Add a resource class representing the number of guests a compute node
can host concurrently with memory encrypted at the hardware level.
Initially this is required because on AMD SEV-capable hardware, the
memory controller has a fixed number of slots for holding encryption
keys, one per guest. Typical hardware only has 15 slots, thereby
limiting the number of SEV guests which can be run concurrently to 15.
nova needs to track how many slots are available and used in order to
avoid attempting to exceeding that limit in the hardware.
In the future support may be added for equivalent functionality from
other vendors, such as Intel MKTME; however it is not yet known
whether MKTME would have a similar limit.
See
http://specs.openstack.org/openstack/nova-specs/specs/train/approved/amd-sev-libvirt-support.html
for more details, and
http://eavesdrop.openstack.org/irclogs/%23openstack-nova/%23openstack-nova.2019-04-23.log.html#t2019-04-23T20:35:19https://review.opendev.org/#/c/641994/
for the bike-shedding discussion over the name.
Change-Id: I97a015d4070db947e4b96fb35021da01d61016cc
blueprint: amd-sev-libvirt-support
3c8a66a1c9