------
2 files changed, 35 insertions(+), 6 deletions(-)
diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js
index cbe9e52b..49a921cd 100644
--- a/www/manager6/qemu/Options.js
+++ b/www/manager6/qemu/Options.js
@@ -346,6 +346,7 @@ Ext.define('PVE.qemu.Options', {
let amd_sev = PVE.Parser.parsePropertyString(value, "type");
if (amd_sev.type === 'std') return 'AMD SEV (' + value + ')';
if (amd_sev.type === 'es') return 'AMD SEV-ES (' + value + ')';
+ if (amd_sev.type === 'snp') return 'AMD SEV-SNP (' + value + ')';
return value;
},
},
diff --git a/www/manager6/qemu/SevEdit.js b/www/manager6/qemu/SevEdit.js
index a2080f2d..9605cf59 100644
--- a/www/manager6/qemu/SevEdit.js
+++ b/www/manager6/qemu/SevEdit.js
@@ -9,7 +9,8 @@ Ext.define('PVE.qemu.SevInputPanel', {
type: '__default__',
},
formulas: {
- sevEnabled: get => get('type') !== '__default__',
+ sevEnabled: get => get('type') === 'std' || get('type') === 'es',
+ snpEnabled: get => get('type') === 'snp',
},
},
@@ -21,10 +22,14 @@ Ext.define('PVE.qemu.SevInputPanel', {
if (!values.debug) {
values["no-debug"] = 1;
}
+ if (values.smt) {
+ values["allow-smt"] = 1;
+ }
if (!values["key-sharing"]) {
values["no-key-sharing"] = 1;
}
delete values.debug;
+ delete values.smt;
delete values["key-sharing"];
let ret = {};
ret['amd-sev'] = PVE.Parser.printPropertyString(values, 'type');
@@ -36,13 +41,16 @@ Ext.define('PVE.qemu.SevInputPanel', {
if (PVE.Parser.parseBoolean(values["no-debug"])) {
values.debug = 0;
}
+ if (PVE.Parser.parseBoolean(values["allow-smt"])) {
+ values.smt = 1;
+ }
if (PVE.Parser.parseBoolean(values["no-key-sharing"])) {
values["key-sharing"] = 0;
}
this.callParent(arguments);
},
- items: {
+ items: [{
xtype: 'proxmoxKVComboBox',
fieldLabel: gettext('AMD SEV Type'),
labelWidth: 150,
@@ -52,11 +60,20 @@ Ext.define('PVE.qemu.SevInputPanel', {
['__default__', Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')'],
['std', 'AMD SEV'],
['es', 'AMD SEV-ES (highly experimental)'],
+ ['snp', 'AMD SEV-SNP (highly experimental)'],
],
bind: {
value: '{type}',
},
},
+ {
+ xtype: 'displayfield',
+ userCls: 'pmx-hint',
+ value: gettext('WARNING: When using SEV-SNP no variable store is loaded as pflash.'),
+ bind: {
+ hidden: '{!snpEnabled}',
+ },
+ }],
advancedItems: [
{
@@ -66,8 +83,8 @@ Ext.define('PVE.qemu.SevInputPanel', {
name: 'debug',
value: 1,
bind: {
- hidden: '{!sevEnabled}',
- disabled: '{!sevEnabled}',
+ hidden: '{!sevEnabled && !snpEnabled}',
+ disabled: '{!sevEnabled && !snpEnabled}',
},
},
{
@@ -81,6 +98,17 @@ Ext.define('PVE.qemu.SevInputPanel', {
disabled: '{!sevEnabled}',
},
},
+ {
+ xtype: 'proxmoxcheckbox',
+ fieldLabel: gettext('Allow SMT'),
+ labelWidth: 150,
+ name: 'smt',
+ value: 1,
+ bind: {
+ hidden: '{!snpEnabled}',
+ disabled: '{!snpEnabled}',
+ },
+ },
{
xtype: 'proxmoxcheckbox',
fieldLabel: gettext('Enable Kernel Hashes'),
@@ -88,8 +116,8 @@ Ext.define('PVE.qemu.SevInputPanel', {
name: 'kernel-hashes',
deleteDefaultValue: false,
bind: {
- hidden: '{!sevEnabled}',
- disabled: '{!sevEnabled}',
+ hidden: '{!sevEnabled && !snpEnabled}',
+ disabled: '{!sevEnabled && !snpEnabled}',
},
},
],
--
2.39.5
More information about the pve-devel
mailing list