From 76e4f6a2a302fde526690c15721817b731b135d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fabiano.fidencio@intel.com>
Date: Wed, 2 Mar 2022 10:52:47 +0100
Subject: [PATCH] Revert "hypervisors: Confidential Guests do not support
 Device hotplug"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This reverts commit df8ffecde0b4190c6c8ce8ee21e871ceafe132f9, as device
hotplug *is* supported and, more than that, is very much needed when
using virtio-blk instead of virtio-fs.

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
---
 src/runtime/config/configuration-clh.toml.in  |  1 -
 src/runtime/config/configuration-qemu.toml.in |  1 -
 src/runtime/virtcontainers/clh.go             | 12 +-----------
 src/runtime/virtcontainers/qemu_amd64.go      |  5 ++---
 src/runtime/virtcontainers/qemu_arch_base.go  |  4 +---
 src/runtime/virtcontainers/qemu_ppc64le.go    |  3 +--
 6 files changed, 5 insertions(+), 21 deletions(-)

diff --git a/src/runtime/config/configuration-clh.toml.in b/src/runtime/config/configuration-clh.toml.in
index 4afafaf08d..7c8782a63e 100644
--- a/src/runtime/config/configuration-clh.toml.in
+++ b/src/runtime/config/configuration-clh.toml.in
@@ -25,7 +25,6 @@ image = "@IMAGEPATH@"
 # Known limitations:
 # * Does not work by design:
 #   - CPU Hotplug 
-#   - Device Hotplug
 #   - Memory Hotplug
 #   - NVDIMM devices
 #
diff --git a/src/runtime/config/configuration-qemu.toml.in b/src/runtime/config/configuration-qemu.toml.in
index af5c583647..08d130815a 100644
--- a/src/runtime/config/configuration-qemu.toml.in
+++ b/src/runtime/config/configuration-qemu.toml.in
@@ -26,7 +26,6 @@ machine_type = "@MACHINETYPE@"
 # Known limitations:
 # * Does not work by design:
 #   - CPU Hotplug 
-#   - Device Hotplug
 #   - Memory Hotplug
 #   - NVDIMM devices
 #
diff --git a/src/runtime/virtcontainers/clh.go b/src/runtime/virtcontainers/clh.go
index 805fda7169..a25cd019a3 100644
--- a/src/runtime/virtcontainers/clh.go
+++ b/src/runtime/virtcontainers/clh.go
@@ -638,10 +638,6 @@ func (clh *cloudHypervisor) HotplugAddDevice(ctx context.Context, devInfo interf
 	span, _ := katatrace.Trace(ctx, clh.Logger(), "HotplugAddDevice", clhTracingTags, map[string]string{"sandbox_id": clh.id})
 	defer span.End()
 
-	if clh.config.ConfidentialGuest {
-		return nil, errors.New("Device hotplug addition is not supported in confidential mode")
-	}
-
 	switch devType {
 	case BlockDev:
 		drive := devInfo.(*config.BlockDrive)
@@ -659,10 +655,6 @@ func (clh *cloudHypervisor) HotplugRemoveDevice(ctx context.Context, devInfo int
 	span, _ := katatrace.Trace(ctx, clh.Logger(), "HotplugRemoveDevice", clhTracingTags, map[string]string{"sandbox_id": clh.id})
 	defer span.End()
 
-	if clh.config.ConfidentialGuest {
-		return nil, errors.New("Device hotplug removal is not supported in confidential mode")
-	}
-
 	var deviceID string
 
 	switch devType {
@@ -917,9 +909,7 @@ func (clh *cloudHypervisor) Capabilities(ctx context.Context) types.Capabilities
 	clh.Logger().WithField("function", "Capabilities").Info("get Capabilities")
 	var caps types.Capabilities
 	caps.SetFsSharingSupport()
-	if !clh.config.ConfidentialGuest {
-		caps.SetBlockDeviceHotplugSupport()
-	}
+	caps.SetBlockDeviceHotplugSupport()
 	return caps
 }
 
diff --git a/src/runtime/virtcontainers/qemu_amd64.go b/src/runtime/virtcontainers/qemu_amd64.go
index 8e76bf55c9..3f52ab756d 100644
--- a/src/runtime/virtcontainers/qemu_amd64.go
+++ b/src/runtime/virtcontainers/qemu_amd64.go
@@ -158,9 +158,8 @@ func newQemuArch(config HypervisorConfig) (qemuArch, error) {
 func (q *qemuAmd64) capabilities() types.Capabilities {
 	var caps types.Capabilities
 
-	if (q.qemuMachine.Type == QemuQ35 ||
-		q.qemuMachine.Type == QemuVirt) &&
-		q.protection == noneProtection {
+	if q.qemuMachine.Type == QemuQ35 ||
+		q.qemuMachine.Type == QemuVirt {
 		caps.SetBlockDeviceHotplugSupport()
 	}
 
diff --git a/src/runtime/virtcontainers/qemu_arch_base.go b/src/runtime/virtcontainers/qemu_arch_base.go
index c5c5e8057c..62fec60a7d 100644
--- a/src/runtime/virtcontainers/qemu_arch_base.go
+++ b/src/runtime/virtcontainers/qemu_arch_base.go
@@ -277,9 +277,7 @@ func (q *qemuArchBase) kernelParameters(debug bool) []Param {
 
 func (q *qemuArchBase) capabilities() types.Capabilities {
 	var caps types.Capabilities
-	if q.protection == noneProtection {
-		caps.SetBlockDeviceHotplugSupport()
-	}
+	caps.SetBlockDeviceHotplugSupport()
 	caps.SetMultiQueueSupport()
 	caps.SetFsSharingSupport()
 	return caps
diff --git a/src/runtime/virtcontainers/qemu_ppc64le.go b/src/runtime/virtcontainers/qemu_ppc64le.go
index e78fcb7016..e18f2264b5 100644
--- a/src/runtime/virtcontainers/qemu_ppc64le.go
+++ b/src/runtime/virtcontainers/qemu_ppc64le.go
@@ -101,8 +101,7 @@ func (q *qemuPPC64le) capabilities() types.Capabilities {
 	var caps types.Capabilities
 
 	// pseries machine type supports hotplugging drives
-	if q.qemuMachine.Type == QemuPseries &&
-		q.protection == noneProtection {
+	if q.qemuMachine.Type == QemuPseries {
 		caps.SetBlockDeviceHotplugSupport()
 	}