From e0c5d74e82eca646ed46055d224d32eab3a49e17 Mon Sep 17 00:00:00 2001
From: Cole Robinson <crobinso@redhat.com>
Date: Mon, 28 Feb 2022 08:36:52 -0500
Subject: domain: launch_security: simplify defaults and validation

* libvirt fills in cbitpos and reducedPhysBits for us
* libvirt errors if type is missing
* libvirt errors if host/qemu doesn't support sev

So drop it all. This simplifies testing because we don't need
sev domcaps in place just to generate the XML

Signed-off-by: Cole Robinson <crobinso@redhat.com>
---
 virtinst/domain/launch_security.py | 24 +-----------------------
 1 file changed, 1 insertion(+), 23 deletions(-)

(limited to 'virtinst/domain')

diff --git a/virtinst/domain/launch_security.py b/virtinst/domain/launch_security.py
index 03c03dfe..7af71811 100644
--- a/virtinst/domain/launch_security.py
+++ b/virtinst/domain/launch_security.py
@@ -18,27 +18,10 @@ class DomainLaunchSecurity(XMLBuilder):
     dhCert = XMLProperty("./dhCert")
     kernelHashes = XMLProperty("./@kernelHashes", is_yesno=True)
 
-    def is_sev(self):
-        return self.type == "sev"
-
-    def validate(self):
-        if not self.type:
-            raise RuntimeError(_("Missing mandatory attribute 'type'"))
-
     def _set_defaults_sev(self, guest):
-        # SeaBIOS doesn't have support for SEV. Q35 defaults to virtio 1.0,
-        # which we need so let's not go through the 'virtio-transitional'
-        # exercise for pc-i440fx to make SEV work, AMD recommends Q35 anyway
-        # NOTE: at some point both of these platform checks should be put in
-        # validate(), once that accepts the 'guest' instance
         if not guest.os.is_q35() or not guest.is_uefi():
             raise RuntimeError(_("SEV launch security requires a Q35 UEFI machine"))
 
-        # libvirt or QEMU might not support SEV
-        domcaps = guest.lookup_domcaps()
-        if not domcaps.supports_sev_launch_security():
-            raise RuntimeError(_("SEV launch security is not supported on this platform"))
-
         # 'policy' is a mandatory 4-byte argument for the SEV firmware,
         # if missing, let's use 0x03 which, according to the table at
         # https://libvirt.org/formatdomain.html#launchSecurity:
@@ -47,11 +30,6 @@ class DomainLaunchSecurity(XMLBuilder):
         if self.policy is None:
             self.policy = "0x03"
 
-        if self.cbitpos is None:
-            self.cbitpos = domcaps.features.sev.cbitpos
-        if self.reducedPhysBits is None:
-            self.reducedPhysBits = domcaps.features.sev.reducedPhysBits
-
     def set_defaults(self, guest):
-        if self.is_sev():
+        if self.type == "sev":
             return self._set_defaults_sev(guest)
-- 
cgit v1.2.1