From nobody Wed May 14 15:31:34 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1521099525655771.8861418037823; Thu, 15 Mar 2018 00:38:45 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id BB0107FDE4; Thu, 15 Mar 2018 07:38:40 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7B5F1614E6; Thu, 15 Mar 2018 07:38:40 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id EF02D180BAD5; Thu, 15 Mar 2018 07:38:39 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w2EFkEMb006802 for ; Wed, 14 Mar 2018 11:46:26 -0400 Received: by smtp.corp.redhat.com (Postfix) id 57B2860A9D; Wed, 14 Mar 2018 15:46:14 +0000 (UTC) Received: from mx1.redhat.com (ext-mx04.extmail.prod.ext.phx2.redhat.com [10.5.110.28]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 133A3608F7; Wed, 14 Mar 2018 15:46:11 +0000 (UTC) Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0050.outbound.protection.outlook.com [104.47.37.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 98BCC8046D; Wed, 14 Mar 2018 15:46:09 +0000 (UTC) Received: from wsp141597wss.amd.com (165.204.78.1) by DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.588.14; Wed, 14 Mar 2018 15:46:04 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=3MtC57Fa3awNSOYu7u5B2WGNaHANbJBUw0tR/YbUItI=; b=tbdHSLZnxw7e3Xfi86lZZPA0aq0RT/NeNVKiARrEMuzghCzONQgz/m0LIZKGYMOb3EbxXtZQum23FQLXhdk8SYATnGRaYpGljwZl2F3IOBFiB63mxSAxuZIx3tCYfxfbXthWqglwH8fXQW0WqArTEWc/sFWddnoGkRAqO8AwziM= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: libvir-list@redhat.com Date: Wed, 14 Mar 2018 10:44:27 -0500 Message-Id: <20180314154435.17991-2-brijesh.singh@amd.com> In-Reply-To: <20180314154435.17991-1-brijesh.singh@amd.com> References: <20180314154435.17991-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: MWHPR1701CA0015.namprd17.prod.outlook.com (2603:10b6:301:14::25) To DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 845be3a6-1c95-41b3-c276-08d589c2b26f X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:DM2PR12MB0156; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 3:byhL6DXtIyKB2+70t9K1pu7GMoN92Oq3kAD+OSdbr7MF5vuFVxhZ1U0+yugdyus+WEuOOPDTuq2Uvn3NJcMKQ/ndvvu/Zd1kjB1uwKZWfImTHIHRHDSNup0YZ0tGpp3XqAi5D0DnvBKbbdraFn4KyxSSva2xwOFMyH6y3djNbrVwK4D5ywarSDtDFfRMMDaGOq88/LUkYI4hA+sBG826WUJ/JTNbdgz+VmKVCR8Lxlq2aUWU4WyzSW2JxqcLO5wl; 25:VG68tXooijEA3mPBoJTpkM1hJ2dxoBSyPenB6cuCpx9XWWTFjCO1BPQcP8KklZmaf5RQJHIUo1o5OAoBTXVCW94JsYyrHEGydznAwKExApKdbDWCRpKGdtdNN2df6glupFVZpNv/IoLLsVg5ZzTxuYbG+VQB7w2+rvQiIzRO/WN9ftv27MDcQ8+0vE+sogkjQy1lmmXrDV8A4kKru4fZ0eEaWXVeF3qF8wMnxFUzqNKB05dO3KiTA8ynhoTwS/6PdZuqUg6y2NqUfM5zOnPTeXERVxlYFDzni0VaUON6OBwspZMAJ9X+zMqNGroCFv78NQNV36ebhcVV97siYShgPg==; 31:q8Fm78duPV+7+m6Zvq9tTeIMEpD8YFnvTLVFgQ2oUXrlPNQJo9PHUxTH+JoFPYfN323djlU+E7Fbo7gDRhGRpfzq09/7BUEGRfz6v3kDg4rp9lflNodfTPDMDKC8utDKo4twmI0Jv7EZSvhWwUSZvxnUtQfq3/3cNGIMo0/a1iMuZfBp/gnrYZ5+vI7ILcbHqadTcyyvTbJ4doeVfjgsZ/OE5kKo/EYrEfcdviVb9L4= X-MS-TrafficTypeDiagnostic: DM2PR12MB0156: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:KMeNGo4DkXbFZHVcmnbD9X+hvMXtceGGtuQBy8rYCG+ei18HTcNNzgeGAM6I4YPpOJBbUJrf0aYkV887ksAl8B0oPAH3cifMe8Fx2y4lE8k2prNir0YYhukwDxa03WSaVlCdDX7i8ivRxpJqCRp1pjmQ76jtwaNrAQohTH7GqhjAvDj/h3WMXiJ5X6PJCjkZnDzChlD5pyoC/A4ER2zUyHBhFnXGFXkqbVQQPJPyFPS8Wx21AuLGkVqsaRIGzZprRrD+hKkvi/xo2KQ8IpkqQliSK7YhODu4iKVjpFN1QB9+ph+5sXiYQndWwIGhUAU381yYHjPjwv6Riy8kMF6m+KrB0YGJma8GL6NM51DD5A3/6mjOPO3JMxuUA903/4VglhCvPHj+lTMn5eGEFuif+7KwgD4Y04Mmp11ts4WkpKTD99zEVuUq2AvHNTSqqAAW0ornmpAcOn8GLkJnJkPXIIRW7nvXXbIgWuBd6zSKDRCN83Cr2pEZhawQS8exsJB/; 4:ZzIDpwjHntVf9m2gqE+QX05l7IVDElaQA3PnYBIp/jvhnyLvLp/olVEek7jpd0rVpOrenQdewCftuM696yW1HmqhuY0UnseIw2t0GCVYYac/baEz3BM0+2HfXpngzt953PYvnmvJCOQ/b2C3hWFgPiIX/OrToiwX1/VIG8qmr8xf6CS664n3+RavocKYtEhmt8paAAinfjwLDnUjQAbiZ2EiBStqLxtrQffPTfY4QYAx6EocEEoouZz+SOsinua4Yp9NeBR4zWxgwvXFr2JNizrDTPffh6VfZmuua3A23Axll4OGDTOpZ2/2Db2jgGTF X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(3002001)(3231221)(944501244)(52105095)(93006095)(93001095)(6055026)(6041310)(20161123562045)(20161123560045)(20161123564045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:DM2PR12MB0156; BCL:0; PCL:0; RULEID:; SRVR:DM2PR12MB0156; X-Forefront-PRVS: 0611A21987 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(366004)(39860400002)(376002)(346002)(396003)(39380400002)(199004)(189003)(59450400001)(2950100002)(6916009)(81166006)(2351001)(81156014)(4326008)(6116002)(478600001)(6666003)(52116002)(7736002)(8676002)(3846002)(7696005)(305945005)(106356001)(2361001)(23676004)(50466002)(53936002)(76176011)(47776003)(5660300001)(316002)(6486002)(54906003)(53416004)(68736007)(105586002)(97736004)(1076002)(66066001)(8936002)(50226002)(186003)(16526019)(386003)(36756003)(26005)(2906002)(86362001)(25786009)(2870700001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0156; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTJQUjEyTUIwMTU2OzIzOnZjWUJSVkNCa3JzcEVYcjU3cW5OWWlzTjAz?= =?utf-8?B?QjBWNXlUdXl6V2lJYU8wZVBudW1LQVNXaFJIbXd1cGJKc2R6ZDcwS2d6Wnpo?= =?utf-8?B?bVBndUxKQ21ZSWgyZ0VpQUY2SHJ3T2txSzBYejhucGM3dXcxYjBaSnNYSXZC?= =?utf-8?B?dmNzOWlYRWUzdU43ajBqQXNweHBmRFhKY2hueklHdDlIWEtWNXlJSlpIT1NZ?= =?utf-8?B?OWhIdHM4MTZ5bUI2WGZBcUxMRy81dnVDdEFlSEd4L3hCS1cxMDB4M3BlNVlz?= =?utf-8?B?MlA2b0VscHZzTFltL28zNFp1ZGFXWjgwTnVtVGxEd3E0dW5tWHVqeXFxb1Av?= =?utf-8?B?TTJFTXhHclNkZkFXTC9nT2tGdFEyV2NnbFIvRVRHKytya3VYUGlGaEVpczhI?= =?utf-8?B?OFBQYklLZzJjc2dPNlRFSUZWb2RVUWN2a01XUUozT2JLak8yOW1nRDF0Mlk3?= =?utf-8?B?U25xVWh3aHlBRVlyMWl2K2o4YVQyR2ozSlk2djducHZaZVNGSVJMTENCVWtr?= =?utf-8?B?RUdMNy9kV1AxbnJTc1M1WUVHdEZ3eVdJbjdaUnRHUVdlZ2dSa1RDTUpqQi9Q?= =?utf-8?B?NUpiTVlDTXRxczRXUzNhd014Zjg0M3d3bzE5UHJmdDc0MHpZWXk0SmNPNXVI?= =?utf-8?B?VEJOTUtiWEJBcHpiUEltbkg5OGhvMll5a0xkNnoycWIwTjRyRU9XUk9xV2hu?= =?utf-8?B?Qk4xK2tiV0xWalhLTVBaU1JwSXlrZW8wS2NFck9ybXZ0anBac1Zaa2o4dG5Y?= =?utf-8?B?OEx1VTRYWGVrbjlrMkdoQnM3d3I3ZlpSNG11ZEx5QzBBZGplS2l6akdsMVlF?= =?utf-8?B?R1c5U0hZcmUrN0tvMXhmUVRrUnJHUDZIVW5YUWl1eHh3bDNKYVlmREJIOXkw?= =?utf-8?B?M0tTRFc0VWRrb1owR2RSemNSS3V2WmhPcysyOGJ4aW5oOENwTFZaeVdpZytM?= =?utf-8?B?ci82aUtOMWdndThXUk9ubytNSjZXTVNBV0N5Tk1oaVUyNEd2SVM2VWNVR3Ay?= =?utf-8?B?Q3RnYnlFQ00rckc5OGs0T0I2V0JVd2JxWmlPSlZaTElLUVRMUVFFZTNMclRl?= =?utf-8?B?RzRnQzRNTFRxWDVLU3ZZbWNxbkFJdWFxZEwxSGlDbTlxN0xZSU5EWFhtS1h4?= =?utf-8?B?dG1xRGF4OStZQW9MaGdsMFl3bExVMW82dGVpU1ZGdHd2blkrS1hQMFZzL2xn?= =?utf-8?B?YVBZVnROczhBNFo3ZEN0RlVPeW0wV0hoZEJZWVN1SFhJc0tLK0NBbmNMSXg2?= =?utf-8?B?VFJ3eFZIbGc3eFhYc2NaUW9yc3AwVDcyTmthaDhrQkxaVlBVUWEyNkF4a09n?= =?utf-8?B?akllWUtyQWx5TnF4cWhLTG1ZcnRpUzlQTkVVWldpVGYxc3liRXBBV2hhZHg1?= =?utf-8?B?VkVKTXRYWjRxeVhiRWRkNSsrQlNHZDhQOGtiRUFpMXp5bmEyNHJmVUVtNWJK?= =?utf-8?B?UnNONVVrcUE3WjA3dVhaMjNGanhOVnlIWlNUWHVJVDMwUDlWUHJDeXFGZ1Fs?= =?utf-8?B?czVjTS90N1pjQVNNYlJCeFZIWTE4WGVHVXBuQjNOdmF3VGxLV0RXWHNRU1ZT?= =?utf-8?Q?tD8emCoB+GSBNIZsWCJjCWProbHZSGqhPXc9/6QCUu/w=3D?= X-Microsoft-Antispam-Message-Info: tsw+JhXounbGXKfU+1MspgXAoAaw8pBOT6m3vNdqNNdua+z0W5E0McnPpEFmX6b7jFB0PrMTxCPImG4TExRf9jt24E09ywdfF0Rd7PpjTmzd/JXEBJtZUzvH1HyusrQ5O0KeQINSLe05+GAKnsaykVb2wLKhAFI1pYlzHEPhrN0ZOWLK/osYRECesoStDEzf X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 6:MI9P1GfR1nbDRh9QEakBQj/+FTCPgxe355KT4bFnPQPapaOpR5Dch3Roy90tbYA/sPFww1ztFO6GWj/b24SBQcPsDdsNWStnQYQa0Yl71iE5ESvml19s/MNt1VVV2DlE2QFZt7z2FzqATOrz66Su9lVUZEeAWG6Iou7Jfx2TArsZH0BuQ4u9Rx1pIczzJpiELBrX/41EMqhSKtbITv2HR+iOPjVMzp0+RV0Bnt2RnG7muKQ6fEwGtX1kQqnO9yxbQoMhmCNPgOOf/TaQaQ3ay0eOcSjSlg8CUkG89M+pIipHk9mws9RRVCLmXc+43aNf5BYITDES9IUaCVhMJGYzDXrDOyibx2XdXKAfhrb1UvE=; 5:LYQ07EqWBLbwZEKcvGYaHyThD5jwOJ8oDLaEP9GAdm6F6p9LJp8yf4mVnSkhBvpYKTz3ZQDmFde5UxoNELRWq2vWSoZa1M59iGAjEvG+8/6Vqyj4Kh5Jkt7eQiYRbjJtXaXLt+Tb87313JugtwAikpQ++j/a5NlYOdzrCIhuXqY=; 24:d/UoK67aAowYLZzuuv6NIb9A1uA8x0P9VC/DRbiuRBl/s3H0bBoZ2Rf/ds0JUvVUQ42MibFgYExGMcr8xq3lEg4fRSzv3UV+GlkhbncJGoo=; 7:4KKWf9w9crC0oJjgMtDfEGlzOAP9RNAfh1REBwEIQ7k1J2Aw4LgFFr9KXW7JofvZLq/kSfAM9Zuh0ZV8ZjBDqUh5fd6WkOkL/m05oKomtfapZH7UhUTMfGrI6muVJP18C3K7/pKRgJt9Guf8r8V0+22EgOiK5JBc0Iv4uyI/4LmiEi2ZuzIyV+MLAQBcOBtD/ZxkBEuCWluPKT3MibEXMIaykcey69sQyh4jogIUOi/tr6Qfqb6A/cWXmeGDjwpI SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:y9D6jmjBThpp4xzl1kUSjNMujM5UkDfrvzDHgWcPM4K6rh4FO2fmyGcwXZdCQTnSSewM6JxahaYIUrOxa2nx0NQTgwNlgePhD5LnF4fmIgqZN8xtnURrgvHv26GsKUvVEuTsp5t8uMwa/GWqhb1+MOB1iW7PzG7b2108XywfcENtf60r+kKI5WfwVtgdMemCgi9HvQu/OydkSSLr/zSHFpZ08QS5m9ahfIBIEjiINlbzm/k83pKDs33z/Gj9Ff1r X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Mar 2018 15:46:04.1403 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 845be3a6-1c95-41b3-c276-08d589c2b26f X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0156 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 14 Mar 2018 15:46:09 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 14 Mar 2018 15:46:09 +0000 (UTC) for IP:'104.47.37.50' DOMAIN:'mail-cys01nam02on0050.outbound.protection.outlook.com' HELO:'NAM02-CY1-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.031 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_PASS) 104.47.37.50 mail-cys01nam02on0050.outbound.protection.outlook.com 104.47.37.50 mail-cys01nam02on0050.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.28 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Peter Krempa , Xiaogang Chen , Jon Grimm , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v3 1/9] qemu: provide support to query the SEV capability X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 15 Mar 2018 07:38:41 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 QEMU version >=3D 2.12 provides support for launching an encrypted VMs on AMD x86 platform using Secure Encrypted Virtualization (SEV) feature. This patch adds support to query the SEV capability from the qemu. Reviewed-by: "Daniel P. Berrang=C3=A9" Signed-off-by: Brijesh Singh --- src/conf/domain_capabilities.h | 13 ++++++++ src/qemu/qemu_capabilities.c | 38 ++++++++++++++++++++++ src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_capspriv.h | 4 +++ src/qemu/qemu_monitor.c | 9 ++++++ src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 73 ++++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_monitor_json.h | 3 ++ 8 files changed, 144 insertions(+) diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index fa4c1e442f57..72e9daf9120f 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -137,6 +137,19 @@ struct _virDomainCapsCPU { virDomainCapsCPUModelsPtr custom; }; =20 +/* + * SEV capabilities + */ +typedef struct _virSEVCapability virSEVCapability; +typedef virSEVCapability *virSEVCapabilityPtr; +struct _virSEVCapability { + char *pdh; + char *cert_chain; + unsigned int cbitpos; + unsigned int reduced_phys_bits; +}; + + struct _virDomainCaps { virObjectLockable parent; =20 diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 3eb5ed6d1a60..6da7cf7477c7 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -459,6 +459,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST, "pl011", "machine.pseries.max-cpu-compat", "dump-completed", + "sev", ); =20 =20 @@ -525,6 +526,8 @@ struct _virQEMUCaps { size_t ngicCapabilities; virGICCapability *gicCapabilities; =20 + virSEVCapability *sevCapabilities; + virQEMUCapsHostCPUData kvmCPU; virQEMUCapsHostCPUData tcgCPU; }; @@ -1694,6 +1697,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "sclplmconsole", QEMU_CAPS_DEVICE_SCLPLMCONSOLE }, { "isa-serial", QEMU_CAPS_DEVICE_ISA_SERIAL }, { "pl011", QEMU_CAPS_DEVICE_PL011 }, + { "sev-guest", QEMU_CAPS_SEV }, }; =20 static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBalloon[]= =3D { @@ -2770,6 +2774,21 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCap= s, qemuCaps->ngicCapabilities =3D ncapabilities; } =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities) +{ + virSEVCapability *cap =3D qemuCaps->sevCapabilities; + + if (cap) { + VIR_FREE(cap->pdh); + VIR_FREE(cap->cert_chain); + } + + VIR_FREE(qemuCaps->sevCapabilities); + + qemuCaps->sevCapabilities =3D capabilities; +} =20 static int virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps, @@ -3273,6 +3292,19 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr qe= muCaps, return 0; } =20 +static int +virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps, + qemuMonitorPtr mon) +{ + virSEVCapability *caps =3D NULL; + + if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0) + return -1; + + virQEMUCapsSetSEVCapabilities(qemuCaps, caps); + + return 0; +} =20 bool virQEMUCapsCPUFilterFeatures(const char *name, @@ -4906,6 +4938,12 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps, virQEMUCapsGet(qemuCaps, QEMU_CAPS_QUERY_CPU_MODEL_EXPANSION)) virQEMUCapsSet(qemuCaps, QEMU_CAPS_CPU_CACHE); =20 + /* Probe for SEV capabilities */ + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV)) { + if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0) + virQEMUCapsClear(qemuCaps, QEMU_CAPS_SEV); + } + ret =3D 0; cleanup: return ret; diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index c2ec2be19311..02acae491ab5 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -444,6 +444,7 @@ typedef enum { QEMU_CAPS_DEVICE_PL011, /* -device pl011 (not user-instantiable) */ QEMU_CAPS_MACHINE_PSERIES_MAX_CPU_COMPAT, /* -machine pseries,max-cpu-= compat=3D */ QEMU_CAPS_DUMP_COMPLETED, /* DUMP_COMPLETED event */ + QEMU_CAPS_SEV, /* -object sev-guest,... */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h index 222f3368e3b6..1fa85cc14f07 100644 --- a/src/qemu/qemu_capspriv.h +++ b/src/qemu/qemu_capspriv.h @@ -86,6 +86,10 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps, virGICCapability *capabilities, size_t ncapabilities); =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities); + int virQEMUCapsParseHelpStr(const char *qemu, const char *str, diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 1d67a97789e7..2820714b5c55 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4007,6 +4007,15 @@ qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, return qemuMonitorJSONGetGICCapabilities(mon, capabilities); } =20 +int +qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + QEMU_CHECK_MONITOR_JSON(mon); + + return qemuMonitorJSONGetSEVCapabilities(mon, capabilities); +} + =20 int qemuMonitorNBDServerStart(qemuMonitorPtr mon, diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index adfa87aba91b..aaa14f66fdfb 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -767,6 +767,9 @@ int qemuMonitorSetMigrationCapability(qemuMonitorPtr mo= n, int qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + typedef enum { QEMU_MONITOR_MIGRATE_BACKGROUND =3D 1 << 0, QEMU_MONITOR_MIGRATE_NON_SHARED_DISK =3D 1 << 1, /* migration with non-= shared storage with full disk copy */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 08dfffdf6435..c51b98d2bda7 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -6398,6 +6398,79 @@ qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, return ret; } =20 +int +qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + int ret =3D -1; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr caps; + virSEVCapability *capability =3D NULL; + const char *pdh =3D NULL, *cert_chain =3D NULL; + int cbitpos, reduced_phys_bits; + + *capabilities =3D NULL; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-capabilities", + NULL))) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + goto cleanup; + + caps =3D virJSONValueObjectGetObject(reply, "return"); + + if (virJSONValueObjectGetNumberInt(caps, "cbitpos", &cbitpos) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'cbitpos' field is missing")); + goto cleanup; + } + + if (virJSONValueObjectGetNumberInt(caps, "reduced-phys-bits", + &reduced_phys_bits) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'reduced-phys-bits' field is missing")); + goto cleanup; + } + + if (!(pdh =3D virJSONValueObjectGetString(caps, "pdh"))) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'pdh' field is missing")); + goto cleanup; + } + + if (!(cert_chain =3D virJSONValueObjectGetString(caps, "cert-chain")))= { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'cert-chain' field is missing")); + goto cleanup; + } + + if (VIR_ALLOC(capability) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->pdh, pdh) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->cert_chain, cert_chain) < 0) + goto cleanup; + + capability->cbitpos =3D cbitpos; + capability->reduced_phys_bits =3D reduced_phys_bits; + *capabilities =3D capability; + ret =3D 0; + + cleanup: + virJSONValueFree(cmd); + virJSONValueFree(reply); + + return ret; +} + static virJSONValuePtr qemuMonitorJSONBuildInetSocketAddress(const char *host, const char *port) diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index ec243becc4ae..305f789902e9 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -152,6 +152,9 @@ int qemuMonitorJSONSetMigrationCapability(qemuMonitorPt= r mon, int qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + int qemuMonitorJSONMigrate(qemuMonitorPtr mon, unsigned int flags, const char *uri); --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list