openstack/nova
Code Issues Proposed changes
2b2a5cedfc
nova/requirements.txt
Adam Spiers b4905467db Add extra spec parameter and image property for memory encryption 
Add a new "hw:mem_encryption" extra spec parameter, and a new
"hw_mem_encryption" image property, which indicate that any guest
booted with that extra spec parameter or image property respectively
needs to be booted with its memory hardware-encrypted.

This is achieved by converting the requirement stated in the extra
spec parameter and/or image property into an additional extra spec
parameter which requests resources for one slot of the inventory of
the new MEM_ENCRYPTION_CONTEXT resource class (introduced in
os-resource-classes 0.4.0).  The inventory will be provided by the
follow-up commit I659cb77f12a38a4d2fb118530ebb9de88d2ed30d.

Since future commits adding support for SEV to guest XML config will
also need to know at launch-time whether memory encryption has been
requested, add a reusable mem_encryption_requested() function to the
nova.virt.hardware library for detecting which of the extra spec /
image property (if either) have requested encrypted memory.

If both the extra spec parameter and the image property are explicitly
specified and they contradict each other, or if either request memory
encryption but the image does not have hw_firmware_type set to UEFI,
then log an error and raise a new generic FlavorImageConflict
exception.  This exception can also be useful in the future for
handling other similar conflicts.  In this particular use case,
FlavorImageConflict is raised by mem_encryption_requested(), and then
if caught during API call validation, it's re-raised as
HTTPBadRequest.

In order to test this code, we need to construct various ImageMeta
objects containing fake data and a ImageMetaProps instance for each.
This is a slightly fiddly task which future patches in the SEV series
will also need to perform, so add a helper to nova.tests.unit.image.fake
for this.

blueprint: amd-sev-libvirt-support
Change-Id: I8c63b5cc5ad97ce831adb2eb96a995ebc798ecb7
2019-09-01 15:17:31 +01:00

75 lines
2.6 KiB
Plaintext
Raw Blame History

# The order of packages is significant, because pip processes them in the order
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
pbr!=2.1.0,>=2.0.0 # Apache-2.0
SQLAlchemy!=1.1.5,!=1.1.6,!=1.1.7,!=1.1.8,>=1.0.10 # MIT
decorator>=3.4.0 # BSD
eventlet!=0.20.1,>=0.20.0 # MIT
Jinja2>=2.10 # BSD License (3 clause)
keystonemiddleware>=4.20.0 # Apache-2.0
lxml!=3.7.0,>=3.4.1 # BSD
Routes>=2.3.1 # MIT
cryptography>=2.7 # BSD/Apache-2.0
WebOb>=1.8.2 # MIT
# NOTE(mriedem): greenlet 0.4.14 does not work with older versions of gcc on
# ppc64le systems, see https://github.com/python-greenlet/greenlet/issues/136.
greenlet>=0.4.10,!=0.4.14 # MIT
PasteDeploy>=1.5.0 # MIT
Paste>=2.0.2 # MIT
PrettyTable<0.8,>=0.7.1 # BSD
sqlalchemy-migrate>=0.11.0 # Apache-2.0
netaddr>=0.7.18 # BSD
netifaces>=0.10.4 # MIT
paramiko>=2.0.0 # LGPLv2.1+
Babel!=2.4.0,>=2.3.4 # BSD
enum34>=1.0.4;python_version=='2.7' or python_version=='2.6' or python_version=='3.3' # BSD
iso8601>=0.1.11 # MIT
jsonschema>=2.6.0 # MIT
python-cinderclient!=4.0.0,>=3.3.0 # Apache-2.0
keystoneauth1>=3.16.0 # Apache-2.0
python-neutronclient>=6.7.0 # Apache-2.0
python-glanceclient>=2.8.0 # Apache-2.0
requests>=2.14.2 # Apache-2.0
six>=1.10.0 # MIT
stevedore>=1.20.0 # Apache-2.0
websockify>=0.8.0 # LGPLv3
oslo.cache>=1.26.0 # Apache-2.0
oslo.concurrency>=3.26.0 # Apache-2.0
oslo.config>=6.1.0 # Apache-2.0
oslo.context>=2.19.2 # Apache-2.0
oslo.log>=3.36.0 # Apache-2.0
oslo.reports>=1.18.0 # Apache-2.0
oslo.serialization!=2.19.1,>=2.21.1 # Apache-2.0
oslo.upgradecheck>=0.1.1
oslo.utils>=3.37.0 # Apache-2.0
oslo.db>=4.44.0 # Apache-2.0
oslo.rootwrap>=5.8.0 # Apache-2.0
oslo.messaging>=7.0.0 # Apache-2.0
oslo.policy>=1.35.0 # Apache-2.0
oslo.privsep>=1.32.0 # Apache-2.0
oslo.i18n>=3.15.3 # Apache-2.0
oslo.service>=1.34.0 # Apache-2.0
rfc3986>=1.1.0 # Apache-2.0
oslo.middleware>=3.31.0 # Apache-2.0
psutil>=3.2.2 # BSD
oslo.versionedobjects>=1.35.0 # Apache-2.0
os-brick>=2.6.1 # Apache-2.0
os-resource-classes>=0.4.0 # Apache-2.0
os-traits>=0.16.0 # Apache-2.0
os-vif>=1.14.0 # Apache-2.0
os-win>=3.0.0 # Apache-2.0
castellan>=0.16.0 # Apache-2.0
microversion-parse>=0.2.1 # Apache-2.0
os-xenapi>=0.3.3 # Apache-2.0
tooz>=1.58.0 # Apache-2.0
cursive>=0.2.1 # Apache-2.0
pypowervm>=1.1.15 # Apache-2.0
retrying>=1.3.3,!=1.3.0 # Apache-2.0
os-service-types>=1.7.0 # Apache-2.0
taskflow>=2.16.0 # Apache-2.0
python-dateutil>=2.5.3 # BSD
zVMCloudConnector>=1.3.0;sys_platform!='win32' # Apache 2.0 License
futurist>=1.8.0 # Apache-2.0
openstacksdk>=0.35.0 # Apache-2.0
View Git Blame Copy Permalink