Create a controller for qga when SEV is used

When a guest agent is requested, it requires a virtio-serial controller.
If the controller is not created explicitly, it will be created by
libvirt. But if AMD SEV is also requested, the controller is expected
to use the iommu driver.

In order to achive that, the controller is created explicitly with the
required driver.

Change-Id: I47c248649b9d77e8bd7c5350fc84d89342be4623
Closes-Bug: 1845986

nova/tests/unit/virt/libvirt/test_designer.py

@@ -228,12 +228,19 @@ class DesignerTestCase(test.NoDBTestCase):
 
     def test_set_driver_iommu_for_sev(self):
         conf = fake_libvirt_data.fake_kvm_guest()
+
+        # obj.devices[11]
+        controller = config.LibvirtConfigGuestController()
+        controller.type = 'virtio-serial'
+        controller.index = 0
+        conf.add_device(controller)
+
         designer.set_driver_iommu_for_sev(conf)
 
         # All disks/interfaces/memballoon are expected to be virtio,
         # thus driver_iommu should be on
-        self.assertEqual(10, len(conf.devices))
-        for i in (0, 2, 3, 6, 8, 9):
+        self.assertEqual(11, len(conf.devices))
+        for i in (0, 2, 3, 6, 8, 9, 10):
             dev = conf.devices[i]
             self.assertTrue(
                 dev.driver_iommu,

nova/tests/unit/virt/libvirt/test_driver.py

@@ -3073,7 +3073,7 @@ class LibvirtConnTestCase(test.NoDBTestCase,
 
     @mock.patch.object(libvirt_driver.LibvirtDriver,
                        "_has_uefi_support", new=mock.Mock(return_value=True))
-    def _setup_sev_guest(self):
+    def _setup_sev_guest(self, extra_image_properties=None):
         drvr = libvirt_driver.LibvirtDriver(fake.FakeVirtAPI(), True)
         drvr._host._supports_amd_sev = True
 
@@ -3095,13 +3095,16 @@ class LibvirtConnTestCase(test.NoDBTestCase,
 
         instance_ref = objects.Instance(**self.test_instance)
         instance_ref.flavor = flavor
+        image_meta_properties = {
+            'hw_firmware_type': 'uefi',
+            'hw_machine_type': 'q35'}
+        if extra_image_properties:
+            image_meta_properties.update(extra_image_properties)
         image_meta = objects.ImageMeta.from_dict({
             'id': 'd9c6aeee-8258-4bdb-bca4-39940461b182',
             'name': 'fakeimage',
             'disk_format': 'raw',
-            'properties': {'hw_firmware_type': 'uefi',
-                           'hw_machine_type': 'q35'}
-        })
+            'properties': image_meta_properties})
 
         disk_info = blockinfo.get_disk_info(CONF.libvirt.virt_type,
                                             instance_ref,
@@ -5994,6 +5997,24 @@ class LibvirtConnTestCase(test.NoDBTestCase,
         self.assertEqual(cfg.devices[6].type, "unix")
         self.assertEqual(cfg.devices[6].target_name, "org.qemu.guest_agent.0")
 
+    @mock.patch.object(host.Host, 'get_domain_capabilities')
+    @mock.patch.object(designer, 'set_driver_iommu_for_sev')
+    def test_get_guest_config_with_qga_through_image_meta_with_sev(
+            self, mock_designer, fake_domain_caps):
+        self._setup_fake_domain_caps(fake_domain_caps)
+        extra_properties = {"hw_qemu_guest_agent": "yes"}
+        cfg = self._setup_sev_guest(extra_properties)
+
+        self.assertIsInstance(cfg.devices[8],
+                              vconfig.LibvirtConfigGuestController)
+        self.assertIsInstance(cfg.devices[9],
+                              vconfig.LibvirtConfigGuestChannel)
+
+        self.assertEqual(cfg.devices[8].type, "virtio-serial")
+        self.assertTrue(cfg.devices[8].uses_virtio)
+        self.assertEqual(cfg.devices[9].type, "unix")
+        self.assertEqual(cfg.devices[9].target_name, "org.qemu.guest_agent.0")
+
     def test_get_guest_config_with_video_driver_vram(self):
         self.flags(enabled=False, group='vnc')
         self.flags(virt_type='kvm', group='libvirt')

nova/virt/libvirt/config.py

@@ -1933,7 +1933,9 @@ class LibvirtConfigGuestController(LibvirtConfigGuestDevice):
 
     @property
     def uses_virtio(self):
-        return 'virtio-scsi' == self.model
+        model_is_virtio = 'virtio-scsi' == self.model
+        type_is_virtio = 'virtio-serial' == self.type
+        return model_is_virtio or type_is_virtio
 
     def format_dom(self):
         controller = super(LibvirtConfigGuestController, self).format_dom()

nova/virt/libvirt/driver.py

@@ -5147,9 +5147,22 @@ class LibvirtDriver(driver.ComputeDriver):
             rng_device.backend = rng_path
             guest.add_device(rng_device)
 
+    def _add_virtio_serial_controller(self, guest, instance):
+        virtio_controller = vconfig.LibvirtConfigGuestController()
+        virtio_controller.type = 'virtio-serial'
+        guest.add_device(virtio_controller)
+
     def _set_qemu_guest_agent(self, guest, flavor, instance, image_meta):
         # Enable qga only if the 'hw_qemu_guest_agent' is equal to yes
         if image_meta.properties.get('hw_qemu_guest_agent', False):
+            # a virtio-serial controller is required for qga. If it is not
+            # created explicitly, libvirt will do it by itself. But in case
+            # of AMD SEV, any virtio device should use iommu driver, and
+            # libvirt does not know about it. That is why the controller
+            # should be created manually.
+            if self._sev_enabled(flavor, image_meta):
+                self._add_virtio_serial_controller(guest, instance)
+
             LOG.debug("Qemu guest agent is enabled through image "
                       "metadata", instance=instance)
             self._add_qga_device(guest, instance)

releasenotes/notes/bug-1845986-70730d9f6c09e68b.yaml

@@ -0,0 +1,14 @@
+---
+fixes:
+  - |
+    `Bug 1845986`_ has been fixed by adding iommu driver when the following
+    metadata options are used with AMD SEV:
+
+    - ``hw_scsi_model=virtio-scsi`` and either ``hw_disk_bus=scsi`` or
+      ``hw_cdrom_bus=scsi``
+    - ``hw_video_model=virtio``
+
+    Also a virtio-serial controller is created when ``hw_qemu_guest_agent=yes``
+    option is used, together with iommu driver for it.
+
+    .. _Bug 1845986: https://launchpad.net/bugs/1845986