feat: Add support for ARM-CCA confidential computing features

[Avenger-285714]

[ Feature description ]

Confidential computing changes the traditional trust model by reducing the amount of trust users must place in the compute infrastructure (for example, the OS or hypervisor). It runs workloads inside a hardware-backed trusted execution environment to protect data-in-use, preventing privileged software and hardware agents from observing or tampering with data and code. ARM’s Confidential Compute Architecture (CCA) is an architectural extension that provides confidential computing capabilities. Its main features include:
*1. Introducing a confidential execution environment called Realm to protect
in-use data and code.
2. Allowing any third-party developer to protect their VMs or applications.
3. Supporting dynamic memory allocation.
4. Supporting remote attestation.

Compared with the earlier TrustZone technology, CCA can provide security at the confidential-VM level and supports seamless migration of large applications. For more details, see ARM’s official page. [1]

The Host/KVM must manage Realm lifecycle, allocate and reclaim Realm resources, and schedule Realms via the Realm Management Interface (RMI). The kernel/KVM will need corresponding patches to support CCA.

[ Affected repositories ]
kernel, libvirt, QEMU.

[1]. https://www.arm.com/architecture/security-features/arm-confidential-compute-architecture

Link: https://gitee.com/opencloudos-stream/libvirt/pulls/22

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign liujianqiang-niu for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• https:/raw.githubusercontent.com/deepin-community/template-repository/master/debian/deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[Copilot]

Pull request overview

This PR adds support for ARM's Confidential Compute Architecture (CCA) to libvirt, enabling confidential computing features for ARM-based virtualization. CCA provides hardware-backed trusted execution environments (Realms) that protect data and code from privileged software and hardware.

• Introduces CCA launch security type with measurement algorithms and personalization values
• Adds domain capabilities reporting for CCA features via QMP commands
• Updates XML schemas to support CCA configuration in domain definitions

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File	Description
debian/patches/series	Adds three new backport patches for ARM CCA support to the patch series
debian/patches/backport/0001-src-Add-ARM-CCA-support-in-qemu-driver-to-launch-VM.patch	Implements CCA support in QEMU driver including domain configuration, validation, and command line generation
debian/patches/backport/0002-src-Add-ARM-CCA-support-in-domain-capabilities-comma.patch	Adds QMP monitor support for querying CCA capabilities and updates all test domain capabilities files
debian/patches/backport/0003-src-Add-ARM-CCA-support-in-domain-schema.patch	Adds CCA schema definitions and capability parsing/formatting functions for domain and capabilities XML

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Potential null pointer dereference: The function virQEMUCapsFormatCCAInfo accesses cca->nCcaMeasurementAlgo without first checking if cca is NULL. While the caller checks if qemuCaps->ccaCapabilities exists before calling this function, it should still be defensive. Consider adding a NULL check at the beginning: if (!cca) return;

[Copilot]

[nitpick] The comment references "QEMU (=9.1.91)" which appears to be a development/RC version number. Consider using a final release version number in comments for clarity, or clarify if this feature will be available in a specific stable release version.

[Copilot]

Logic error in JSON parsing: The code retrieves "sections" array from the JSON response (line 401), but then accesses "measurement-algo" field from each element (line 420). Based on the function name qemuMonitorJSONGetCCAMeasurementAlgo and the context, it seems the array should contain measurement algorithms directly, not "sections". This mismatch between the expected JSON structure (looking for "sections") and the field being accessed ("measurement-algo") suggests either the JSON path is wrong or the field name is wrong. Please verify the correct QEMU QMP response format for 'query-cca-capabilities'.

Suggested change

	+ if (!cap || virJSONValueGetType(cap) != VIR_JSON_TYPE_OBJECT) {
	+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
	+ _("missing entry in CCA capabilities list"));
	+ return -1;
	+ }
	+
	+ if (!(measurement_algo = virJSONValueObjectGetString(cap, "measurement-algo"))) {
	+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
	+ _("query-cca-capabilities reply was missing 'measurement-algo' field"));
	+ if (!cap || virJSONValueGetType(cap) != VIR_JSON_TYPE_STRING) {
	+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
	+ _("missing or invalid entry in CCA capabilities list"));
	+ return -1;
	+ }
	+
	+ if (!(measurement_algo = virJSONValueGetString(cap))) {
	+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
	+ _("query-cca-capabilities reply was missing measurement algorithm string"));

[deepin-ci-robot]

/hold
因为该quilt包的上游版本号变更，详情见: deepin-community/infra-settings#134

[github-actions]

TAG Bot

TAG: 10.7.0-3deepin4
EXISTED: no
DISTRIBUTION: unstable