libvirt driver launching AMD SEV-encrypted instances

Addressed by: https://review.opendev.org/609779
    Add spec for libvirt driver launching AMD SEV-encrypted instances

Gerrit topic: https://review.opendev.org/#/q/topic:bp/amd-sev-libvirt-support

Approved for Stein. -- mriedem 20190103

Addressed by: https://review.opendev.org/628252
    AMD SEV: address final feedback received prior to merge

Addressed by: https://review.opendev.org/633855
    Add detection of SEV support from QEMU/AMD-SP/libvirt on AMD hosts

Addressed by: https://review.opendev.org/635608
   Add HW_CPU_AMD_SEV trait

Addressed by: https://review.opendev.org/636334
    Extract SEV-specific bits on host detection

Addressed by: https://review.opendev.org/636318
    Add <launchSecurity> element to libvirt guest XML for AMD SEV

Addressed by: https://review.opendev.org/638680
    Add new "supports_amd_sev" capability to libvirt driver

Addressed by: https://review.opendev.org/640483
    Parse <emulator> elements from virConnectGetCapabilities()

Addressed by: https://review.opendev.org/641994
    Re-approve AMD SEV support for Train

This did not complete in the Stein release so I am deferring to the Train release. Remember to re-propose the spec for Train as necessary: https://specs.openstack.org/openstack/nova-specs/readme.html#previously-approved-specifications -- mriedem 20190311

Addressed by: https://review.opendev.org/644554
    Move libvirt calculation of machine type to utils.py

Addressed by: https://review.opendev.org/636301
    Fix memtune parameters according to libvirt docs

Addressed by: https://review.opendev.org/644564
    Add iommu driver to devices

Gerrit topic: https://review.opendev.org/#/q/topic:bp/gracefully-handle-qemu-machine-types

Addressed by: https://review.opendev.org/655268
    Add infrastructure for invoking libvirt's getDomainCapabilities API

Re-approved for Train. -- mriedem 20190424

Addressed by: https://review.opendev.org/655717
    Update SEV work item to new approach based on MEM_ENCRYPTION_CONTEXT

Addressed by: https://review.opendev.org/662105
    Track inventory for new MEM_ENCRYPTION_CONTEXT resource class

Addressed by: https://review.opendev.org/644565
    Detect that SEV is required and enable iommu for devices

Addressed by: https://review.opendev.org/662555
    Use fake flavor instead of empty dict in test

Addressed by: https://review.opendev.org/662556
    Pass extra_specs to flavor in vif tests

Addressed by: https://review.opendev.org/662557
    Use launchSecurity element when SEV was required

Addressed by: https://review.opendev.org/662558
    Enable memory locking if SEV is requested

Addressed by: https://review.opendev.org/664397
    Change new image property to hw_mem_encryption

Addressed by: https://review.opendev.org/664420
    Add extra spec parameter and image property for memory encryption

Addressed by: https://review.opendev.org/666616
    Track inventory for new MEM_ENCRYPTION_CONTEXT resource class

Addressed by: https://review.opendev.org/666617
    WIP: Document AMD SEV support for encrypted VMs in libvirt

Addressed by: https://review.opendev.org/670189
    libvirt: harden get_domain_capabilities

Addressed by: https://review.opendev.org/673151
    Enhance parsing of domain capabilities and track canonical machine types

Addressed by: https://review.opendev.org/673152
    Enhance parsing of domain capabilities and track canonical machine types

Addressed by: https://review.opendev.org/674628
    Allow assertXmlEqual() to pass options to matchers.XMLMatches

Addressed by: https://review.opendev.org/674629
    Fix libvirt driver tests to use LibvirtConfigCapsGuest instances

Addressed by: https://review.opendev.org/676964
    Extract new base class for provider usage functional tests

Addressed by: https://review.opendev.org/677710
    Split fake host capabilities into reusable variables

Addressed by: https://review.opendev.org/679339
    Indent fake libvirt host capabilities fixtures more nicely

Addressed by: https://review.opendev.org/679340
    libvirt/host.py: remove unnecessary temporary variable

Addressed by: https://review.opendev.org/679568
    Make _get_cpu_feature_traits() always return a dict

Addressed by: https://review.opendev.org/680065
    Ensure q35 machine type is used when booting with SEV

Addressed by: https://review.opendev.org/680158
    Reject live migration and suspend on SEV guests

Addressed by: https://review.opendev.org/680526
    Extract fake KVM guest fixture for reuse

Addressed by: https://review.opendev.org/680527
    Move get_machine_type() test to test_utils.py

Addressed by: https://review.opendev.org/681254
    Improve SEV documentation and other minor tweaks

[efried 20190911] Marking complete. The only remaining artifacts are docs & tempest tests.

Addressed by: https://review.opendev.org/684825
    Set iommu driver for virtio controllers too

Addressed by: https://review.opendev.org/685756
    Also enable iommu for virtio controllers in libvirt

Addressed by: https://review.opendev.org/686414
    docs: Highlight the current broken state of SEV

Addressed by: https://review.opendev.org/693072
    Create a controller for qga when SEV is used

Addressed by: https://review.opendev.org/696697
    Switch to uses_virtio to enable iommu driver for AMD SEV

Addressed by: https://review.opendev.org/698738
    Switch to uses_virtio to enable iommu driver for AMD SEV

Addressed by: https://review.opendev.org/698739
    Create a controller for qga when SEV is used

Addressed by: https://review.opendev.org/698746
    Revert "docs: Highlight the current broken state of SEV" (partially)