From nobody Wed May 14 06:09:22 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527110374150616.5777592483967; Wed, 23 May 2018 14:19:34 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 570FBABB20; Wed, 23 May 2018 21:19:26 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1F1D010694C0; Wed, 23 May 2018 21:19:26 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C9A3E4CA83; Wed, 23 May 2018 21:19:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4NLJAeT028743 for ; Wed, 23 May 2018 17:19:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id B5BD11062241; Wed, 23 May 2018 21:19:10 +0000 (UTC) Received: from mx1.redhat.com (ext-mx10.extmail.prod.ext.phx2.redhat.com [10.5.110.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 716F4106223E; Wed, 23 May 2018 21:19:08 +0000 (UTC) Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0058.outbound.protection.outlook.com [104.47.32.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4D11113A526; Wed, 23 May 2018 21:19:06 +0000 (UTC) Received: from wsp141597wss.amd.com (165.204.78.1) by BL0PR12MB2449.namprd12.prod.outlook.com (2603:10b6:207:4d::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.797.11; Wed, 23 May 2018 21:18:56 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SjpTiH1mLEw/nvA5TKvjTOL2DaU/iu2CKrG1N/AfMAg=; b=s5gaUXBmqDZOyQd+ds2XJ0cS/YK5j0Wb6fLrI6nW4r151Kt/pSvwEHQ5TqgHdSnA+t779pr4e7zKHc3hep9svkWj80J1eJHu7h23A6EWqGod0+i/V+YIGz+GHeIH48LWNtC6zmv3v15m/2t4eR5IxcSQMZzANGN7AJlD84/o/6E= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: libvir-list@redhat.com Date: Wed, 23 May 2018 16:18:26 -0500 Message-Id: <20180523211834.15817-2-brijesh.singh@amd.com> In-Reply-To: <20180523211834.15817-1-brijesh.singh@amd.com> References: <20180523211834.15817-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN2PR01CA0050.prod.exchangelabs.com (2603:10b6:800::18) To BL0PR12MB2449.namprd12.prod.outlook.com (2603:10b6:207:4d::31) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BL0PR12MB2449; X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2449; 3:50aax/bc2swWGOIORim8GjbLC7JLiMBPlyJPRzEKlxYKufxZiE8wuI3c4mabg2HAGwJxJy5IXKCPjIaLCqHaF04nNyim8WRJZflOoiuwXbliYEyGSpGpgiUBsZ2vfjxocd5gY0Pj4ChqBitEHNYHw9agSXdL+AXKFPvt/QD/Vs/f7iOcQH6M5eWUTf213mYceE7JSPLknP3dSYCttTOoTjRhM0YrPi/S4rkmpv1NPrWsYHpRX27WHc0PwhvcSxVy; 25:wHlmkuEzVj6wR/SaRyFNVHeO5v7G7907RgZFIlyVxCfH8L5F9CklIG4Ow+G1QyA2/L9CWpmsggRiMyJPQeCVGy1EeEmIBOkkWINTKbFOJyQxjD6Pkr3oWT6njOQykoZn4VGwqMsIhKrZEMUrWz/twsr4tokiV3pzv5Vg1LxZAo5FEBj3Ww5y+zSasIKDz+CfD8DAzNA/ROYNGfeeiRMXZWH0FE9QHAFquvKqfrHuoVqnlOM8xmI8e2UUMWSqKVhYUEJMTFtVwGNduhhAStPs6dNBdnDmii4aKKiTlZHLfUnSgJ32FHkxxw5EinnpAt+5goIUuj/hUl1hQ0aztuRWOQ==; 31:mAKuvg4IByNZx7npvcacYcbWFPlsgqilg06gg9CZYdIWOlKwhJ38ZoAOLh+ixEsMWIE/MYuHnpvqgtxMRNyJGc3W1JgSu+P8vtmlZNSg4pVHW2ZiKxEY3zOaRpder2CQQjWuKcvW0gxDuGrbxUuB/MKdg0K2KLPeeyzj4Z5fxFJfMq0bcyThhZ5jrcPj1wCxBvgj6sfnlNTkxhdtXl082cth12xf5CjCYdt/l39W3pM= X-MS-TrafficTypeDiagnostic: BL0PR12MB2449: X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2449; 20:prBkO/IhOjObMWLpdkWEsHryY4K/JtSTdkn7jF/sPJ60nUVO4liYB3UL7E5hC9FEYopPk4nyfCxEM84It/+oraybyIaquvWQfH8gVl7XgJjEuO9ybEstgtSDlJWbtQS6/Ym3LD3B9po5QBTRC/LwpcJ/13DMdBdk8urvU3ytHpPytnJCcaTsvvxjreC0gSA8slb1o6dCjwh7rwlClhLNyyp/XoH9SEkU85aqRczrcFHzNLhgeSPnU3mgfaKykF7hWJQmeX4lz/ATdWYuGuS/r/u9KQbLfFIsGnPMuGrQJOFG2E8J6JN4SdD5onHFxLk49qJcYWAAoEGwIVyBL6EUO2p9wzotlnBWJqBlYmCqQM96RLoKrpX1H6pgnAnlR0mcIaPpKA9CJ2D3aX9lOv1rFDjTl8zeKgFFxAc8q4HAtLyoRTfyRJ9CIg5ei1PtP0JKXAxiqOMZw68BfPU+h+ckgXuiW87yU3c7FmQ7dvNuC9YDkKkuaUoXvcz7fPgCwX9Y; 4:GZXq1a7r2McqLk5koYwhMosn64JP07qE0J48DRpa9Wqi6fB5D6jzL9RHGVQitqZGDQXNATN0NnuliGrm5k8wEQ07gk29pRUSbwl8o0NZ6Ye1W/fa9XxZfU1KCxRBP8i14+XBNL4aBHjamqoZbZxeyQs0/Yf1QSse+3UhoKL3rO9uvUNcReM47td7S4DPrUI8rX413yE+Cuu1ZifjUycg6D4IBJ+R9ehe2wN8Km5SNrtOBSvqLFlhZRe3F3Srx2XVDANQVBSpJ/ua1p+SahXudxbpMpW+/g7FP9Bq4Pz9iQE4z8HbI5tkNJuFS/HD4AmE X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231254)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123558120)(6072148)(201708071742011)(7699016); SRVR:BL0PR12MB2449; BCL:0; PCL:0; RULEID:; SRVR:BL0PR12MB2449; X-Forefront-PRVS: 06818431B9 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(346002)(376002)(396003)(366004)(39380400002)(39860400002)(199004)(189003)(956004)(6116002)(53936002)(1076002)(3846002)(4326008)(2616005)(36756003)(446003)(97736004)(11346002)(5660300001)(66066001)(16526019)(47776003)(186003)(6916009)(6666003)(44832011)(6486002)(86362001)(575784001)(16586007)(2351001)(26005)(478600001)(59450400001)(2906002)(76176011)(2361001)(51416003)(68736007)(50466002)(25786009)(476003)(52116002)(7696005)(54906003)(48376002)(7736002)(305945005)(106356001)(386003)(316002)(53416004)(486006)(81166006)(81156014)(8676002)(105586002)(50226002)(8936002); DIR:OUT; SFP:1101; SCL:1; SRVR:BL0PR12MB2449; H:wsp141597wss.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BL0PR12MB2449; 23:Z9wCwlP6Lxn89x/YT3WpYSzqFS+4nr7DZtSay+6ms?= =?us-ascii?Q?gm8XG3zqPHZmm4+kq4EvBsQ+I3xthzIPsUR1+zPtyVzGwUZisvL2T/FOuVAQ?= =?us-ascii?Q?PBv7Jb8n8dlRo5NusETDUz6tHb+1rmlEUnX8s370jPEVd9EwzYKFQ3WZZfuV?= =?us-ascii?Q?Pn37fHI18ZNnRRAx3a/C7TblR+qLaAE9dUbRpfL9DsrS8Pq6W3WRf9AwQgxo?= =?us-ascii?Q?uebkQHPaWxHUY7pMM65VYUR7st3NKWJJZ3n6OVKRIppYFNWpRbBQwR8uPuew?= =?us-ascii?Q?twJWAchguXRoozBCppBFkkQbnzMIlI+aI9aU2/a0XvL+YfkTFRSs27gNdGYk?= =?us-ascii?Q?GX9mtYMMCSr4R7RvmbfKJQGmiJYteeEpJSW65rKC454r3ad3wnUBnbZ5M6Rs?= =?us-ascii?Q?dpvav0mu4DaTGCiAIBZGAMkMHb9TnscHLIoj+/UKHRVf/un8HkW/nzulrcQ1?= =?us-ascii?Q?k6lWPms6U0ZbQOfkiTWQEzXEWUwtudMx2HAatXdn+ygHz3N0mKDLgKl3PWmF?= =?us-ascii?Q?zbFIkEEDfWeNrE95/0xN4Di7QChrsi4Ip9sT1FMSEdMAwHpj+1Axweu+1x2S?= =?us-ascii?Q?RYtxWbgZRFXgek24pIlScT71KTvUVyg3KM6oMGuGtSlGBUZiiCpDYbsj6R6T?= =?us-ascii?Q?w9X/iBOT/WONOx4Bcwbd/u/3D9NPwbmF8/7ZS32w6W0TErZPOWl+Zti/BHjk?= =?us-ascii?Q?gqHPwakc1DugoFZQEuoEHSgpMYIoeDqAB8/DBHYcuYqhxTMbXjt6lVNyxKux?= =?us-ascii?Q?jtxxtXEFA7z9/WLgktu/bQxFiqruRmVhwXHXIN2/ykJyoxVa02P8dhvhVCSR?= =?us-ascii?Q?ORhQ7bJot1f1IifedWiNU4bG+6854geDiVq3+ey5ALOK1NwMEYhl462pdc5I?= =?us-ascii?Q?cjeFLCUS4Naz/dBONmGotRTqL0OF1Fai1+7NQ6PWn5R88wefzhGBqOPs9vOv?= =?us-ascii?Q?AEE35RXHrNf7O78W1+BzZZHcte7DANM5PRgz9EkjPNafWaSft0ue6vkM2w7I?= =?us-ascii?Q?8sXDXxMFThDFm/NdwHCXMIKe406G5V1JzfLXhaFNON1/2BYltp65b9uqQQOI?= =?us-ascii?Q?C847nrbX0H+M0G4j7KMSKbDZKhkiH7NRcvS7sTci18lHl1eHshkTwCDOMhxc?= =?us-ascii?Q?vRj8gn86S9uf18t0ZZxSEpLWL9ErWNljvUnEQFwUOnY5R5hn65+joUwFzssm?= =?us-ascii?Q?EDWgEYSZnodcGVSR1q7lA/RCgHeH/3RtCSFZWGsomvYsdoSJxLYn0Lgyash1?= =?us-ascii?Q?Qy0e/m0/Pykz3dvRryetmm3qf1t/fWzZGmfbMLskRDQ50BkXSr4EMT0CVFr0?= =?us-ascii?Q?MyCYUBQ1La10YKRjXxtc/pl7DWJGcS7dlaJQYE7QThG?= X-Microsoft-Antispam-Message-Info: 3u5rH2f53lNeIyOc1+2wGWrIbXWjWb0LNoMLOqrNev71+zSBP3F16oRsmckTcuvXB+JJj4LIeKIKwtKYMx72I8Q+VpD1C6zULI5GByF0wePH7CfXYcyoPV0eDxEQ2QybKJ9v+7UQJHVflkAtNQ5P726LZOSQBfJFTaCmFL+Cr+RfJRl84Cc/4z0CvmUObfB+ X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2449; 6:0HB3stz3K888AYguQ+S9wFfPEaxVgBZifcKi3VspwwOZtzh4COpUvZonpViZ3JC52mXYvao//JNx4Ooi9/rJbUaK2xxo5Xeyb61bv5hYx2eP8anvR8+8/hbV7QXKZNH+99dbLE6zdUJswkpiNl0Zcqe8dH4sEZa0JJFnajvbBS0SSoWQ+MLZpZVTEcQ4IB7cVPeyX3MRtHmt2RVro+Dn34nukiT17tL/zRNxCBZG1/bnHNzW2fORUX5tN2285W1ZjAo5wBQfr7xnfIoZconHo8vzlPPYtStaZ+imIYBbqOI3xMZGYYPtsjuZ+IxcDs/WlQ+5MuKaEG/PWHOXDv0oB8cBf+9FffE6Ab//5kvfsul5spCQ+i9GHLxcIBZejCWHOmte6Ix6sWkq0ayw5IChawfH3U3thIIFLVcwv7uDfcwvJVXC/GU1gVVLQtPVGWIE1J2WOU0hcf8msQDKkqiUbQ==; 5:4LRUH1+vczkZke5FvQLSx9+6YAY9EBsTnG0MgSXU/2TfCidV9CZ2UR3r5pW+iCmyhqd13rWi0LV2WHaEauJoYGE9VrKHCb9CNbLSZFklfjGg1+fNngY6BMx6YCm6yhMY72s2Lir9Mo3WoNEJca3H5TofvXE6bulA4jTrW88L2DA=; 24:QkJGcVmJV5ypt4ErPRm0qzrVYBaankHZdVvsLyJ9QTv3DxF1Iys9YJ+aq6aYv7Ddo1k1zC+EYB7IJlDF+Rfv+LLNZ/I4hVXdxVfKqTNfWhY= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2449; 7:gdTEQ1OJdCMY/MNUBAOAQO0W+pSA4G2PGA5+oLDronTR3/S4VLesUvsVpsiciysXMIueBhqNLTO5hxwiwqNnp4tuy+wsArEoI4UgGG413NOUDg2Uqm8oRH2VKNi+JDPsR7QZ1QLW+Fb9XSJM3xEXoxnwiq53MZ5EOiylmRpu8aXd5oI1NQjc0hewLkpUuy0a/o3Byw9PQRDwY1Jppm81HIfnD/g/Vy/+HdCvL4AcP0iKyrlp7I90hXnyd0hvxF/E; 20:mFExJjdZG2G6ilU8XIWJ0yHc4ZhHcEHStqz4JIuH6XDiQQ48O5s/1xSG9ZadqYOcmr9dIWYP1YUQEBOfwTS1DX2kSxIoI5pfm3Ytq3qNCuYj10KLFqyeMYORuVN3R+ijfMHF/R6jNFopuCMFHhENsib2fumwu20tOQpUwOks1fdM8cpwD+PGd5DDPS6IOnoeXXCfM0IEWADoFzNdKXdeDJIZwvk84flBT/6VFVC1pV5P2SaoXJAUr+T+sXQ3lZc6 X-MS-Office365-Filtering-Correlation-Id: 913b1ee5-039b-46fe-566a-08d5c0f2cb42 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 May 2018 21:18:56.0669 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 913b1ee5-039b-46fe-566a-08d5c0f2cb42 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB2449 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Wed, 23 May 2018 21:19:06 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Wed, 23 May 2018 21:19:06 +0000 (UTC) for IP:'104.47.32.58' DOMAIN:'mail-sn1nam01on0058.outbound.protection.outlook.com' HELO:'NAM01-SN1-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.021 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, T_DKIMWL_WL_MED) 104.47.32.58 mail-sn1nam01on0058.outbound.protection.outlook.com 104.47.32.58 mail-sn1nam01on0058.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.39 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Peter Krempa , Erik Skultety , Jon Grimm , Andrea Bolognani , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v6 1/9] qemu: provide support to query the SEV capability X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Wed, 23 May 2018 21:19:33 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" QEMU version >=3D 2.12 provides support for launching an encrypted VMs on AMD x86 platform using Secure Encrypted Virtualization (SEV) feature. This patch adds support to query the SEV capability from the qemu. Signed-off-by: Brijesh Singh --- src/conf/domain_capabilities.h | 13 ++++ src/qemu/qemu_capabilities.c | 47 ++++++++++++++ src/qemu/qemu_capabilities.h | 4 ++ src/qemu/qemu_capspriv.h | 4 ++ src/qemu/qemu_monitor.c | 9 +++ src/qemu/qemu_monitor.h | 3 + src/qemu/qemu_monitor_json.c | 74 ++++++++++++++++++= ++++ src/qemu/qemu_monitor_json.h | 3 + .../caps_2.12.0.x86_64.replies | 10 +++ tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 3 +- 10 files changed, 169 insertions(+), 1 deletion(-) diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index 9b852e8649bf..c1093234ceb8 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -137,6 +137,19 @@ struct _virDomainCapsCPU { virDomainCapsCPUModelsPtr custom; }; =20 +/* + * SEV capabilities + */ +typedef struct _virSEVCapability virSEVCapability; +typedef virSEVCapability *virSEVCapabilityPtr; +struct _virSEVCapability { + char *pdh; + char *cert_chain; + unsigned int cbitpos; + unsigned int reduced_phys_bits; +}; + + struct _virDomainCaps { virObjectLockable parent; =20 diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 8a63db5f4f33..49b74f7e12c1 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -489,6 +489,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST, "screendump_device", "hda-output", "blockdev-del", + "sev-guest", ); =20 =20 @@ -555,6 +556,8 @@ struct _virQEMUCaps { size_t ngicCapabilities; virGICCapability *gicCapabilities; =20 + virSEVCapability *sevCapabilities; + virQEMUCapsHostCPUData kvmCPU; virQEMUCapsHostCPUData tcgCPU; }; @@ -1121,6 +1124,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "virtual-css-bridge", QEMU_CAPS_CCW }, { "vfio-ccw", QEMU_CAPS_DEVICE_VFIO_CCW }, { "hda-output", QEMU_CAPS_HDA_OUTPUT }, + { "sev-guest", QEMU_CAPS_SEV_GUEST }, }; =20 static struct virQEMUCapsStringFlags virQEMUCapsDevicePropsVirtioBalloon[]= =3D { @@ -2050,6 +2054,28 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCap= s, } =20 =20 +void +virQEMUSevCapabilitiesFree(virSEVCapability *cap) +{ + if (!cap) + return; + + VIR_FREE(cap->pdh); + VIR_FREE(cap->cert_chain); + VIR_FREE(cap); +} + + +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities) +{ + virQEMUSevCapabilitiesFree(qemuCaps->sevCapabilities); + + qemuCaps->sevCapabilities =3D capabilities; +} + + static int virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps, qemuMonitorPtr mon) @@ -2580,6 +2606,21 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr qe= muCaps, } =20 =20 +static int +virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps, + qemuMonitorPtr mon) +{ + virSEVCapability *caps =3D NULL; + + if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0) + return -1; + + virQEMUCapsSetSEVCapabilities(qemuCaps, caps); + + return 0; +} + + bool virQEMUCapsCPUFilterFeatures(const char *name, void *opaque) @@ -3965,6 +4006,12 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps, virQEMUCapsClear(qemuCaps, QEMU_CAPS_DEVICE_VFIO_CCW); } =20 + /* Probe for SEV capabilities */ + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) { + if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0) + virQEMUCapsClear(qemuCaps, QEMU_CAPS_SEV_GUEST); + } + ret =3D 0; cleanup: return ret; diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 3e120e64c0b4..8b7eef4359b7 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -473,6 +473,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ QEMU_CAPS_SCREENDUMP_DEVICE, /* screendump command accepts device & he= ad */ QEMU_CAPS_HDA_OUTPUT, /* -device hda-output */ QEMU_CAPS_BLOCKDEV_DEL, /* blockdev-del is supported */ + QEMU_CAPS_SEV_GUEST, /* -object sev-guest,... */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; @@ -599,4 +600,7 @@ bool virQEMUCapsGuestIsNative(virArch host, bool virQEMUCapsCPUFilterFeatures(const char *name, void *opaque); =20 +void +virQEMUSevCapabilitiesFree(virSEVCapability *capabilities); + #endif /* __QEMU_CAPABILITIES_H__*/ diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h index 0199501c931b..20b03876d470 100644 --- a/src/qemu/qemu_capspriv.h +++ b/src/qemu/qemu_capspriv.h @@ -85,6 +85,10 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps, virGICCapability *capabilities, size_t ncapabilities); =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities); + int virQEMUCapsProbeQMPCPUDefinitions(virQEMUCapsPtr qemuCaps, qemuMonitorPtr mon, diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 43f1d2f81671..3b034930408c 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -3778,6 +3778,15 @@ qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, return qemuMonitorJSONGetGICCapabilities(mon, capabilities); } =20 +int +qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + QEMU_CHECK_MONITOR(mon); + + return qemuMonitorJSONGetSEVCapabilities(mon, capabilities); +} + =20 int qemuMonitorNBDServerStart(qemuMonitorPtr mon, diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index c28db1a52b8b..b1b7ef09c929 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -710,6 +710,9 @@ int qemuMonitorSetMigrationCapabilities(qemuMonitorPtr = mon, int qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + typedef enum { QEMU_MONITOR_MIGRATE_BACKGROUND =3D 1 << 0, QEMU_MONITOR_MIGRATE_NON_SHARED_DISK =3D 1 << 1, /* migration with non-= shared storage with full disk copy */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 9f5c35879587..24d3a2ff412f 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -6436,6 +6436,80 @@ qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, return ret; } =20 +int +qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + int ret =3D -1; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr caps; + virSEVCapability *capability =3D NULL; + const char *pdh =3D NULL, *cert_chain =3D NULL; + int cbitpos, reduced_phys_bits; + + *capabilities =3D NULL; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-capabilities", + NULL))) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + goto cleanup; + + caps =3D virJSONValueObjectGetObject(reply, "return"); + + if (virJSONValueObjectGetNumberInt(caps, "cbitpos", &cbitpos) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'cbitpos' field is missing")); + goto cleanup; + } + + if (virJSONValueObjectGetNumberInt(caps, "reduced-phys-bits", + &reduced_phys_bits) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'reduced-phys-bits' field is missing")); + goto cleanup; + } + + if (!(pdh =3D virJSONValueObjectGetString(caps, "pdh"))) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'pdh' field is missing")); + goto cleanup; + } + + if (!(cert_chain =3D virJSONValueObjectGetString(caps, "cert-chain")))= { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("'cert-chain' field is missing")); + goto cleanup; + } + + if (VIR_ALLOC(capability) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->pdh, pdh) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->cert_chain, cert_chain) < 0) + goto cleanup; + + capability->cbitpos =3D cbitpos; + capability->reduced_phys_bits =3D reduced_phys_bits; + VIR_STEAL_PTR(*capabilities, capability); + ret =3D 0; + + cleanup: + virQEMUSevCapabilitiesFree(capability); + virJSONValueFree(cmd); + virJSONValueFree(reply); + + return ret; +} + static virJSONValuePtr qemuMonitorJSONBuildInetSocketAddress(const char *host, const char *port) diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index f4ac8319ac8a..129aab22bf98 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -152,6 +152,9 @@ int qemuMonitorJSONSetMigrationCapabilities(qemuMonitor= Ptr mon, int qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + int qemuMonitorJSONMigrate(qemuMonitorPtr mon, unsigned int flags, const char *uri); diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.replies b/tests/= qemucapabilitiesdata/caps_2.12.0.x86_64.replies index c40046beef6b..ace35374ef96 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.replies +++ b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.replies @@ -18995,6 +18995,16 @@ "id": "libvirt-51" } =20 +{ + "return" : { + "reduced-phys-bits": 1, + "cbitpos": 47, + "cert-chain": "AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA", + "pdh": "AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAO= AAA" + }, + "id": "libvirt-52" +} + { "return": { }, diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml b/tests/qemu= capabilitiesdata/caps_2.12.0.x86_64.xml index 3c7dadffcd8a..58a1bf835a73 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml @@ -204,9 +204,10 @@ + 2011090 0 - 390813 + 391059 v2.12.0-rc0 x86_64 --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list