From nobody Wed May 14 02:32:30 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528221642630678.2948010305946; Tue, 5 Jun 2018 11:00:42 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 635EA309F0D3; Tue, 5 Jun 2018 18:00:40 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 20CD5600C9; Tue, 5 Jun 2018 18:00:40 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A296E4CA83; Tue, 5 Jun 2018 18:00:39 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w55I0J69029119 for ; Tue, 5 Jun 2018 14:00:19 -0400 Received: by smtp.corp.redhat.com (Postfix) id 69CFD60BE0; Tue, 5 Jun 2018 18:00:19 +0000 (UTC) Received: from mx1.redhat.com (ext-mx03.extmail.prod.ext.phx2.redhat.com [10.5.110.27]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5DBA560F86 for ; Tue, 5 Jun 2018 18:00:14 +0000 (UTC) Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0085.outbound.protection.outlook.com [104.47.34.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1A90E80F79 for ; Tue, 5 Jun 2018 18:00:13 +0000 (UTC) Received: from wsp141597wss.amd.com (165.204.78.1) by BL0PR12MB2452.namprd12.prod.outlook.com (2603:10b6:207:4e::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.820.11; Tue, 5 Jun 2018 18:00:00 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kq1kSgRLUL8EcUMHSYSxrKYQzWPprvUOCyqOGdpH88w=; b=eg6aAKbj/y2G0KcMn07X2NZ3eeUUWihq+nrBj7dQGRIEoPYQSpVbV0mpibFFryX81RZpe1O7kQ6NtBxDdC/nr/6tpsq0LWqDk9r0JxnkYCqIF+YP90Pz+ckj1/eNW/T26hSgnVCbuRvnwU6ykZVKfbvXTQbFMHpuzeDrTKeg/0o= From: Brijesh Singh To: libvir-list@redhat.com Date: Tue, 5 Jun 2018 12:59:32 -0500 Message-Id: <20180605175932.62322-11-brijesh.singh@amd.com> In-Reply-To: <20180605175932.62322-1-brijesh.singh@amd.com> References: <20180605175932.62322-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0501CA0018.namprd05.prod.outlook.com (2603:10b6:803:40::31) To BL0PR12MB2452.namprd12.prod.outlook.com (2603:10b6:207:4e::11) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BL0PR12MB2452; X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2452; 3:qZSNMx/gDXybiez5CkNOhijH9vFTAcDshUysol87+U4ClmfQDc8zAXY3nReJ1Akn+CqKXE9pFHg2to+ALVkYSm/0rHQL8Y8M3hv4GgQmgeeYmEJLEASDxdJqg06KUQ4u3sH9InEB1oFWIghYZVsfJ229e5z4+3ovft6eu9QRlcbT/icrITwHu3LKHzoWKO4crbhCHgd3YZi/kSF00hrGeVvDndG0jIl9O1Yp3IuVplJ8bbDrHE00eQSuo57fDh/O; 25:vCZEQIffeIjPuCGo2ZrqVDck+j/lEijeSc6y4peTfyyIsauPUfRVrIDz89z8kAAgbPLUu+at0gziZ3+M+77xITaWleYsp28KsUbiA+iqu3Oew7VvhsbMI/bvnaWYmvcWcwWZs10TaxEdjHmvqNXXP7aCaPwGqsrUCMjQXIB3R+0cZQHQFGCEVditr2N3WW5KBA/FPQ7p+FxGpcFdyYXZoaPjjVpbxCgKkSn9rJWL4wmsqpF54csEP22UNNW04W4hu/AfxOJbA5c/WVsaFAHsjLyLsx96ikoy5EnoaAxhN64fQKnFTEY5HnRcII6gQHo02h3BccljRM7TdhBoISOxYQ==; 31:f/FnnMNx7DB+QtQ5csAxcRLFLQUHepTax7cjA9TDhraA8R2x/vAiC2xJqNiMF5Ys0wWecD/wqLLhSpsNfk61ZNv8CW0K7++J0AMxEa3WHV8d28Cm/pAiffQrI8IyFaT2iENI4NQrr9riwqAAE4iIL2RmZFDBhdDYdJpXaEPlzqbwlBDU7rklcoWCMu+Kasi/5Ys267X3Sqkfaf5YaJwmKryADj9Y+W1V8EfgPBpMUpc= X-MS-TrafficTypeDiagnostic: BL0PR12MB2452: Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2452; 20:RkrayflVPDs2skY3gyRolhwLi/ivt/z3Z3fa0prehvEuTPNrjLLqwn2calrBL0wEU5+9DfWkEWtRw3wSfZDy2QK1L4OkVmxWCKayopGoThVFFubvghLB5tIawKJrOuUvOBgGi6GGrwHeNwzkTzSMoft4gfSrCb7zwyEETrMv39Pc6bnsGeBXarVb1F4xsOkV6yrfTuwKTuzIocmAZnCz1NxPeIZRLNmLrCDL59jIDepJCmmgrIUPfd7Jcxo6SCI2s+EYv1qkYn6qL0BiN44rJCRp4TGQZZa2a7O5YsXRtYo3P/Sq+LAmaVZqTuhRxFL33rRXV9fPXn/SzHiqkwbrixBHn/sgPu587LNd9fMVAspdLmUqoekBihYXMo+kXfrp/Spvv6FLo4S/XSWeWabPHu5iKDVw7xz4ne2gjfvpJnfrXYgb0ZZkLujIyBpBNXPpZjUfE47xHkJ4MInRiSDWYtvPOmWcQGoIK0m9i0B898GScuWFUagrqzE/VxKmZZOC; 4:G/fpRIVA+gnzPi2ckcJAo2uf9zzYThx/vZRH2SKy/o7BttzqNDOPtnnZLcQ5a81ZknUe1fj98eju0XKKPIcABJA7bhDif/97EUl/uehnvWzj2OFeKJxpCyORLZBu8f4iX6YK0A2kn1IFzkVthQQnVUx2E2Ssg1fF+PiHiyQeT6ucjaPXXx/AtUG3q2ZpIODD69a8xm6GhEbAqfwDDCSWHCa0LR3eNiCEy/j60CZ6zh1TUQJcug8IQ8E26dKqLpcH0TEqRFxBIQIQ4lmYP/VsRhlLrE9fwNid4KIgkiWusjqwPwLuNBFI8Ytc+OMicJ3JhIX+hDO3yY/EvMJdARc4iw== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(767451399110); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3002001)(3231254)(944501410)(52105095)(93006095)(93001095)(10201501046)(6055026)(149027)(150027)(6041310)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(6072148)(201708071742011)(7699016); SRVR:BL0PR12MB2452; BCL:0; PCL:0; RULEID:; SRVR:BL0PR12MB2452; X-Forefront-PRVS: 0694C54398 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39380400002)(366004)(396003)(346002)(39860400002)(376002)(199004)(189003)(6916009)(1076002)(59450400001)(7696005)(2361001)(386003)(106356001)(2906002)(52116002)(53416004)(4326008)(68736007)(105586002)(8676002)(81156014)(76176011)(6486002)(2351001)(25786009)(81166006)(54906003)(36756003)(6116002)(3846002)(97736004)(47776003)(50466002)(6666003)(7736002)(44832011)(305945005)(26005)(51416003)(956004)(446003)(476003)(50226002)(86362001)(486006)(2616005)(575784001)(16586007)(478600001)(8936002)(66066001)(11346002)(53936002)(186003)(16526019)(5660300001)(316002)(48376002); DIR:OUT; SFP:1101; SCL:1; SRVR:BL0PR12MB2452; H:wsp141597wss.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BL0PR12MB2452; 23:Rg2Art8CuvzPyos7uSUb0mNaA8SjgXVKyHf8E4Y/y?= =?us-ascii?Q?sfD9A/8P5JIeom0TDKHVauhf84230yU6foHoxcf0z2tGEgWwPK3cbZKD1irF?= =?us-ascii?Q?8bKJvdwN2k5oOLvFKqjtbHsYtwMY7iTy3Sr5TuXgkmJxvVz/sXeE1pESzGa/?= =?us-ascii?Q?He79coh8RmVmDJDTKG/WFuPXY8PpppVGZ2zCH0IgbG3s5AvRsNKDgksUEMmE?= =?us-ascii?Q?1YkDcS0uYdkSk3jI+4UGz1cQ2tJEYwrYYvZSlVKMh2E4iiFFM7kpb+T84mFa?= =?us-ascii?Q?/E2gFamtuc6ONSiuBtQQi543lTGSlpljJXWuSShyKFOFTKmGUkAf9qW/sMUT?= =?us-ascii?Q?lAhc9sFvZLOGmZthZj3aDjDZTSXdQStpJ1x+1eLCwdKnUOL3BDjRfflpFKu7?= =?us-ascii?Q?5OqLULSSwnGSxbZaeiFX7y5JNUNK0Ud/ITbtpftdSP1BOySWwrR6nbeGZQYm?= =?us-ascii?Q?h66S2sW62dUo4Vqe8KgCBimnc1jcD53u+hpxRokboy10szqw5peOdKioakXT?= =?us-ascii?Q?iq8GHiICE1p+gL4QzfoLgu26DjzBn6160D1zfMqBvQEYflMWvXsdC24hDyrt?= =?us-ascii?Q?BWPbr3DM1rx/TSaS3h4bwRRWI8T2G4wTLIR6IK6RjPY/gQaFOPNTkgbIra/6?= =?us-ascii?Q?zOPr+QLO7vBa35vR1K7e1ogjJZMb5Nu8eE3k0X2KGz/VX96HgfYzw8XyjKVm?= =?us-ascii?Q?XRdgVQud8uv4Yz5g5zPQMjDA9FpSOjracfBxsGzPE16DAoJmvoDhtfW+TOUY?= =?us-ascii?Q?9wqWBMPXI5DmnZe41uTwtv8WtMQWxsmTYNC5rgRA74GhLTRVnaDwGqw1AfTK?= =?us-ascii?Q?NyyIc1hr7Cx/cCCLaeeKf6nJkTkYe8fxvGrCW01JoXnt9IZazf7aDrsgDTMj?= =?us-ascii?Q?KGWhgH+ZfBWF8WkXdsZ33zaEx1xmULJpt6U32DDmLS56UkuRH6gR6hvUd/V+?= =?us-ascii?Q?Qht2O92FoQcxtt4eQHdpjty3xpRaq+9nBriC8teMt3vbEAyYghnkG35dwIVM?= =?us-ascii?Q?8Nw1nrw15BSQyBQsTo95ddouX380ztKjziV1d6leGVS4Q9+sbg8lEaZ38NvU?= =?us-ascii?Q?6c8Rvj/6y7pCQRnUfN9yMD39I4/8uKUeIfX/k0Xyt+XwInrOVu9va6GF12Xx?= =?us-ascii?Q?sxntDlcJlXcy4T8DibtunWDsBbf6Yu3F7HClXc2ndZerb/HnBomJZyJEWMth?= =?us-ascii?Q?jQfjtQKTapg8ykuNirKjAchzAD7Md+w6wB4IbUHB9YzQcl4+EOhDNCwFk0yy?= =?us-ascii?Q?cbLU4kXWrbWS7EF2h6MJEMDJ2Um4QrADG85A7ZSWH0Mn5hG6ic5t849mjvP6?= =?us-ascii?Q?UD4lfz5QW22PHjZEwFJzYFfyDVVjo9Qg6sh/211kIe3?= X-Microsoft-Antispam-Message-Info: A9Hanud+mVEZrNunBMHDDl00ho5aJgmecFN13q4qWEjGZOmYyWRMfCPxDzsXr9veLdbHlj7c92OBcYeuSMM/Ni+DUQ4UyqUYSKLceWhabRHniDi3G/RPcR6P0OGmKHpsSX8Xk5BHqt57mV0/pyokN2ipxOeT6jgIkiGgH0UW920GlmsNd5jBaN1TnF1EUKu5 X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2452; 6:2bazIA2hQa24PwyUKojZjJxcB3r63ALuqDbBEoLYvk53imcnpbBwOj0v6Ris73iqKbKxMOJkWMB3ECVSb2ub10rpZKaIt4U9cY2Adn9sLIRH0d1s2X0929x75EYbvfhGVTscr6C03uKOVwwNq2t4N/RZ5AVJDqnGGySl7+iDOsRXmDE+V+5yV9RXSN+eBUEM9uzJ4ujuhSRxYKhyf3eEqchXyr74V3MfNy/Z3nt1XWI6RsvMPdM4WblGT94uGIYKlNVTY0jw3doa71rZTEMHTs0dQVw8SHWimXk9BAnSMLKLAhAQl8pDxv8KsgT7ejX5snylJmNn3kj1MXeK4We9ny9lMhkm1rkiAKfFUxS6TSONrzjARflr2Zt79jB8RWdlWX2RlC0ksrxuN2L4i5t+/0kVxb5F6tDsesoixzaEXciM4IsgsDTcMSBfn4BvklpYHaXzR3zAnNnV3ePM1NKOBA==; 5:YANpWxF+EGl3EoMujJysnFBFOBYTGNHU2Pn7i/hR9nzvYQvdq5Gn/lXI5WX9lSate6Um6sWq3A+pj86Tp6WRPRvGdP63KPW6gZk5m4gmkB9SJ7lp/oOrzWzzVXi/JgEst5ylnKTas/DHmMwooD0qitjzS+zfSeHikEMLtkK4Gqs=; 24:HXHDFHgudmCTR/qLKhxEhxN0DeGU1yrYE3uRdr4i6pPkuq0GLpwl2qeYIMG5ipvZb6xtEIuBS43r7s9vkcOQSLX93CfSlNmWS6RHfIbJI3o= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2452; 7:zjtC4mUr0MJD7Vf6KKMJS65ByZlxK43skmGhWwRWIJY0q6JnvejUhh0qPG2pMjJlB3mZg/N5MMjF5Wx2wlMh5ot0z0xNPN0WOfs8B+ckoPLgTQ9Kc89Kw/Ts3YPOjYSKvgm1RXJpVqHePddSDsgYszQggyjqKhX2oimStWcRVTXB2KAW2QJGiHyn3J2BlQaSVICVDzwjuEO6FE2H26y3hbEACXmpff5dQkd4nYYkHhM6FMa4vaT3FYArdGJZLDfd; 20:yYAIWSkqndcMTsu+S84AmiAUqHN9nqEAlI6z0GeXwVLaa1E3FpWkwC8cWbqiJ2mznpp4h003nGOxhRfVTgLLIhwdtJg+VbKhylUN/HwV4a4hbo29kmC6Ap/LYcVXxXiVqawdmqHvZnJx1DhlCoYRvSuRTzvPtb8292BqUEJDiShAaPvp5QAYgMagLcvHXbl1ZHd/A/tc2ZM9wPLQ/Pl2PzKSnSQ8I3ljJC2PVMamuQ5ZMh1aPfzJnoE3JCFzsOGW X-MS-Office365-Filtering-Correlation-Id: d3364275-0433-485a-2323-08d5cb0e28bf X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jun 2018 18:00:00.8753 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d3364275-0433-485a-2323-08d5cb0e28bf X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB2452 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 05 Jun 2018 18:00:13 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 05 Jun 2018 18:00:13 +0000 (UTC) for IP:'104.47.34.85' DOMAIN:'mail-by2nam01on0085.outbound.protection.outlook.com' HELO:'NAM01-BY2-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.021 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, T_DKIMWL_WL_MED) 104.47.34.85 mail-by2nam01on0085.outbound.protection.outlook.com 104.47.34.85 mail-by2nam01on0085.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.27 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Jon Grimm , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v7 9/9] qemu: Add support to launch security info X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Tue, 05 Jun 2018 18:00:41 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This patch implements the internal driver API for launch event into qemu driver. When SEV is enabled, execute 'query-sev-launch-measurement' to get the measurement of memory encrypted through launch sequence. Signed-off-by: Brijesh Singh --- src/qemu/qemu_driver.c | 69 ++++++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_monitor.c | 8 +++++ src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 42 +++++++++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 2 ++ 5 files changed, 124 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 0fb1aba..6813a42 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -21528,6 +21528,74 @@ qemuNodeGetSEVCapability(virConnectPtr conn, } =20 =20 +static int +qemuDomainGetSEVMeasurement(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + int ret =3D -1; + char *tmp; + int maxpar =3D 0; + + virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); + + if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0) + return -1; + + if (qemuDomainObjEnterMonitorAsync(driver, vm, QEMU_ASYNC_JOB_NONE) < = 0) + goto endjob; + + tmp =3D qemuMonitorGetSEVMeasurement(QEMU_DOMAIN_PRIVATE(vm)->mon); + if (tmp =3D=3D NULL) + goto endjob; + + if (qemuDomainObjExitMonitor(driver, vm) < 0) + goto endjob; + + if (virTypedParamsAddString(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT, + tmp) < 0) + goto endjob; + + VIR_FREE(tmp); + ret =3D 0; + + endjob: + qemuDomainObjEndJob(driver, vm); + return ret; +} + + +static int +qemuDomainGetLaunchSecurityInfo(virDomainPtr domain, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + virQEMUDriverPtr driver =3D domain->conn->privateData; + virDomainObjPtr vm; + int ret =3D -1; + + if (!(vm =3D qemuDomObjFromDomain(domain))) + goto cleanup; + + if (virDomainGetLaunchSecurityInfoEnsureACL(domain->conn, vm->def) < 0) + goto cleanup; + + if (vm->def->sev) { + if (qemuDomainGetSEVMeasurement(driver, vm, params, nparams, flags= ) < 0) + goto cleanup; + } + + ret =3D 0; + + cleanup: + virDomainObjEndAPI(&vm); + return ret; +} + static virHypervisorDriver qemuHypervisorDriver =3D { .name =3D QEMU_DRIVER_NAME, .connectURIProbe =3D qemuConnectURIProbe, @@ -21752,6 +21820,7 @@ static virHypervisorDriver qemuHypervisorDriver =3D= { .connectCompareHypervisorCPU =3D qemuConnectCompareHypervisorCPU, /* 4= .4.0 */ .connectBaselineHypervisorCPU =3D qemuConnectBaselineHypervisorCPU, /*= 4.4.0 */ .nodeGetSEVCapability =3D qemuNodeGetSEVCapability, /* 4.5.0 */ + .domainGetLaunchSecurityInfo =3D qemuDomainGetLaunchSecurityInfo, /* 4= .5.0 */ }; =20 =20 diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index d1e4d74..a782fdb 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4288,3 +4288,11 @@ qemuMonitorBlockdevDel(qemuMonitorPtr mon, =20 return qemuMonitorJSONBlockdevDel(mon, nodename); } + +char * +qemuMonitorGetSEVMeasurement(qemuMonitorPtr mon) +{ + QEMU_CHECK_MONITOR_NULL(mon); + + return qemuMonitorJSONGetSEVMeasurement(mon); +} diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 04abd92..1472224 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -1141,4 +1141,7 @@ int qemuMonitorBlockdevAdd(qemuMonitorPtr mon, int qemuMonitorBlockdevDel(qemuMonitorPtr mon, const char *nodename); =20 +char * +qemuMonitorGetSEVMeasurement(qemuMonitorPtr mon); + #endif /* QEMU_MONITOR_H */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index b50f719..c888a34 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -7994,3 +7994,45 @@ qemuMonitorJSONBlockdevDel(qemuMonitorPtr mon, virJSONValueFree(reply); return ret; } + +/** + * The function is used to retrieve the measurement of a SEV guest. + * The measurement is signature of the memory contents that was encrypted + * through the SEV launch flow. + * + * A example JSON output: + * + * { "execute" : "query-sev-launch-measure" } + * { "return" : { "data" : "4l8LXeNlSPUDlXPJG5966/8%YZ" } } + */ +char * +qemuMonitorJSONGetSEVMeasurement(qemuMonitorPtr mon) +{ + const char *tmp; + char *measurement =3D NULL; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr data; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-launch-measure", N= ULL))) + return NULL; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + if (qemuMonitorJSONCheckReply(cmd, reply, VIR_JSON_TYPE_OBJECT) < 0) + goto cleanup; + + data =3D virJSONValueObjectGetObject(reply, "return"); + + if (!(tmp =3D virJSONValueObjectGetString(data, "data"))) + goto cleanup; + + if (VIR_STRDUP(measurement, tmp) < 0) + goto cleanup; + + cleanup: + virJSONValueFree(cmd); + virJSONValueFree(reply); + return measurement; +} diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 4c10574..6bc0dd3 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -343,6 +343,8 @@ int qemuMonitorJSONGetBlockIoThrottle(qemuMonitorPtr mo= n, =20 int qemuMonitorJSONSystemWakeup(qemuMonitorPtr mon); =20 +char *qemuMonitorJSONGetSEVMeasurement(qemuMonitorPtr mon); + int qemuMonitorJSONGetVersion(qemuMonitorPtr mon, int *major, int *minor, --=20 2.7.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list