From nobody Wed May 14 19:17:38 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1527110384613690.7188793713544; Wed, 23 May 2018 14:19:44 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 22A1230CBABA; Wed, 23 May 2018 21:19:43 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DEB6128D1D; Wed, 23 May 2018 21:19:42 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 633E518033F7; Wed, 23 May 2018 21:19:42 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w4NLJTVw028820 for ; Wed, 23 May 2018 17:19:29 -0400 Received: by smtp.corp.redhat.com (Postfix) id 5195A600C0; Wed, 23 May 2018 21:19:29 +0000 (UTC) Received: from mx1.redhat.com (ext-mx16.extmail.prod.ext.phx2.redhat.com [10.5.110.45]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0B41F60BA1; Wed, 23 May 2018 21:19:25 +0000 (UTC) Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on0040.outbound.protection.outlook.com [104.47.36.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B921330C1341; Wed, 23 May 2018 21:19:23 +0000 (UTC) Received: from wsp141597wss.amd.com (165.204.78.1) by BL0PR12MB2449.namprd12.prod.outlook.com (2603:10b6:207:4d::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.797.11; Wed, 23 May 2018 21:19:03 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zJXjqwlpnXs9+pCAysxKCrSbWspbvwbfZiefg0GZLeI=; b=19wumG89dBuFWHaR+GWFxUN/iUbCcQbYa44yWQ4P5K4YhJaxndOt24fZ7lJRXy678Rd7W8QbEl1XbFegkMBx4nDNQDXJBSCK1zlChFm9WhIch82OdHoGbsJB7NExL63Cgu0CuMu+yafavHoFu/oSFr1kCDwrxMowHyQ4dUX8apA= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: libvir-list@redhat.com Date: Wed, 23 May 2018 16:18:33 -0500 Message-Id: <20180523211834.15817-9-brijesh.singh@amd.com> In-Reply-To: <20180523211834.15817-1-brijesh.singh@amd.com> References: <20180523211834.15817-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN2PR01CA0050.prod.exchangelabs.com (2603:10b6:800::18) To BL0PR12MB2449.namprd12.prod.outlook.com (2603:10b6:207:4d::31) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BL0PR12MB2449; X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2449; 3:MgPo/1Ghg5vBEcukZkLQGk6YCYje7TP4E/MaCkNckz/OajWbHZlHjGLCB/xMcsPtA5P0OUH89MvMtMjYxrjZfzGLpULnGC0CFdBuK3w9g2IGEIsAPwuUrnTTWrQQmy1Jbb+iodkZGp7QftqA35NCtQh9/Lx7mI/yEeBkxUwqYeeSIYhFbnKkmVTy/2s2Vvi1lAk4TjKSrSZBsdPJkH0u1l0cLEbO+qtJonyH/LcDA/cTbtbrrtOSEAK4lZgUVcD8; 25:f+NHu+StrVzQiYU/hh+ysaf+XdKCKyAVxVSttFNTj1IdFa1HLHGhj3ufZk19drjtRyMp/4PJ5ak7Zp/wAXhJnSdPEFwVtTZBGxxJ7DbLZSwFRGdY37FrFYxa6PfVZRN0uf9XgCkXdwVsODKd3DrPeyWjWsywaXUIlP29DdXV1ECFK3CldDXL4R3zrPsFbQA67buWAMvfJ0vQPVDA3ucDv6rZCSrpdtNudvrjIMq/9QSyUEEj5PfvWq34YKA3aZDDnFLvPrTXib/sgjauUamVVwiFyuji/J4BhnOVugy/QONyuyzjqjRKN0XZlOhGjo1/hfLO31MuCD5qvpW8gfCIFw==; 31:RNIje4V3Z0Cr4F58fx5CdYs7o53kMAj4xRABwucSh+GgLLZI0Y9CEclte3+gfazTH3DbYAg4V/W2Lcp+z4IRcbqwknEihMbzzwypgTpkq6rWZ+YkTo4Gx/A6kSKHnZ2gPE3rkuUNVdt6T6qBzLygRZC7UnItt4ksNntIGJmuYTIl5X/bXmvqwiohXfFkB3G6QggyTu+MOg5Y7jtCtAEUDFCazgfEwie8dg2r9EHFPxI= X-MS-TrafficTypeDiagnostic: BL0PR12MB2449: X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2449; 20:ZsDrRVKOiY8pwxbTo8VVOy3xj2wtzJ2p+mmXyac4hAKTR9p7M9R4HSgFYUWSxbJk4cixGDbA8lZha6/bmdjwVBuxEOkONkS3OKgUMTb4yHrg6BKAiM7y1K1x3wjRKbHXSvHNa3BCu9pWiH141hd2qa2nSx5g15vXtlLjPrUMSUW+Jgg/pNNAZxcTOOvl4+28EnZXlH1Z+Skv9RNYoagu235bSguy3hl+M4K5IqGNOWMYegm5ji/H6wEg5irFFbh2mBRZoF/IS1GX2jjWGHCvLP+Gm+BUckjvonI27AmSiBRxtB+jkDki71EhJY8xNCM5yvdhEH5ofXTcIjdoaY39rLmLoxdHxvUpPUi/HI3zSi45awJyvYt6WgEVlGBLzVfydA9G0W2mRqJOa8JAGtIsr466zjlAULh5eZS2N2xpt5o8PpKjEMixbdBziAIaDMorrWwKVZYkFDYNpfKaifxNBW6OeYVscPEBHENU2CkB8Nd4mm1wL7nULwnzPoGkhrdg; 4:OTLFxHtxcGG6sQPBHfc2Immjf4Tp93HOGk6hKbIIbSmKucGQZz82z45X5gwTSt+n2FyqZUJrzC5fNxilDquTiLX3jF+fN87GM6BXhU173hrgHYn8zk2CRPlCVcePuujIHOIFvwp3WRw0/pjZNzeCAJZHZuaRL2ck0cpGN8l1ywvuE83zpHVdv6H2cmNTrDA5IsPUyHSVsNs8RCOlcZfofCWy+pMZt1OF9JzaoUqJ+0YmxGZsFA2jB5WQcNNIT9wXKJMpgtz6ZZoBkxHgTTo/3dELCKCKhvP0ypPWvgft4a/Wi40ZBp+vh//KRk1ZHmyURZ6vNVESvIQVMGd4JrVxJg== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(767451399110); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231254)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123558120)(6072148)(201708071742011)(7699016); SRVR:BL0PR12MB2449; BCL:0; PCL:0; RULEID:; SRVR:BL0PR12MB2449; X-Forefront-PRVS: 06818431B9 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(346002)(376002)(396003)(366004)(39380400002)(39860400002)(199004)(189003)(956004)(6116002)(53936002)(1076002)(3846002)(4326008)(2616005)(36756003)(446003)(97736004)(11346002)(5660300001)(66066001)(16526019)(47776003)(186003)(6916009)(6666003)(44832011)(6486002)(86362001)(16586007)(2351001)(26005)(478600001)(59450400001)(2906002)(76176011)(2361001)(51416003)(68736007)(50466002)(25786009)(476003)(52116002)(7696005)(54906003)(48376002)(7736002)(305945005)(106356001)(386003)(316002)(53416004)(486006)(81166006)(81156014)(8676002)(105586002)(50226002)(8936002); DIR:OUT; SFP:1101; SCL:1; SRVR:BL0PR12MB2449; H:wsp141597wss.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BL0PR12MB2449; 23:d9+N8+jlwWIG8Ho/D1mDDXXmLVJtX5TbGTKrwr2M3?= =?us-ascii?Q?9cKS2SgtgZAnKH+Hzlv+Z3jqHIS3bunjJEYHoCZEBxF+vQcMC3tuiy+puDWl?= =?us-ascii?Q?/N5F+IQ5f9fkRrDI2GA6GXh++e2JLTg9j7SrdoIu5E6sSXlA+kcO4Ev9jiWd?= =?us-ascii?Q?GBlrXaqyAw9boztsyQE6xzcnFQhJ2p9LRQd/+RsHuhmJXmKZwlnx1fhs66nL?= =?us-ascii?Q?cFWyEB51OKR+zaQQb7UchvtutgX6UjYlQBm/eJbMV5Gp76oAgiMdXSe+Hdh1?= =?us-ascii?Q?1j1LjpXN3AIKzOUnSZD9WRuIyKvw4YCkwv4tKz2zh/Y0h5wJIFQsKpcP9SU7?= =?us-ascii?Q?/BBl2+fBP3L9tH9zwAuHskL4GMT7rSBzgjZPRtOTKzWkpVu+1G9d5Z9grpOq?= =?us-ascii?Q?FYO4FnGnseMJfLvJ4jurIolZXqsHMsuW7xw28nXNWKYzTOQDZsd4Vh3/0sLn?= =?us-ascii?Q?bf7vhmYLYzoRLPQEHispiDvmatqeFxqtmzLGvppP8Tbi1zIxOnN2K9YSb7hm?= =?us-ascii?Q?JXWAiadz9lj8pV1zq9cldcGNuDRMYEgxJkNPy1maYHrG8wj8fJKWTzmsxOKB?= =?us-ascii?Q?VX1AsKmmF384kap30VTuqBKJZRhg1Evya/rqqxLPpVBkhNttOlPr9V8rG/ro?= =?us-ascii?Q?UrSLybQ9nKr4YbKpv2FsH0v/8XgoRZpWe4PLR18FvwATjSec2CjAwFHJO5mg?= =?us-ascii?Q?CiIWXigdSfN+tbVOnDDdAqDlnOjEAx5jY3NFa7XeIZ4avEXXq2ld4QkjNCCH?= =?us-ascii?Q?IhJ2pYbCKHGHv8RfOMe5G6zy5N/1c7YcNs2Qop1sui555AdVPxcxY2A1MKw9?= =?us-ascii?Q?0PmV3eVHNM4ya4pJ3Gzr1SvUwU8PB5DIPU5UhJ3f/nOBXfdyTWqp5o/VDd+o?= =?us-ascii?Q?eJ0GzfIsBcEPextV/2NOQsHo519i/cPgLyJKlxbt+Ip+Ec/EKLWFR0EoSafr?= =?us-ascii?Q?fcv55vI5f9bdRga0kjyapOVymoEhZUP9B+I1/0ZUUkhHOLGmIkm0ettPjZUa?= =?us-ascii?Q?pxLakLzA688NpsV5B5s4gi8Qk+itYuGMCrwrPgRsv0hHCzrQNHFwnQrtDJvi?= =?us-ascii?Q?M0Z8JMxndXRVweENaHPkPcJkoOmN5V+tyOdGNlqLk5Nxs9XDO5d1mGUYIDpT?= =?us-ascii?Q?/ag7frJlmK2rOSpwjWUXHuxNmuIRW4bfDB3r0OJQOphzCetMDGJp7dwdNw25?= =?us-ascii?Q?15CpvKBGRZZIlAjPPpwjQxXmbr0bmSXrIItg7U0tbxShJ2HirWNtLvHVc/8T?= =?us-ascii?Q?JXNjYnkqiDhDV+/nPCgMAVNZ1SBEyFhVmODgAdU94GFx3kFdGAZ1AHo9ccqh?= =?us-ascii?Q?TUT/n4OWoyTeEDBlo3wnV0=3D?= X-Microsoft-Antispam-Message-Info: n2FhABkqMjqldUfYOi4mH0ivpwRVK4sbWwPST14JyeLxAtivKzoRkA1qZ4l892rLeZw/PX96SPkuWLAPBosS3g2o2FFZ20xesVOdZzyejqRaSx56e3vl6QI8oncNkKJfUqbSFRpsLdSQ9tjwFqRyKOFkk7KHzUSAbbrZZk69jD6lAEWO32lyzrRE6PMUa03o X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2449; 6:QfcaXsjk4hWSliKG7yOZgXPakhZ1XTb3xJQFZm0BRn6ktwidyZeJC3TJH899jeGLjDgHN/HX0kQwFKv4sXLeZ84UxOK6CUP4xNVMdPpIQ+eQD0UoSy8SMQdDCtILStQpM8mI7r0XYAgYXj/i0xEvzX9FaiedDx0edv59XBNtTDhVBxIU5QASoV2ROCEltGJ0tnuYlQcc3r7GDMw2QrVqYyKL16+OA+PY8j1trCvred1QArA+pkA0XFfBlnAUhG+Mu+8sDGKrcINOaxmdwRjFH5NcWYPCg7bdanX5xl9U9FnCO0VLSv8jCd3zvF1C4tKdBi1wyc1GjmoFzHHPRrOXGzX/6rhgSKGB8JSrFltbUxtsi9VZ3ih7IDbnyxwv62tMU0/7FVHKOFnykydXOMZZ+HBcp/Sxa9trnHXsB86xDr15BTiXiyq2isCaLsjWDfV5TbYsoBBLi+GURlicMLGytA==; 5:OMkq0E87r8NYYliJDLLClWy8fOjXez9S87Cz3IfkSIiCuoZ9vjKqW2DiN3EBk19M5WyfgCDmtObd4gFpdQ30/QT0Qc7+zA3ZcSAn4/kNO6tI+3oNciVqkYJSMFCOZ0LS9YEbGZrQR41gdwkWcsTv4BskODGAwdvbfb1WPmNW0qU=; 24:B7oiaI8nf9sQtkdImdF/+RVwFcoUCkkRVgi2fREk0AQetiok9fljUc5eH2Nn33DiQa/vuRaLeUf5mm4Xm5GekRQ8rsUP9m0bpfKvy4i45ZU= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2449; 7:XrL4KUk4Htm0zFVS4yvmzTqJ8+bKQtjv4smrPMl4j3FtwBfe3AuSBKZsHywzroD1t3m0ih6ndfFoGvhOoJ0iCL85DUv6m8buY/FKbdjTSw5npBiyH2imvkhTQiWgXXBxvM/vQEJiBw/y4m1+RJyYnv7JEZua4l7bnuanEk1i3RRB0+0HwkqU7TW3bMw0erud2bCs/HRSMclaXq5deb1Sj5oJbIcR2rpTqBNs2RGZP92blmSdQ+IYH5k3XmnJyaz6; 20:fNmAVLloKGKc8HMnELu+Ju80NasG4w7+erTePoKmgizaLNKnR1EMy0NNNEKuCDhVqIsln2rPW567epbzLDEfR82wEchRrQGBF9EQqgIAMDICkThoiPCsQXirdJfISPa+eNV4/PfSujaQKNJrBuJxzLCxif3LMAyvRBlzjN0xkqjTJbJueIRNRY3kUOFKMICs7GpUJGZAU2y535ByfOuoiZiomCedVaXXStFjazqe7fo76I6vd/UqMXDXJ48PkFwh X-MS-Office365-Filtering-Correlation-Id: 99fb17d0-480d-48cd-96b4-08d5c0f2cf79 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 May 2018 21:19:03.1429 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 99fb17d0-480d-48cd-96b4-08d5c0f2cf79 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB2449 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Wed, 23 May 2018 21:19:24 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Wed, 23 May 2018 21:19:24 +0000 (UTC) for IP:'104.47.36.40' DOMAIN:'mail-sn1nam02on0040.outbound.protection.outlook.com' HELO:'NAM02-SN1-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -1.031 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL, SPF_HELO_PASS, T_DKIMWL_WL_MED) 104.47.36.40 mail-sn1nam02on0040.outbound.protection.outlook.com 104.47.36.40 mail-sn1nam02on0040.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.45 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Peter Krempa , Erik Skultety , Jon Grimm , Andrea Bolognani , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v6 8/9] qemu: Add support to launch security info X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.44]); Wed, 23 May 2018 21:19:43 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This patch implements the internal driver API for launch event into qemu driver. When SEV is enabled, execute 'query-sev-launch-measurement' to get the measurement of memory encrypted through launch sequence. Signed-off-by: Brijesh Singh --- src/qemu/qemu_driver.c | 68 ++++++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_monitor.c | 8 ++++++ src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 42 +++++++++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 2 ++ 5 files changed, 123 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 3a328e5d4679..6569dea32fce 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -21194,6 +21194,73 @@ qemuDomainSetLifecycleAction(virDomainPtr dom, } =20 =20 +static int +qemuDomainGetSevMeasurement(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + int ret =3D -1; + char *tmp; + int maxpar =3D 0; + + virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); + + if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0) + return -1; + + if (qemuDomainObjEnterMonitorAsync(driver, vm, QEMU_ASYNC_JOB_NONE) < = 0) + goto endjob; + + tmp =3D qemuMonitorGetSevMeasurement(QEMU_DOMAIN_PRIVATE(vm)->mon); + if (tmp =3D=3D NULL) + goto endjob; + + if (qemuDomainObjExitMonitor(driver, vm) < 0) + goto endjob; + + if (virTypedParamsAddString(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT, + tmp) < 0) + goto endjob; + + ret =3D 0; + + endjob: + qemuDomainObjEndJob(driver, vm); + return ret; +} + + +static int +qemuDomainGetLaunchSecurityInfo(virDomainPtr domain, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + virQEMUDriverPtr driver =3D domain->conn->privateData; + virDomainObjPtr vm; + int ret =3D -1; + + if (!(vm =3D qemuDomObjFromDomain(domain))) + goto cleanup; + + if (virDomainGetLaunchSecurityInfoEnsureACL(domain->conn, vm->def) < 0) + goto cleanup; + + if (vm->def->sev) { + if (qemuDomainGetSevMeasurement(driver, vm, params, nparams, flags= ) < 0) + goto cleanup; + } + + ret =3D 0; + + cleanup: + virDomainObjEndAPI(&vm); + return ret; +} + static virHypervisorDriver qemuHypervisorDriver =3D { .name =3D QEMU_DRIVER_NAME, .connectURIProbe =3D qemuConnectURIProbe, @@ -21414,6 +21481,7 @@ static virHypervisorDriver qemuHypervisorDriver =3D= { .domainSetVcpu =3D qemuDomainSetVcpu, /* 3.1.0 */ .domainSetBlockThreshold =3D qemuDomainSetBlockThreshold, /* 3.2.0 */ .domainSetLifecycleAction =3D qemuDomainSetLifecycleAction, /* 3.9.0 */ + .domainGetLaunchSecurityInfo =3D qemuDomainGetLaunchSecurityInfo, /* 4= .2.0 */ }; =20 =20 diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 3b034930408c..977cbe5a41f8 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4226,3 +4226,11 @@ qemuMonitorBlockdevDel(qemuMonitorPtr mon, =20 return qemuMonitorJSONBlockdevDel(mon, nodename); } + +char * +qemuMonitorGetSevMeasurement(qemuMonitorPtr mon) +{ + QEMU_CHECK_MONITOR_NULL(mon); + + return qemuMonitorJSONGetSevMeasurement(mon); +} diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index b1b7ef09c929..8a64ae5f3d96 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -1137,4 +1137,7 @@ int qemuMonitorBlockdevAdd(qemuMonitorPtr mon, int qemuMonitorBlockdevDel(qemuMonitorPtr mon, const char *nodename); =20 +char * +qemuMonitorGetSevMeasurement(qemuMonitorPtr mon); + #endif /* QEMU_MONITOR_H */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 24d3a2ff412f..041f595ca1e4 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -8024,3 +8024,45 @@ qemuMonitorJSONBlockdevDel(qemuMonitorPtr mon, virJSONValueFree(reply); return ret; } + +/** + * The function is used to retrieve the measurement of SEV guest. + * The measurement is signature of the memory contents that was encrypted + * through the SEV launch flow. + * + * A example jason output: + * + * { "execute" : "query-sev-launch-measure" } + * { "return" : { "data" : "4l8LXeNlSPUDlXPJG5966/8%YZ" } } + */ +char * +qemuMonitorJSONGetSevMeasurement(qemuMonitorPtr mon) +{ + const char *tmp; + char *measurement =3D NULL; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr data; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-launch-measure", N= ULL))) + return NULL; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + goto cleanup; + + data =3D virJSONValueObjectGetObject(reply, "return"); + + if (!(tmp =3D virJSONValueObjectGetString(data, "data"))) + goto cleanup; + + if (VIR_STRDUP(measurement, tmp) < 0) + goto cleanup; + + cleanup: + virJSONValueFree(cmd); + virJSONValueFree(reply); + return measurement; +} diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 129aab22bf98..66db6653fce4 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -349,6 +349,8 @@ int qemuMonitorJSONGetBlockIoThrottle(qemuMonitorPtr mo= n, =20 int qemuMonitorJSONSystemWakeup(qemuMonitorPtr mon); =20 +char *qemuMonitorJSONGetSevMeasurement(qemuMonitorPtr mon); + int qemuMonitorJSONGetVersion(qemuMonitorPtr mon, int *major, int *minor, --=20 2.14.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list