From nobody Wed May 14 19:28:01 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1520529229195598.1310996287505; Thu, 8 Mar 2018 09:13:49 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8D63D2D1CA; Thu, 8 Mar 2018 17:13:47 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4EF027DEEC; Thu, 8 Mar 2018 17:13:47 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B4582180613A; Thu, 8 Mar 2018 17:13:42 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w28HDT1D014144 for ; Thu, 8 Mar 2018 12:13:29 -0500 Received: by smtp.corp.redhat.com (Postfix) id CDE6C84701; Thu, 8 Mar 2018 17:13:28 +0000 (UTC) Received: from mx1.redhat.com (ext-mx01.extmail.prod.ext.phx2.redhat.com [10.5.110.25]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BF243190C3; Thu, 8 Mar 2018 17:13:14 +0000 (UTC) Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0043.outbound.protection.outlook.com [104.47.37.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 06DA07FEA2; Thu, 8 Mar 2018 17:12:35 +0000 (UTC) Received: from wsp141597wss.amd.com (165.204.78.1) by DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Thu, 8 Mar 2018 17:12:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=XfxigtRL+/8jKsrEa0Z+mDmP2o9hoWCJxQOUUsWyToQ=; b=PQTEuwrFJgeP+uqRnC+5fCCfKQYqY7p6ca6yE5V6LxQ6AsWeS0APU07Q0RbuX/fYPgP4zp9Q5wrUqPa1yLWHRs5tPDHuAQYdkqrEgow9qHv8TLT75Pv+Ex0GZSFU9tuAhQCXD9jP6LYj3DTHUV6JBDaLiNqoXRnHwsj4EPD+MQY= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: libvir-list@redhat.com Date: Thu, 8 Mar 2018 11:12:00 -0600 Message-Id: <20180308171208.54369-2-brijesh.singh@amd.com> In-Reply-To: <20180308171208.54369-1-brijesh.singh@amd.com> References: <20180308171208.54369-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR11CA0037.namprd11.prod.outlook.com (2603:10b6:404:4b::23) To DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 9df7a171-76b5-4859-e52c-08d58517c7ba X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:DM2PR12MB0156; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 3:UrdsyGIZifPNFvLgKFS83aYsQSTESjgQt3LSaz2EEj1Fh6VchRHULO2rcQDb1w/D7GJw4ZuTxDWUBQgzWsJGDMpgr4Hw0L2MievVIFtxuPVE0NF2pXjcEe434GSYBW4MI83XkZw94axpv6Ek1MXVCY5R7VwoE7hNXzmHY1aJOds4HtYp82Ss/PZcUkflhkL2ZIGpyfaRXoQ1LtbBU7oO8KFxGw5+yIIMnIdtWrgKgjbUu9mP7MgM1olyo2OlwFGY; 25:165bvlOim6f6SCCn8ReUfoTcLNCCFjTGt2Ec7zTzGMhLDDcwHpxxsRN/nTh9e93VJ+AmuV3rDadrvi6dMZqL9V/vsxcu+E0N29Mm1LQvVDZ3swCDcL+snQQ/C0ssOzIqah0f9EPRMSwaGilwciuEd1oaPECQ1dLGXyAiQLS4EFml4n1z5EiKc4B8lmm/IF878l06rtAv6VztUlXlTF6VLxNE3UTaiXIx9oaKn0r6yAeIxnUmXrOADP4ierLeiSVRWrXyApkBQEmNoGTiMoCMS0PMOA7uMtaxrwW7m1uMR42KGuqNkfsIEYg8Xn+g7YjNfPCCAXUJxNv2oLW4HG9h+Q==; 31:bAbk1eFEnrpLDwuzdlOxvHp/tnhjAe8rtaAYjJ2Y8T+uVA2fK/la50AwgoOttW1ys8Z5uAACHxghecKje19SL/iaP/FGEweW8leWV/eInKsh9QLh2V70BbdT+ZXl9fhRzi/2nMFTYrdy6IovG6oOeZPZBhyh10nk0MtKk5NGO0nIEWaZj7QSY5AgQp6Lrq3cUL6k092dfFCNIdadB5qW1TWceTmTRzXnxs9sTYBTHk4= X-MS-TrafficTypeDiagnostic: DM2PR12MB0156: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:yqEUk4hmw0Ok0aer4P5+5mqJqpK7f+zQp4hTTfVawA3Z95gL3oXwZ23fftnPz5qS7zliXr3gHBocJVuo6RogigNuEeyzZ8NB3Ejfvud/gHNK1maDRq7LB/uJZopw3RuxhDgbdN2OKX+NwfSEfMXSq4Dbus01jjMIjw9muirMfx3NbI+HlWEQLSLDvHTEwD5DOU7iDgMRPK7NKPjRl/q8y1hXbPkTgVYdUYbKtjsplZg0nzj1j50Ow3vANZz/JUk1YSKMe155pXWxTAxMF5DciJWHRKyRcwWJGwejiVWi6fXexbwQkPV5VcUoI+2F7LnhlaQA5tNqwnhsl6Hal1oVjx6G+ExJL8OD4Y8vprlU8/KVHHrwHbWBagf9a6TKGCaPgSckczGAUbbOrnXSfdbfDoClsKW1T+KIJ0xrMMnxyLxEpHTFiK+GsgrKCDq4tU+/m9jnG86vPvL8hc8///5HqcgV1zOFjvM/heWh6iwApx/b7tLRwudH60gjLxpnMjPV; 4:JW+tFO5rOyS342sDhmdRhCsPgFYumZiwFOfaqcwpF5Yv026Xdn239RaQGb2mIkMFe9Otcnk1encrTWsfr1JiJkx7Fd2Kc0X1Rf2RhSg9UJPoW8P05rdP+NxAjN/0KptwnQDMGLhbggWpE0+koaQvN2pawXvzf1+9/47IoAvY6Pq7+YR78ONlSB1tDjiCRaKNeRcuLScvmDKo7qWdTetttbjRasonPmmhePo2GbwhCbLgkRV8ZAnW5j1oD0GiPKHQeZo182QOyQIOjODehjEj4A069G7Bx96I+MFcpzGthCglPneWSYIfnOmix9clWKgG X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231220)(944501244)(52105095)(6055026)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(20161123564045)(6072148)(201708071742011); SRVR:DM2PR12MB0156; BCL:0; PCL:0; RULEID:; SRVR:DM2PR12MB0156; X-Forefront-PRVS: 060503E79B X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(366004)(346002)(39860400002)(396003)(376002)(39380400002)(199004)(189003)(5660300001)(16526019)(16586007)(478600001)(3846002)(6116002)(7696005)(52116002)(51416003)(76176011)(6486002)(25786009)(4326008)(316002)(59450400001)(26005)(1076002)(54906003)(86362001)(186003)(386003)(6666003)(2361001)(106356001)(2351001)(53416004)(8676002)(81166006)(81156014)(50226002)(53936002)(2950100002)(6916009)(2906002)(97736004)(68736007)(66066001)(47776003)(305945005)(7736002)(8936002)(36756003)(50466002)(48376002)(105586002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0156; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR12MB0156; 23:+zzYUfMtgnHjC/nKQEF4x9Ao/vMlRn2Z///bo3PY+?= =?us-ascii?Q?CIsX/rITLspprnvIY7hMPGVVeChgvB9vaZlyJ78ANqqP2cJwLo4cp8Bql0Go?= =?us-ascii?Q?BGbaeuPWwcN7t8ELdkbmgoZwAa6ds/zCS3z9p59AWXDz6ZQdlEvODfnkmdi5?= =?us-ascii?Q?64X9X7kEDQWz5IFtA22GLNTUZsuY3Qubp4gOT7GMaEuCGbBHtsZ8icuKvlD+?= =?us-ascii?Q?lODFQhmtnlm+u0CYIxNWQIWQrGrWZ7jIKS3vTzL/DnVt2cKEtzd5py1CA3VS?= =?us-ascii?Q?Dn/m8uLQcvR2PA+wJl0eOfAfMVL9Q0rhCZPnIV/B1AjxJgVRLrBDY0cCQIb0?= =?us-ascii?Q?fmCgWeUF+gz3Nu5jv29uqzb62Fx/SJNl/0y5XuiqqYxGrm4JJpU1rPIwOHlD?= =?us-ascii?Q?GiZ+0QHdkBqNVCNBFuPaUzy2fWgQqux+NEuJ6zfGShEXFViGmGr2ztmPFUcu?= =?us-ascii?Q?o3g7+mPe6J7cS5KsdueUcPzbaYplaaXPjCYmcA6+Os/7HXRnVObHqUd/iRT8?= =?us-ascii?Q?1OvpclpiWufbITC101PMV3gPh7sGydNveh9Szn36Om0F8NzNtOOBcmeMd5+z?= =?us-ascii?Q?g6Nm2FQob4tPhDT5kxdJpZaF6fQXFRbUoodI2lQZm6LdvkqsWG65IXk1O5dq?= =?us-ascii?Q?Jp1Sh0xsML204ByfCZnlGJuOlE+Mwti++drXGMcPqE6ZDiuififWbsnWtGMB?= =?us-ascii?Q?3hQafP1HsnRYFLIZYOebtAqfIyxgMbsXiY0s5+8xkHm6Lfl1lWCOVmdDz58p?= =?us-ascii?Q?IpNXcTQpigZIaVf6mO+sxuyNXgQEs1hkg1ppwVlh4rHX3QE87AN7WcXUUVdM?= =?us-ascii?Q?fj/R4/vMpRTsEiyGwvj4s8nk9kQ1NKe2CdF9OKee81jNEaz0VgsIY7hcY61q?= =?us-ascii?Q?jCchY+vUjxLJUycbgf/8gOX/DO51OI4T0ftL7aS1fzGrMPtn7hukF0XEGJn5?= =?us-ascii?Q?Z3M2zy2S7Sva6Ich4kiUBVwdyRHoFeHT1E+8JwZuoFw4HFWPlYguEFevVxlT?= =?us-ascii?Q?xvm4rTsjHWr/XIUexOmOB+uRpWb3Z6KpErxja4yBr1Er99fzZYUAt6W3c17J?= =?us-ascii?Q?eEoUJfJN6MpKvNpcT0s0gqPgNTE6N/B/bbpEo86/Am83YvdHX6Yw4Bewd+pU?= =?us-ascii?Q?VxAGW1I1ImFTItFLry4KCWdfOjKwGginELQpyzsxLveYZLypd7FJZgCUfT4B?= =?us-ascii?Q?d4BjrEwfxtQ22qUSjhhWwyI1DxogaZuwfBD?= X-Microsoft-Antispam-Message-Info: FGtSFGgYtbkigqQKa41XFP7P32YOaEuJ177oevE8PgmY2C37QNGn+Qy7Zz5awnt/rvhvlAYyeKv3CvyppneeCu2WPeYuAA0nSCkCP1AqTDYkVXjolFo6snJw7DW+pL72ysjlBm1bWEQIq2Q9jOvxMGd5KA6pv1jq7z6+hK1rxabUZpELzFy3CPray6o/E8Tp X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 6:LXFSfbgxfouR2Hj2s5679Inaf3RNdDGL91k8o3ey3BoRh/kERyrMsAxPx0c9iv8+gaVJEYO80m3mki4iPFC0jRgbm1O96fHJpEsK73k1sCwZ+rylkR1BXBKvQNFuStDzxX6HH4aiaP9LMqRDSrGzRrO3wu06ePoAXnoaCdQmwroofAIkUlKMYWPdmUkpfuZ5fjRDPgn24nbWNyvK9be1cF5e1+b4pvZZvGy15yptqYji0ZH5K2KhR4aQTa4kTxMh0zDK4xTbhsAQSyq8zHyJXpxCoywlRq218v7xMkOUGOwszeKPGstqb5rImo/JCo15G9OoXwiwxNeqVN9TnjC4VZlk5f9+M0I46uUyTn98luA=; 5:RcXlEKKDZAVSRioPoeS3vcegykU4JnmCv3yCb0jZvCXXioTxtKwzE/NcqulpymLNYbE98fHYZeFoQHmFpmZjSpyhzHKQzn9v2zz35lQVUPFKwuiCjb6olmeS0TWZmALS6G0AvJ71JxCk17iNpH5HSJdoTG8bSOV2gF2sNshGF1s=; 24:jVxgxOltjg7NoGkLW3BAnDBCn1WockjGUMduFwUavnOA3CTCxs3GBcn/BbRksma9qXaCAVDsyh1kRf2ZJ3y4lI8IQXvVEcznyIOSs5IPAM8=; 7:/DXVL1E8+0kVblarm992+Bd9FIPoasEorR316fhuZHbKlXxuUjNakW058FqLY1ZB8jR2fiqZ6cccTuHYTgv+AbwAnGlcoKaj1NakAetaDGP9Iskh7AA8uoqMHEUDusHqvLXhwGS+8r9PeoTkKRt3KNArXNAiYuUaAB9E8l34rz8PEDa9XYvzcpHXJzZvTGwcgV3PiX2jFqsJxgYtOfnxKkn++RWdt1yP0HFboBmh7k0pbV3Jecje1JSpZX50E6Qu SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:G70MhlLvdmJp7w7uiiFs3Z9uG1kKAoskjpoW25Z5ECAi9ng/qFCOxIZgNkcLR82Zh6WNPnMPTxNNmmtSdl3Od80gNbSfoGxpDcvpvxjl6Tj3Y0t4+P/7lyPFyuyA+laacWV9Nio+aqI+nUyPpd2YqsosRNLtQhIBI9TLi1cioZE4OgyXJycU3zPEZsxFX7Aqqwv8ENdNsYHRO8T7GmfXanYuvkOmjWGV8d6Dm6ozuZNb6CGm9Ie4Yp11BqLT07xR X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Mar 2018 17:12:31.5699 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9df7a171-76b5-4859-e52c-08d58517c7ba X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0156 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 08 Mar 2018 17:12:35 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 08 Mar 2018 17:12:35 +0000 (UTC) for IP:'104.47.37.43' DOMAIN:'mail-cys01nam02on0043.outbound.protection.outlook.com' HELO:'NAM02-CY1-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.011 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS) 104.47.37.43 mail-cys01nam02on0043.outbound.protection.outlook.com 104.47.37.43 mail-cys01nam02on0043.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.83 on 10.5.110.25 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Peter Krempa , Xiaogang Chen , Jon Grimm , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v2 1/9] qemu: provide support to query the SEV capability X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Thu, 08 Mar 2018 17:13:48 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" QEMU version >=3D 2.12 provides support for launching an encrypted VMs on AMD x86 platform using Secure Encrypted Virtualization (SEV) feature. This patch adds support to query the SEV capability from the qemu. Signed-off-by: Brijesh Singh Reviewed-by: Daniel P. Berrang=C3=A9 --- src/conf/domain_capabilities.h | 13 ++++++++ src/qemu/qemu_capabilities.c | 43 +++++++++++++++++++++++++ src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_capspriv.h | 4 +++ src/qemu/qemu_monitor.c | 9 ++++++ src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 73 ++++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_monitor_json.h | 3 ++ 8 files changed, 149 insertions(+) diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index fa4c1e442f57..83d04d4c8506 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -137,6 +137,19 @@ struct _virDomainCapsCPU { virDomainCapsCPUModelsPtr custom; }; =20 +/* + * SEV capabilities + */ +typedef struct _virSEVCapability virSEVCapability; +typedef virSEVCapability *virSEVCapabilityPtr; +struct _virSEVCapability { + char *pdh; + char *cert_chain; + int cbitpos; + int reduced_phys_bits; +}; + + struct _virDomainCaps { virObjectLockable parent; =20 diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index b5eb8cf46a52..68e3622a3963 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -459,6 +459,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST, "pl011", "machine.pseries.max-cpu-compat", "dump-completed", + "sev", ); =20 =20 @@ -525,6 +526,8 @@ struct _virQEMUCaps { size_t ngicCapabilities; virGICCapability *gicCapabilities; =20 + virSEVCapability *sevCapabilities; + virQEMUCapsHostCPUData kvmCPU; virQEMUCapsHostCPUData tcgCPU; }; @@ -2811,6 +2814,21 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCap= s, qemuCaps->ngicCapabilities =3D ncapabilities; } =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities) +{ + virSEVCapability *cap =3D qemuCaps->sevCapabilities; + + if (cap) { + VIR_FREE(cap->pdh); + VIR_FREE(cap->cert_chain); + } + + VIR_FREE(qemuCaps->sevCapabilities); + + qemuCaps->sevCapabilities =3D capabilities; +} =20 static int virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps, @@ -3318,6 +3336,19 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr qe= muCaps, return 0; } =20 +static int +virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps, + qemuMonitorPtr mon) +{ + virSEVCapability *caps =3D NULL; + + if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0) + return -1; + + virQEMUCapsSetSEVCapabilities(qemuCaps, caps); + + return 0; +} =20 bool virQEMUCapsCPUFilterFeatures(const char *name, @@ -4896,6 +4927,12 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps, virQEMUCapsSet(qemuCaps, QEMU_CAPS_MACHINE_PSERIES_MAX_CPU_COMPAT); } =20 + /* no way to query -object sev-guest */ + if (ARCH_IS_X86(qemuCaps->arch) && + qemuCaps->version >=3D 2012000) { + virQEMUCapsSet(qemuCaps, QEMU_CAPS_SEV); + } + if (virQEMUCapsProbeQMPCommands(qemuCaps, mon) < 0) goto cleanup; =20 @@ -4951,6 +4988,12 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps, virQEMUCapsGet(qemuCaps, QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION)) virQEMUCapsSet(qemuCaps, QEMU_CAPS_CPU_CACHE); =20 + /* Probe for SEV capabilities */ + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV)) { + if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0) + virQEMUCapsClear(qemuCaps, QEMU_CAPS_SEV); + } + ret =3D 0; cleanup: return ret; diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index c2ec2be19311..02acae491ab5 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -444,6 +444,7 @@ typedef enum { QEMU_CAPS_DEVICE_PL011, /* -device pl011 (not user-instantiable) */ QEMU_CAPS_MACHINE_PSERIES_MAX_CPU_COMPAT, /* -machine pseries,max-cpu-= compat=3D */ QEMU_CAPS_DUMP_COMPLETED, /* DUMP_COMPLETED event */ + QEMU_CAPS_SEV, /* -object sev-guest,... */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h index 222f3368e3b6..1fa85cc14f07 100644 --- a/src/qemu/qemu_capspriv.h +++ b/src/qemu/qemu_capspriv.h @@ -86,6 +86,10 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps, virGICCapability *capabilities, size_t ncapabilities); =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities); + int virQEMUCapsParseHelpStr(const char *qemu, const char *str, diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index ad5c572aeefb..195248c88ae1 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4007,6 +4007,15 @@ qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, return qemuMonitorJSONGetGICCapabilities(mon, capabilities); } =20 +int +qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + QEMU_CHECK_MONITOR_JSON(mon); + + return qemuMonitorJSONGetSEVCapabilities(mon, capabilities); +} + =20 int qemuMonitorNBDServerStart(qemuMonitorPtr mon, diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 954ae88e4f64..1b2513650c58 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -755,6 +755,9 @@ int qemuMonitorSetMigrationCapability(qemuMonitorPtr mo= n, int qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + typedef enum { QEMU_MONITOR_MIGRATE_BACKGROUND =3D 1 << 0, QEMU_MONITOR_MIGRATE_NON_SHARED_DISK =3D 1 << 1, /* migration with non-= shared storage with full disk copy */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index a09e93e464b3..94a1af1d3f75 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -6362,6 +6362,79 @@ qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, return ret; } =20 +int +qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + int ret =3D -1; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr caps; + virSEVCapability *capability =3D NULL; + const char *pdh =3D NULL, *cert_chain =3D NULL; + int cbitpos, reduced_phys_bits; + + *capabilities =3D NULL; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-capabilities", + NULL))) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + goto cleanup; + + caps =3D virJSONValueObjectGetObject(reply, "return"); + + if (virJSONValueObjectGetNumberInt(caps, "cbitpos", &cbitpos) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'cbitpos' field is missing")); + goto cleanup; + } + + if (virJSONValueObjectGetNumberInt(caps, "reduced-phys-bits", + &reduced_phys_bits) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'reduced-phys-bits' field is missing")); + goto cleanup; + } + + if (!(pdh =3D virJSONValueObjectGetString(caps, "pdh"))) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'pdh' field is missing")); + goto cleanup; + } + + if (!(cert_chain =3D virJSONValueObjectGetString(caps, "cert-chain")))= { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'cert-chain' field is missing")); + goto cleanup; + } + + if (VIR_ALLOC(capability) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->pdh, pdh) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->cert_chain, cert_chain) < 0) + goto cleanup; + + capability->cbitpos =3D cbitpos; + capability->reduced_phys_bits =3D reduced_phys_bits; + *capabilities =3D capability; + ret =3D 0; + + cleanup: + virJSONValueFree(cmd); + virJSONValueFree(reply); + + return ret; +} + static virJSONValuePtr qemuMonitorJSONBuildInetSocketAddress(const char *host, const char *port) diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index ec243becc4ae..305f789902e9 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -152,6 +152,9 @@ int qemuMonitorJSONSetMigrationCapability(qemuMonitorPt= r mon, int qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + int qemuMonitorJSONMigrate(qemuMonitorPtr mon, unsigned int flags, const char *uri); --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list