From: Philipp Giersfeld <[email protected]> This commit adds suppport to enable Intel TDX for a VM similar to AMD SEV.
Signed-off-by: Philipp Giersfeld <[email protected]> Signed-off-by: Anton Iacobaeus <[email protected]> --- www/manager6/Makefile | 1 + www/manager6/qemu/Options.js | 12 +++++ www/manager6/qemu/TdxEdit.js | 90 ++++++++++++++++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100644 www/manager6/qemu/TdxEdit.js diff --git a/www/manager6/Makefile b/www/manager6/Makefile index 07401f21..5a79eed7 100644 --- a/www/manager6/Makefile +++ b/www/manager6/Makefile @@ -275,6 +275,7 @@ JSSRC= \ qemu/SevEdit.js \ qemu/Smbios1Edit.js \ qemu/SystemEdit.js \ + qemu/TdxEdit.js \ qemu/USBEdit.js \ qemu/VirtiofsEdit.js \ sdn/Browser.js \ diff --git a/www/manager6/qemu/Options.js b/www/manager6/qemu/Options.js index 6fe96fe2..044ed227 100644 --- a/www/manager6/qemu/Options.js +++ b/www/manager6/qemu/Options.js @@ -386,6 +386,18 @@ Ext.define('PVE.qemu.Options', { return value; }, }, + 'intel-tdx': { + header: gettext('Intel TDX'), + editor: caps.vms['VM.Config.HWType'] ? 'PVE.qemu.TdxEdit' : undefined, + defaultValue: Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')', + renderer: function(value, metaData, record, ri, ci, store, pending) { + let intel_tdx = PVE.Parser.parsePropertyString(value, "type"); + if (intel_tdx.type === 'tdx') { + return 'Intel (' + value + ')'; + } + return value; + }, + }, hookscript: { header: gettext('Hookscript'), }, diff --git a/www/manager6/qemu/TdxEdit.js b/www/manager6/qemu/TdxEdit.js new file mode 100644 index 00000000..735a478c --- /dev/null +++ b/www/manager6/qemu/TdxEdit.js @@ -0,0 +1,90 @@ +Ext.define('PVE.qemu.TdxInputPanel', { + extend: 'Proxmox.panel.InputPanel', + xtype: 'pveTdxInputPanel', + + onlineHelp: 'qm_memory', // TODO: change to 'qm_memory_encryption' one available + + viewModel: { + data: { + type: '__default__', + }, + formulas: { + tdxEnabled: get => get('type') === 'tdx', + }, + }, + + onGetValues: function(values) { + if (values.delete === 'type') { + values.delete = 'intel-tdx'; + return values; + } + let ret = {}; + ret['intel-tdx'] = PVE.Parser.printPropertyString(values, 'type'); + return ret; + }, + + + setValues: function(values) { + this.callParent(arguments); + }, + + items: [{ + xtype: 'proxmoxKVComboBox', + fieldLabel: gettext('Intel TDX Type'), + labelWidth: 150, + name: 'type', + value: '__default__', + comboItems: [ + ['__default__', Proxmox.Utils.defaultText + ' (' + Proxmox.Utils.disabledText + ')'], + ['tdx', 'Intel TDX'], + ], + bind: { + value: '{type}', + }, + }, + { + xtype: 'displayfield', + userCls: 'pmx-hint', + value: gettext('WARNING: When using Intel TDX no EFI disk is loaded as pflash.'), + bind: { + hidden: '{!tdxEnabled}', + }, + }, + { + xtype: 'displayfield', + userCls: 'pmx-hint', + value: gettext('Note: Intel TDX requires host kernel version 6.16 or higher.'), + bind: { + hidden: '{!tdxEnabled}', + }, + }], + + advancedItems: [ + ], +}); + +Ext.define('PVE.qemu.TdxEdit', { + extend: 'Proxmox.window.Edit', + + subject: 'Intel Trust Domain Extension (TDX)', + + items: { + xtype: 'pveTdxInputPanel', + }, + + width: 400, + + initComponent: function() { + let me = this; + + me.callParent(); + + me.load({ + success: function(response) { + let conf = response.result.data; + let intel_tdx = conf['intel-tdx'] || '__default__'; + me.setValues(PVE.Parser.parsePropertyString(intel_tdx, 'type')); + }, + }); + }, +}); -- 2.43.0 _______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
