From nobody Wed May 14 22:40:42 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1519667651700954.2238777433965; Mon, 26 Feb 2018 09:54:11 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4F4972BBDF6; Mon, 26 Feb 2018 17:54:05 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D25E15C8B4; Mon, 26 Feb 2018 17:54:04 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 450364A46B; Mon, 26 Feb 2018 17:54:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w1QHs1Q4031039 for ; Mon, 26 Feb 2018 12:54:01 -0500 Received: by smtp.corp.redhat.com (Postfix) id 4F2571915E; Mon, 26 Feb 2018 17:54:01 +0000 (UTC) Received: from mx1.redhat.com (ext-mx04.extmail.prod.ext.phx2.redhat.com [10.5.110.28]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 87308190D4; Mon, 26 Feb 2018 17:53:58 +0000 (UTC) Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0082.outbound.protection.outlook.com [104.47.32.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id F15807B9BB; Mon, 26 Feb 2018 17:53:56 +0000 (UTC) Received: from wsp141597wss.amd.com (165.204.78.1) by BY2PR12MB0146.namprd12.prod.outlook.com (10.162.82.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.506.18; Mon, 26 Feb 2018 17:53:53 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=JFxGlkXxruOV5HsE2r81jE6BH/cBPze/8rnhJudv1d0=; b=gRjRT0lHJamKf/EwJXb7iSA7psdV73Exb37xcLLXx3z2WbVqSrJmkRLcur5FjAc/24II08T+Haq6QGwjrYd0BFnz4FxmtBNhPVdo5iMxLhxsxoUSNdU65sVFtJ4JONGLHehe448oGm2mZlqrUrelsCf4Rp/TEAvCWrNgT0PPhe8= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: libvir-list@redhat.com Date: Mon, 26 Feb 2018 11:53:33 -0600 Message-Id: <20180226175336.79815-2-brijesh.singh@amd.com> In-Reply-To: <20180226175336.79815-1-brijesh.singh@amd.com> References: <20180226175336.79815-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR17CA0004.namprd17.prod.outlook.com (10.173.147.14) To BY2PR12MB0146.namprd12.prod.outlook.com (10.162.82.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 986ef25e-0556-4459-bbce-08d57d41e6e4 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:BY2PR12MB0146; X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 3:n5StZg+NCOxJx3rs/YNCOjmUGUKWjK2ugD/FlzyDYh86HKsRkc2DEuEK54g+OSalDsPwwdEGy4T9o5coOyyRWUo7xXhCR/OxL8jVMNNhU3bt7wIVOhEWn+BuW6YaV0wv5v9ltLKYFiimENbPKvupdB5iNO7qajQ+RAeF02RMlL0HsmE5lQv1qkPYfNyaI7tLgoGaXuZu7yjGVnyplBDRILGnfSNfuPdTYyScchyDFFXuno74njb+ec+Z/6O/YzBr; 25:ZmoT9CocxRs3Clv/+7kvVvGX2t5HxuahnF7gD3Ggj88W6C+su8SPYRTuDUIRLLbNSygDYNEubEEj1CBomerS/v9wND1hgj9h+vuTkKayH/hsuUJ/7zRpnbLCfVlFtSlUEbyjyComu7zRSqD0Q0nG4VovE9L1LAGbTPCexFwBEE/AU/GObWkoi+9+aSm1RR5sSR+nsSqHVb3u5NmZTCEtvj8TkAuLMpLMCtPdiFRnAiAJKWS4QQfnY35CZYs3ZJTvQ6DCTFFvmCvBtuYQE/m7EtX8BXtszdQdBNjo06BSup+EHI0N+Y9XMWBDD8Hk5ynvY8FU5yrAQkBBHYpmYQi3CQ==; 31:0q6IRk/pkR8psLH5dXHesS9A5TRDOkOqNGK3qvkttqmugloKu6dx++kUDpO+z6WcQ9ZUQQBO+hxpfPxVcM22b0hxvdBWlnDnzeke53Ig7UFJ8/DGtz3JhkkNS/8DdyjvH8gMcVMCde+j1lYYZ2BYyJHyUMihET0CfiuwDH2SZFYKZRjQM00QcddnxpKPf5ewk+36+BDwer2SV2OtvBh+L8tuOkx7BQPl3lHB4vU/T/4= X-MS-TrafficTypeDiagnostic: BY2PR12MB0146: X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 20:E2cwEv7/ml6Bk4JTD4LMbYmP9j+zUnf8RXrRNOsTXxNRvHm1JsOj0WwiCplVVM9Y/FpLlhj9FzyYrThBwydqHZemKT3+4O14zYdopU4rf73bDdWhW270MhyoAzAfeIkwK/Bbb8EJUOm6cVzWIP/oF/Utff+UAoryd+Vcutf00YexvcVCxAefF7k1WMFXxkJyahGxB/oh6WfVBd9sJYoS5PhYKakq8dRmjT1aszqk6Z0KAzvhlB/9vj3JkwtJEdhS+QRifZpua7/tyVI2BvfTorWrvRXr9uu15fChjhfivmxODuN8dsRZpEsxoCwZmgfdcBRgEHYOfoUHZQBnpffdG+ndRSttRYctv8xRasjbcPEmHlCCoT/h7Ouiwh1pC/3ltDkb+e1zAhk+Dd8OoyxinSPBL/jJD/FRRmzpCNGm7gO7b3/E0GPOGmnGj+u4QE+DL7ZdENjLPL8+Pu+qV9cmVunT0764prliXwhHNbG9B2Vtlh2SVRAT/6nHySG8jLkF; 4:uTuPil/xrYU+emvw04d9N8wU3Nd6uZHvaZxWsCqeUp0omLOIYjXtIVeYdEIxp3po+QiMIjXnxIHJaapbPM1OFZBGJKMqdN+ccg+vJwt5ZK9hkohPBMLZJQQCzTFrCIxJrmPejaIs1MfoRKj5sbD62/wOYrQnnk+A1CqA8/t6ad+ZzXPSlZCBlhvL29mou0d8+iqO54O43ongHuZDolEQhjrsqL3NFELxyhkEJ6u33/IXcKWQNkmnoDMow3RV7Bid6XBPECdgfZvFPAyuaE7ycl0m7qtAvCaAN0dOLChnAPfCqSLdC/OGUHSPBWC9h0i3 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(8121501046)(5005006)(3002001)(3231220)(944501161)(52105095)(93006095)(93001095)(10201501046)(6055026)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(6072148)(201708071742011); SRVR:BY2PR12MB0146; BCL:0; PCL:0; RULEID:; SRVR:BY2PR12MB0146; X-Forefront-PRVS: 05954A7C45 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(376002)(39380400002)(346002)(366004)(396003)(39860400002)(199004)(189003)(53416004)(76176011)(3846002)(8676002)(81156014)(68736007)(186003)(16526019)(6116002)(8936002)(66066001)(36756003)(53936002)(86362001)(54906003)(1076002)(47776003)(26005)(50226002)(316002)(2906002)(81166006)(25786009)(5660300001)(6486002)(478600001)(97736004)(2351001)(50466002)(6916009)(39060400002)(106356001)(7696005)(2361001)(305945005)(52116002)(105586002)(59450400001)(386003)(48376002)(2950100002)(6666003)(4326008)(51416003)(7736002)(16586007); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR12MB0146; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BY2PR12MB0146; 23:1xMn0j2B3Yv63oIlLUVBcU8/tr+HBUgY1VBj9f57G?= =?us-ascii?Q?4kHnkdIOdWIIfnb5m+TOpJwm3GSv8urYmZlzw7rPCh9tjLrNMegmzaEmg3i6?= =?us-ascii?Q?Ipp176Z8Mw93YGpVQkgJfH3g0IHjE94Uix2mhga0r7YywMY46B0a+XtLAHdY?= =?us-ascii?Q?+BGuEHCrRIB+BiDcaDALM+hwLPAdOT2CE0cB6f43ynmOqJ3vaDHRYCXE0qk4?= =?us-ascii?Q?C7LGfRov9HwE66d2ItFsxW9uhz7BztDxoTVt5nUoMA3tEUp1idJnFI4kow1P?= =?us-ascii?Q?6BLfudzr/MCZYfztPRx6TAPApwfF0pHxVn54bwdh9OdsvGS5dweQ1gnf357i?= =?us-ascii?Q?YbWNSUe3K9VUxNOIuJn6cfneCpIBEHTTwM3Zm10sgUy8AYcrBZq4pcaPdzWo?= =?us-ascii?Q?DMvYIK96RGxqEF8xqsmkQnx0PDpFW6iFYgJ3yUQlKXXLx2jJuMvI4Hfa3Qxh?= =?us-ascii?Q?L/VdUpT1rZERqINX7uW4vdiRr67QMGBzPb2T2UNuQtOPEuHSYez7Ad2k/n1t?= =?us-ascii?Q?NIUpKi9canV5Oid6NDpqLcT36k0j6mYjuhwYBqwNynncuB5HQjBuc/aW7qiI?= =?us-ascii?Q?4xwhyhmfdpA5vjDUCkhWzrviSPKZOcBd3Meh7IlU8pqc4/jUwcttwONaKg1f?= =?us-ascii?Q?OiG6UIAT8bukFrmmgeOlieBVCaYS/NgMCbqfi9/pcVMF6taw0XOyf40W8vCK?= =?us-ascii?Q?2PcIlYz5kZ167OHx9r0Iev6XnsDRK5e+o2sCRZeub/1iFIPsX5moXBagEkG8?= =?us-ascii?Q?UHAE0B8KVJls6aqZtZgPCMkZRPQDGcZskBNYhjA+3lhtCrax64yxTSxh43vA?= =?us-ascii?Q?HawmZhbJTfJArqyjmEjLbQdBeRrBivhBpPVwu8jfYp/OUE6OpXySM8D8KA7m?= =?us-ascii?Q?F+D5Ltnnevevr0iUgPmdnw7Swmp1EqoJERgIWI+HHkDwQHsYQzjOe6nFRorJ?= =?us-ascii?Q?8kzvpSYTN1H55znTf1xsb+hCkWip4oqKjAnqEas1uAp8AK2fpNIMpfXSnB6e?= =?us-ascii?Q?hpmcczThJzsckeFpbc4EZvktLiocvTnsktFNd3RN4xIGeK6z6E9wyELU/zDa?= =?us-ascii?Q?gIHqTyqoQTd1ZR0JrZjx/TI6YprCURBO2X5EE/c5U+Nc0u69wAwuHp4pEJAk?= =?us-ascii?Q?0ECfBi7qV0Avtl85Wf5Toagw8vnYn1I1pJJEjPHonUAIc+MrEHKTn5CWEtKT?= =?us-ascii?Q?Rqy9Z3H2trsm6FR3rMUUwON5n+Qdz/3JRqdp4xRoZMOkarLEB6poI1Yvg=3D?= =?us-ascii?Q?=3D?= X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 6:JM7q+BAA4ZyFzqZdviPN91WTrVfBfo4k5mI458Vkqtuk/6pPWFIQrCgAHJjh/246J6XNGX2fifM4QbohmeIY1Za4tTGJvltipt5fBcLGpvF4gtXHxu9dSRwI13cQCIWe/JEhTQ654V6Bo1lwz7fJf2TaudFRDnGrB5f3zO1jRrw6d5qN+pB+MEoq44AxoHC9tJhfsOKvb0EclhRgmBwUrOYStcCOUrRgslT0qrpx27890VtOIDAolkzDKywUd4QpXGrmKok6lftQL6/K0+d04cnQRkiXz/jWVsUUCS3GHetKpXvgsSD06yTptMpJWPf/xgllrHU5v3QstVahBh85a+M01DH5QO5TNTxv5CWvxXo=; 5:j1kvFJXLdxb2vEtmAIRK3L2CSNX+TK/2JHNDjZJh9GIqb4eHqkWj6I5JNmjQvKJsFD7AXyqKoPL/gKefgd5QmkW6y8WBuDV+tvbAyd7Vv0p4klzy+FxHX7rg+4ulc/DEkvXjq7Zte7glkGILsR0ZKilwXdqnkvWogQZPB/Mw3BM=; 24:3rPaYFnwF7Q2xHViqO+IaLG19/XKW9ApE9rOJmuMemAkStj6PrwASTRPmxrm7fYnbg9jvUWsYIy1DFRynQWoPo8kiiNe3h1CoYJavRRFRA8=; 7:gdokn8YhMQe1nD8/lvoZinZR6iGPSCy52r9djJ5bA1LjfZnPFvLapBrB7jhUGPXZ3eiDsgmm/qd5dGvANDykRtNe3UHwJeodoAWRoSDJ2hpuQUX/zZDzRMQ3mq3yflZL2ZPa8Ku2qMkXKXlSXt/xq2LBku0bEJ4HYD2ACx1wA0N+gr75WE0l2SDenZ4ABbzX383TbR7p4kGIgNuujeQvu2ELI7NGUoudlU544iOQeqV7LP0AFVgDpV06DIPIsb/N SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 20:qbH6aOq82QRT31P5n2TFempEgkvHAb3LJvl1WNHgrJ7jDaQdmUuu2+ycN48neLClQM+K4lAfxvJ1DkDvBW1kAMc/Uwypl94qgsy3dDwQVy3mw8Y1SFL+r0jrVFt8Lx7Bifyd2fpQhGpMIUaPPzqnR5L+1tN4hMSUsSf2ze0D/b8q5SmNjsvf61yhljMaNwYMPi0vEIQf3PDVrhN4e8nW8rbQsWjNXe0gFV4tWjKak9+zp9qbLoTD2L/zxKzZzt0F X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2018 17:53:53.2889 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 986ef25e-0556-4459-bbce-08d57d41e6e4 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR12MB0146 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 26 Feb 2018 17:53:57 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 26 Feb 2018 17:53:57 +0000 (UTC) for IP:'104.47.32.82' DOMAIN:'mail-sn1nam01on0082.outbound.protection.outlook.com' HELO:'NAM01-SN1-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.031 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_PASS) 104.47.32.82 mail-sn1nam01on0082.outbound.protection.outlook.com 104.47.32.82 mail-sn1nam01on0082.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.28 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Xiaogang Chen , Jon Grimm , brijesh.ksingh@gmail.com, Brijesh Singh Subject: [libvirt] [PATCH 1/4] qemu: provide support to query the SEV capability X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Mon, 26 Feb 2018 17:54:05 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" QEMU version >=3D 2.12 provides support for launching an encrypted VMs on AMD X86 platform using Secure Encrypted Virtualization (SEV) feature. This patch adds support to query the SEV capability from the qemu. Signed-off-by: Brijesh Singh --- QEMU SEV v9 patch does not have implementation of query-sev-capabilities co= mmand and I am will be adding this command in next QEMU patch round. Command resu= lt will look like this: { "execute": "query-sev-capabilities" } { "return": { "sev": 1, "pdh": "....", "cert-chain": "...", "cbitpos": 47, "reduced-phys-bits": 5}} src/conf/domain_capabilities.h | 14 +++++++ src/qemu/qemu_capabilities.c | 28 +++++++++++++ src/qemu/qemu_capspriv.h | 4 ++ src/qemu/qemu_monitor.c | 9 +++++ src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 92 ++++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_monitor_json.h | 3 ++ 7 files changed, 153 insertions(+) diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index fa4c1e442f57..e13a7fd6ba1b 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -137,6 +137,20 @@ struct _virDomainCapsCPU { virDomainCapsCPUModelsPtr custom; }; =20 +/* + * SEV capabilities + */ +typedef struct _virSEVCapability virSEVCapability; +typedef virSEVCapability *virSEVCapabilityPtr; +struct _virSEVCapability { + bool sev; + char *pdh; + char *cert_chain; + int cbitpos; + int reduced_phys_bits; +}; + + struct _virDomainCaps { virObjectLockable parent; =20 diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index b5eb8cf46a52..2c680528deb8 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -525,6 +525,8 @@ struct _virQEMUCaps { size_t ngicCapabilities; virGICCapability *gicCapabilities; =20 + virSEVCapability *sevCapabilities; + virQEMUCapsHostCPUData kvmCPU; virQEMUCapsHostCPUData tcgCPU; }; @@ -2811,6 +2813,14 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCap= s, qemuCaps->ngicCapabilities =3D ncapabilities; } =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities) +{ + VIR_FREE(qemuCaps->sevCapabilities); + + qemuCaps->sevCapabilities =3D capabilities; +} =20 static int virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps, @@ -3318,6 +3328,19 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr qe= muCaps, return 0; } =20 +static int +virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps, + qemuMonitorPtr mon) +{ + virSEVCapability *caps =3D NULL; + + if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0) + return -1; + + virQEMUCapsSetSEVCapabilities(qemuCaps, caps); + + return 0; +} =20 bool virQEMUCapsCPUFilterFeatures(const char *name, @@ -4951,6 +4974,11 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps, virQEMUCapsGet(qemuCaps, QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION)) virQEMUCapsSet(qemuCaps, QEMU_CAPS_CPU_CACHE); =20 + /* SEV capabilities */ + if (ARCH_IS_X86(qemuCaps->arch)) { + virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon); + } + ret =3D 0; cleanup: return ret; diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h index 222f3368e3b6..1fa85cc14f07 100644 --- a/src/qemu/qemu_capspriv.h +++ b/src/qemu/qemu_capspriv.h @@ -86,6 +86,10 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps, virGICCapability *capabilities, size_t ncapabilities); =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities); + int virQEMUCapsParseHelpStr(const char *qemu, const char *str, diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index ad5c572aeefb..195248c88ae1 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4007,6 +4007,15 @@ qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, return qemuMonitorJSONGetGICCapabilities(mon, capabilities); } =20 +int +qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + QEMU_CHECK_MONITOR_JSON(mon); + + return qemuMonitorJSONGetSEVCapabilities(mon, capabilities); +} + =20 int qemuMonitorNBDServerStart(qemuMonitorPtr mon, diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 954ae88e4f64..1b2513650c58 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -755,6 +755,9 @@ int qemuMonitorSetMigrationCapability(qemuMonitorPtr mo= n, int qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + typedef enum { QEMU_MONITOR_MIGRATE_BACKGROUND =3D 1 << 0, QEMU_MONITOR_MIGRATE_NON_SHARED_DISK =3D 1 << 1, /* migration with non-= shared storage with full disk copy */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index a09e93e464b3..4424abfa7148 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -6362,6 +6362,98 @@ qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, return ret; } =20 +int +qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + int ret =3D -1; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr caps; + virSEVCapability *capability =3D NULL; + const char *pdh =3D NULL, *cert_chain =3D NULL; + bool sev; + int cbitpos, reduced_phys_bits; + + *capabilities =3D NULL; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-capabilities", + NULL))) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + /* If the 'query-sev-capabilities' QMP command was not available + * we simply successfully return zero capabilities. + * This is the case for QEMU <2.12 */ + if (qemuMonitorJSONHasError(reply, "CommandNotFound")) { + ret =3D 0; + goto cleanup; + } + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + goto cleanup; + + caps =3D virJSONValueObjectGetObject(reply, "return"); + + if (virJSONValueObjectGetBoolean(caps, "sev", &sev) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'sev' field is missing")); + goto cleanup; + } + + if (!sev) { + goto cleanup; + } + + if (virJSONValueObjectGetNumberInt(caps, "cbitpos", &cbitpos) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'cbitpos' field is missing")); + goto cleanup; + } + + if (virJSONValueObjectGetNumberInt(caps, "reduced-phys-bits", + &reduced_phys_bits) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'reduced-phys-bits' field is missing")); + goto cleanup; + } + + if (!(pdh =3D virJSONValueObjectGetString(caps, "pdh"))) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'pdh' field is missing")); + goto cleanup; + } + + if (!(cert_chain =3D virJSONValueObjectGetString(caps, "cert-chain")))= { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'cert-chain' field is missing")); + goto cleanup; + } + + if (VIR_ALLOC_N(capability, 1) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->pdh, pdh) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->cert_chain, cert_chain) < 0) + goto cleanup; + + capability->sev =3D true; + capability->cbitpos =3D cbitpos; + capability->reduced_phys_bits =3D reduced_phys_bits; + *capabilities =3D capability; + ret =3D 0; + + cleanup: + virJSONValueFree(cmd); + virJSONValueFree(reply); + + return ret; +} + static virJSONValuePtr qemuMonitorJSONBuildInetSocketAddress(const char *host, const char *port) diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index ec243becc4ae..305f789902e9 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -152,6 +152,9 @@ int qemuMonitorJSONSetMigrationCapability(qemuMonitorPt= r mon, int qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + int qemuMonitorJSONMigrate(qemuMonitorPtr mon, unsigned int flags, const char *uri); --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list