With NUMA config:

<devices>
  ...
  <memory model='sgx-epc'>
    <source>
      <nodemask>0-1</nodemask>
    </source>
    <target>
      <size unit='KiB'>512</size>
      <node>0</node>
    </target>
  </memory>
  ...
</devices>

Without NUMA config:

<devices>
  ...
  <memory model='sgx-epc'>
    <target>
      <size unit='KiB'>512</size>
    </target>
  </memory>
  ...
</devices>

Signed-off-by: Lin Yang <lin.a.y...@intel.com>
Signed-off-by: Michal Privoznik <mpriv...@redhat.com>
---
 docs/formatdomain.rst                         | 27 +++++++-
 src/conf/domain_conf.c                        | 27 ++++++++
 src/conf/domain_conf.h                        |  1 +
 src/conf/domain_validate.c                    |  9 +++
 src/conf/schemas/domaincommon.rng             |  1 +
 src/qemu/qemu_alias.c                         |  3 +
 src/qemu/qemu_command.c                       |  1 +
 src/qemu/qemu_domain.c                        | 48 ++++++++++----
 src/qemu/qemu_domain_address.c                |  6 ++
 src/qemu/qemu_driver.c                        |  1 +
 src/qemu/qemu_process.c                       |  2 +
 src/qemu/qemu_validate.c                      |  8 +++
 src/security/security_apparmor.c              |  1 +
 src/security/security_dac.c                   |  2 +
 src/security/security_selinux.c               |  2 +
 tests/qemuxml2argvdata/sgx-epc-numa.xml       | 50 +++++++++++++++
 tests/qemuxml2argvdata/sgx-epc.xml            | 36 +++++++++++
 .../sgx-epc-numa.x86_64-latest.xml            | 64 +++++++++++++++++++
 .../sgx-epc.x86_64-6.2.0.xml                  | 52 +++++++++++++++
 tests/qemuxml2xmltest.c                       |  3 +
 20 files changed, 329 insertions(+), 15 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/sgx-epc-numa.xml
 create mode 100644 tests/qemuxml2argvdata/sgx-epc.xml
 create mode 100644 tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml
 create mode 100644 tests/qemuxml2xmloutdata/sgx-epc.x86_64-6.2.0.xml

diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index 62a94890f0..b95c930d73 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -7910,6 +7910,20 @@ Example: usage of the memory devices
          <current unit='KiB'>524288</current>
        </target>
      </memory>
+     <memory model='sgx-epc'>
+       <source>
+         <nodemask>0-1</nodemask>
+       </source>
+       <target>
+         <size unit='KiB'>16384</size>
+         <node>0</node>
+       </target>
+     </memory>
+     <memory model='sgx-epc'>
+       <target>
+         <size unit='KiB'>16384</size>
+       </target>
+     </memory>
    </devices>
    ...
 
@@ -7918,7 +7932,9 @@ Example: usage of the memory devices
    1.2.14` Provide ``nvdimm`` model that adds a Non-Volatile DIMM module.
    :since:`Since 3.2.0` Provide ``virtio-pmem`` model to add a paravirtualized
    persistent memory device. :since:`Since 7.1.0` Provide ``virtio-mem`` model
-   to add paravirtualized memory device. :since:`Since 7.9.0`
+   to add paravirtualized memory device. :since:`Since 7.9.0` Provide
+   ``sgx-epc`` model to add a SGX enclave page cache (EPC) memory to the guest.
+   :since:`Since 8.6.0 and QEMU 6.2.0`
 
 ``access``
    An optional attribute ``access`` ( :since:`since 3.2.0` ) that provides
@@ -7978,6 +7994,13 @@ Example: usage of the memory devices
      Represents a path in the host that backs the virtio memory module in the
      guest. It is mandatory.
 
+   For model ``sgx-epc`` this element is optional. The following optional
+   elements may be used:
+
+   ``nodemask``
+      This element can be used to override the default set of NUMA nodes where
+      the memory would be allocated. :since:`Since 8.6.0 and QEMU 7.0.0`
+
 ``target``
    The mandatory ``target`` element configures the placement and sizing of the
    added memory from the perspective of the guest.
@@ -7988,6 +8011,8 @@ Example: usage of the memory devices
 
    The ``node`` subelement configures the guest NUMA node to attach the memory
    to. The element shall be used only if the guest has NUMA nodes configured.
+   For model ``sgx-epc`` this element is optional. It will be set to 0 as
+   default. :since:`Since 8.6.0 and QEMU 7.0.0`
 
    The following optional elements may be used:
 
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 709ca53790..f8b67eb375 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1431,6 +1431,7 @@ VIR_ENUM_IMPL(virDomainMemoryModel,
               "nvdimm",
               "virtio-pmem",
               "virtio-mem",
+              "sgx-epc",
 );
 
 VIR_ENUM_IMPL(virDomainShmemModel,
@@ -5680,6 +5681,7 @@ virDomainMemoryDefPostParse(virDomainMemoryDef *mem,
 
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
@@ -14697,6 +14699,20 @@ virDomainMemorySourceDefParseXML(xmlNodePtr node,
         def->nvdimmPath = virXPathString("string(./path)", ctxt);
         break;
 
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+        if ((nodemask = virXPathString("string(./nodemask)", ctxt))) {
+            if (virBitmapParse(nodemask, &def->sourceNodes,
+                               VIR_DOMAIN_CPUMASK_LEN) < 0)
+                return -1;
+
+            if (virBitmapIsAllClear(def->sourceNodes)) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                               _("Invalid value of 'nodemask': %s"), nodemask);
+                return -1;
+            }
+        }
+        break;
+
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
@@ -14765,6 +14781,7 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node,
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
     }
@@ -16561,6 +16578,7 @@ virDomainMemoryFindByDefInternal(virDomainDef *def,
                 continue;
             break;
 
+        case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
         case VIR_DOMAIN_MEMORY_MODEL_NONE:
         case VIR_DOMAIN_MEMORY_MODEL_LAST:
             break;
@@ -26153,6 +26171,15 @@ virDomainMemorySourceDefFormat(virBuffer *buf,
         virBufferEscapeString(&childBuf, "<path>%s</path>\n", def->nvdimmPath);
         break;
 
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+        if (def->sourceNodes) {
+            if (!(bitmap = virBitmapFormat(def->sourceNodes)))
+                return -1;
+
+            virBufferAsprintf(&childBuf, "<nodemask>%s</nodemask>\n", bitmap);
+        }
+        break;
+
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 4c8c42b7eb..a15798463c 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2559,6 +2559,7 @@ typedef enum {
     VIR_DOMAIN_MEMORY_MODEL_NVDIMM, /* nvdimm memory device */
     VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM, /* virtio-pmem memory device */
     VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM, /* virtio-mem memory device */
+    VIR_DOMAIN_MEMORY_MODEL_SGX_EPC, /* SGX enclave page cache */
 
     VIR_DOMAIN_MEMORY_MODEL_LAST
 } virDomainMemoryModel;
diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index 28b0481d4e..c8f03cb844 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -2231,6 +2231,15 @@ virDomainMemoryDefValidate(const virDomainMemoryDef *mem,
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
         break;
 
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+        if (mem->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("memory device address is not supported for model 
'%s'"),
+                           virDomainMemoryModelTypeToString(mem->model));
+            return -1;
+        }
+        break;
+
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
     default:
diff --git a/src/conf/schemas/domaincommon.rng 
b/src/conf/schemas/domaincommon.rng
index da2fb0d5cb..c6377b2e90 100644
--- a/src/conf/schemas/domaincommon.rng
+++ b/src/conf/schemas/domaincommon.rng
@@ -6833,6 +6833,7 @@
           <value>nvdimm</value>
           <value>virtio-pmem</value>
           <value>virtio-mem</value>
+          <value>sgx-epc</value>
         </choice>
       </attribute>
       <optional>
diff --git a/src/qemu/qemu_alias.c b/src/qemu/qemu_alias.c
index 7efd91051e..5ebeb82f92 100644
--- a/src/qemu/qemu_alias.c
+++ b/src/qemu/qemu_alias.c
@@ -515,6 +515,9 @@ qemuAssignDeviceMemoryAlias(virDomainDef *def,
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
         prefix = "virtiomem";
         break;
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+        prefix = "epc";
+        break;
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
     default:
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index b307d3139c..7ca183ded7 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4010,6 +4010,7 @@ qemuBuildMemoryDeviceProps(virQEMUDriverConfig *cfg,
             return NULL;
         break;
 
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
     default:
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 60ed358871..fc64a5ca9c 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -8448,6 +8448,7 @@ qemuDomainUpdateMemoryDeviceInfo(virQEMUDriver *driver,
             break;
 
         case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+        case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
         case VIR_DOMAIN_MEMORY_MODEL_NONE:
         case VIR_DOMAIN_MEMORY_MODEL_LAST:
             break;
@@ -9129,6 +9130,12 @@ qemuDomainDefValidateMemoryHotplugDevice(const 
virDomainMemoryDef *mem,
         }
         break;
 
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("hotplug is not supported for the %s device"),
+                       virDomainMemoryModelTypeToString(mem->model));
+            return -1;
+
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         return -1;
@@ -9164,7 +9171,7 @@ int
 qemuDomainDefValidateMemoryHotplug(const virDomainDef *def,
                                    const virDomainMemoryDef *mem)
 {
-    unsigned int nmems = def->nmems;
+    unsigned int hotplugNum = 0;
     unsigned long long hotplugSpace;
     unsigned long long hotplugMemory = 0;
     size_t i;
@@ -9172,15 +9179,37 @@ qemuDomainDefValidateMemoryHotplug(const virDomainDef 
*def,
     hotplugSpace = def->mem.max_memory - virDomainDefGetMemoryInitial(def);
 
     if (mem) {
-        nmems++;
+        hotplugNum++;
         hotplugMemory = mem->size;
 
         if (qemuDomainDefValidateMemoryHotplugDevice(mem, def) < 0)
             return -1;
     }
 
+    for (i = 0; i < def->nmems; i++) {
+        switch (def->mems[i]->model) {
+        case VIR_DOMAIN_MEMORY_MODEL_DIMM:
+        case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+        case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+        case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+            hotplugMemory += def->mems[i]->size;
+            hotplugNum++;
+            /* already existing devices don't need to be checked on hotplug */
+            if (!mem &&
+                qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def) < 
0)
+                return -1;
+            break;
+
+        case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+            /* sgx epc memory does not support hotplug */
+        case VIR_DOMAIN_MEMORY_MODEL_LAST:
+        case VIR_DOMAIN_MEMORY_MODEL_NONE:
+            break;
+        }
+    }
+
     if (!virDomainDefHasMemoryHotplug(def)) {
-        if (nmems) {
+        if (hotplugNum) {
             virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                            _("cannot use/hotplug a memory device when domain "
                              "'maxMemory' is not defined"));
@@ -9203,22 +9232,13 @@ qemuDomainDefValidateMemoryHotplug(const virDomainDef 
*def,
         }
     }
 
-    if (nmems > def->mem.memory_slots) {
+    if (hotplugNum > def->mem.memory_slots) {
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                        _("memory device count '%u' exceeds slots count '%u'"),
-                       nmems, def->mem.memory_slots);
+                       hotplugNum, def->mem.memory_slots);
         return -1;
     }
 
-    for (i = 0; i < def->nmems; i++) {
-        hotplugMemory += def->mems[i]->size;
-
-        /* already existing devices don't need to be checked on hotplug */
-        if (!mem &&
-            qemuDomainDefValidateMemoryHotplugDevice(def->mems[i], def) < 0)
-            return -1;
-    }
-
     if (hotplugMemory > hotplugSpace) {
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                        _("memory device total size exceeds hotplug space"));
diff --git a/src/qemu/qemu_domain_address.c b/src/qemu/qemu_domain_address.c
index 753733d1b9..a111ae4d0c 100644
--- a/src/qemu/qemu_domain_address.c
+++ b/src/qemu/qemu_domain_address.c
@@ -389,6 +389,7 @@ qemuDomainPrimeVirtioDeviceAddresses(virDomainDef *def,
         case VIR_DOMAIN_MEMORY_MODEL_NONE:
         case VIR_DOMAIN_MEMORY_MODEL_DIMM:
         case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+        case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
         case VIR_DOMAIN_MEMORY_MODEL_LAST:
             break;
         }
@@ -1039,6 +1040,7 @@ 
qemuDomainDeviceCalculatePCIConnectFlags(virDomainDeviceDef *dev,
         case VIR_DOMAIN_MEMORY_MODEL_NONE:
         case VIR_DOMAIN_MEMORY_MODEL_DIMM:
         case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+        case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
         case VIR_DOMAIN_MEMORY_MODEL_LAST:
             return 0;
         }
@@ -2421,6 +2423,7 @@ qemuDomainAssignDevicePCISlots(virDomainDef *def,
         case VIR_DOMAIN_MEMORY_MODEL_NONE:
         case VIR_DOMAIN_MEMORY_MODEL_DIMM:
         case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
+        case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
         case VIR_DOMAIN_MEMORY_MODEL_LAST:
             break;
         }
@@ -3081,6 +3084,7 @@ qemuDomainAssignMemoryDeviceSlot(virDomainObj *vm,
         return qemuDomainEnsurePCIAddress(vm, &dev);
         break;
 
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
@@ -3107,6 +3111,7 @@ qemuDomainReleaseMemoryDeviceSlot(virDomainObj *vm,
         qemuDomainReleaseDeviceAddress(vm, &mem->info);
         break;
 
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
@@ -3140,6 +3145,7 @@ qemuDomainAssignMemorySlots(virDomainDef *def)
         case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
             /* handled in qemuDomainAssignPCIAddresses() */
             break;
+        case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
         case VIR_DOMAIN_MEMORY_MODEL_NONE:
         case VIR_DOMAIN_MEMORY_MODEL_LAST:
             break;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 3b5c3db67c..79a6c420c0 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -7156,6 +7156,7 @@ qemuDomainChangeMemoryLiveValidateChange(const 
virDomainMemoryDef *oldDef,
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
     case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
                        _("cannot modify memory of model '%s'"),
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 771a623ef7..b907387f21 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3935,6 +3935,7 @@ qemuProcessDomainMemoryDefNeedHugepagesPath(const 
virDomainMemoryDef *mem,
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         /* None of these can be backed by hugepages. */
         return false;
@@ -4009,6 +4010,7 @@ qemuProcessNeedMemoryBackingPath(virDomainDef *def,
         case VIR_DOMAIN_MEMORY_MODEL_NONE:
         case VIR_DOMAIN_MEMORY_MODEL_NVDIMM:
         case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
+        case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
         case VIR_DOMAIN_MEMORY_MODEL_LAST:
             /* Backed by user provided path. Not stored in memory
              * backing dir anyway. */
diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c
index 39210ba65b..fbbfedd095 100644
--- a/src/qemu/qemu_validate.c
+++ b/src/qemu/qemu_validate.c
@@ -5173,6 +5173,14 @@ qemuValidateDomainDeviceDefMemory(virDomainMemoryDef 
*mem,
         }
         break;
 
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
+        if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SGX_EPC)) {
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                           _("sgx epc isn't supported by this QEMU binary"));
+            return -1;
+        }
+        break;
+
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index 008384dee8..36e8ce42b5 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -687,6 +687,7 @@ AppArmorSetMemoryLabel(virSecurityManager *mgr,
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
     }
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 21cebae694..d94995c9cf 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -1853,6 +1853,7 @@ virSecurityDACRestoreMemoryLabel(virSecurityManager *mgr,
 
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
         ret = 0;
@@ -2040,6 +2041,7 @@ virSecurityDACSetMemoryLabel(virSecurityManager *mgr,
 
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
         ret = 0;
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index e2f34a27dc..6657663483 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1580,6 +1580,7 @@ virSecuritySELinuxSetMemoryLabel(virSecurityManager *mgr,
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         break;
     }
@@ -1608,6 +1609,7 @@ virSecuritySELinuxRestoreMemoryLabel(virSecurityManager 
*mgr,
 
     case VIR_DOMAIN_MEMORY_MODEL_DIMM:
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_MEM:
+    case VIR_DOMAIN_MEMORY_MODEL_SGX_EPC:
     case VIR_DOMAIN_MEMORY_MODEL_NONE:
     case VIR_DOMAIN_MEMORY_MODEL_LAST:
         ret = 0;
diff --git a/tests/qemuxml2argvdata/sgx-epc-numa.xml 
b/tests/qemuxml2argvdata/sgx-epc-numa.xml
new file mode 100644
index 0000000000..f28b06dd79
--- /dev/null
+++ b/tests/qemuxml2argvdata/sgx-epc-numa.xml
@@ -0,0 +1,50 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219100</memory>
+  <currentMemory unit='KiB'>219100</currentMemory>
+  <vcpu placement='static'>2</vcpu>
+  <cpu>
+    <numa>
+      <cell id="0" cpus="0" memory="109550" unit="KiB"/>
+      <cell id="1" cpus="1" memory="109550" unit="KiB"/>
+    </numa>
+  </cpu>
+  <os>
+    <type arch='x86_64' machine='q35'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <controller type='pci' index='0' model='pcie-root'/>
+    <controller type='usb' index='0' model='none'/>
+    <controller type='sata' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' 
function='0x2'/>
+    </controller>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <audio id='1' type='none'/>
+    <memory model='sgx-epc'>
+      <source>
+        <nodemask>0-1</nodemask>
+      </source>
+      <target>
+        <size unit='MiB'>64</size>
+        <node>0</node>
+      </target>
+    </memory>
+    <memory model='sgx-epc'>
+      <source>
+        <nodemask>2-3</nodemask>
+      </source>
+      <target>
+        <size unit='MiB'>16</size>
+        <node>1</node>
+      </target>
+    </memory>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2argvdata/sgx-epc.xml 
b/tests/qemuxml2argvdata/sgx-epc.xml
new file mode 100644
index 0000000000..65ae8ae296
--- /dev/null
+++ b/tests/qemuxml2argvdata/sgx-epc.xml
@@ -0,0 +1,36 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219100</memory>
+  <currentMemory unit='KiB'>219100</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='x86_64' machine='q35'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <controller type='pci' index='0' model='pcie-root'/>
+    <controller type='usb' index='0' model='none'/>
+    <controller type='sata' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' 
function='0x2'/>
+    </controller>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <audio id='1' type='none'/>
+    <memory model='sgx-epc'>
+      <target>
+        <size unit='MiB'>64</size>
+      </target>
+    </memory>
+    <memory model='sgx-epc'>
+      <target>
+        <size unit='MiB'>16</size>
+      </target>
+    </memory>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml 
b/tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml
new file mode 100644
index 0000000000..ceab82110c
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/sgx-epc-numa.x86_64-latest.xml
@@ -0,0 +1,64 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219100</memory>
+  <currentMemory unit='KiB'>219100</currentMemory>
+  <vcpu placement='static'>2</vcpu>
+  <os>
+    <type arch='x86_64' machine='q35'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <cpu mode='custom' match='exact' check='none'>
+    <model fallback='forbid'>qemu64</model>
+    <numa>
+      <cell id='0' cpus='0' memory='109550' unit='KiB'/>
+      <cell id='1' cpus='1' memory='109550' unit='KiB'/>
+    </numa>
+  </cpu>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <controller type='pci' index='0' model='pcie-root'/>
+    <controller type='usb' index='0' model='none'/>
+    <controller type='sata' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' 
function='0x2'/>
+    </controller>
+    <controller type='pci' index='1' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='1' port='0x8'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' 
function='0x0' multifunction='on'/>
+    </controller>
+    <controller type='pci' index='2' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='2' port='0x9'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' 
function='0x1'/>
+    </controller>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <audio id='1' type='none'/>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' 
function='0x0'/>
+    </memballoon>
+    <memory model='sgx-epc'>
+      <source>
+        <nodemask>0-1</nodemask>
+      </source>
+      <target>
+        <size unit='KiB'>65536</size>
+        <node>0</node>
+      </target>
+    </memory>
+    <memory model='sgx-epc'>
+      <source>
+        <nodemask>2-3</nodemask>
+      </source>
+      <target>
+        <size unit='KiB'>16384</size>
+        <node>1</node>
+      </target>
+    </memory>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2xmloutdata/sgx-epc.x86_64-6.2.0.xml 
b/tests/qemuxml2xmloutdata/sgx-epc.x86_64-6.2.0.xml
new file mode 100644
index 0000000000..06cc3e7a44
--- /dev/null
+++ b/tests/qemuxml2xmloutdata/sgx-epc.x86_64-6.2.0.xml
@@ -0,0 +1,52 @@
+<domain type='qemu'>
+  <name>QEMUGuest1</name>
+  <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+  <memory unit='KiB'>219100</memory>
+  <currentMemory unit='KiB'>219100</currentMemory>
+  <vcpu placement='static'>1</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-q35-6.2'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <cpu mode='custom' match='exact' check='none'>
+    <model fallback='forbid'>qemu64</model>
+  </cpu>
+  <clock offset='utc'/>
+  <on_poweroff>destroy</on_poweroff>
+  <on_reboot>restart</on_reboot>
+  <on_crash>destroy</on_crash>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <controller type='pci' index='0' model='pcie-root'/>
+    <controller type='usb' index='0' model='none'/>
+    <controller type='sata' index='0'>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x1f' 
function='0x2'/>
+    </controller>
+    <controller type='pci' index='1' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='1' port='0x8'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' 
function='0x0' multifunction='on'/>
+    </controller>
+    <controller type='pci' index='2' model='pcie-root-port'>
+      <model name='pcie-root-port'/>
+      <target chassis='2' port='0x9'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' 
function='0x1'/>
+    </controller>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <audio id='1' type='none'/>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' 
function='0x0'/>
+    </memballoon>
+    <memory model='sgx-epc'>
+      <target>
+        <size unit='KiB'>65536</size>
+      </target>
+    </memory>
+    <memory model='sgx-epc'>
+      <target>
+        <size unit='KiB'>16384</size>
+      </target>
+    </memory>
+  </devices>
+</domain>
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index 4ad6b4dac1..774da004b7 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -1456,6 +1456,9 @@ mymain(void)
     DO_TEST_CAPS_LATEST("channel-qemu-vdagent");
     DO_TEST_CAPS_LATEST("channel-qemu-vdagent-features");
 
+    DO_TEST_CAPS_VER("sgx-epc", "6.2.0");
+    DO_TEST_CAPS_LATEST("sgx-epc-numa");
+
  cleanup:
     if (getenv("LIBVIRT_SKIP_CLEANUP") == NULL)
         virFileDeleteTree(fakerootdir);
-- 
2.25.1

Reply via email to