From nobody Wed May 14 02:31:17 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528221615651132.66688080546385; Tue, 5 Jun 2018 11:00:15 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D1E6F3082051; Tue, 5 Jun 2018 18:00:12 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id EF68D308BDA1; Tue, 5 Jun 2018 18:00:11 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 879511800C9D; Tue, 5 Jun 2018 18:00:11 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w55I094I029033 for ; Tue, 5 Jun 2018 14:00:10 -0400 Received: by smtp.corp.redhat.com (Postfix) id EE011308BDA2; Tue, 5 Jun 2018 18:00:09 +0000 (UTC) Received: from mx1.redhat.com (ext-mx01.extmail.prod.ext.phx2.redhat.com [10.5.110.25]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D65BF308BDA1 for ; Tue, 5 Jun 2018 18:00:06 +0000 (UTC) Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0041.outbound.protection.outlook.com [104.47.34.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9371581DF4 for ; Tue, 5 Jun 2018 18:00:04 +0000 (UTC) Received: from wsp141597wss.amd.com (165.204.78.1) by BL0PR12MB2452.namprd12.prod.outlook.com (2603:10b6:207:4e::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.820.11; Tue, 5 Jun 2018 17:59:56 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4BwJSs+iSTySh+r3963UnlOzPsn/bu5gpogwczPd1ag=; b=KBg0/EpbYfjVRAH6g+FoFL8jnWKCAiC3TwAPCeurWg590NNnHMDOF1rFm+4JzwEB7uSXeJBCeFkB6dIVB+pHLwzKvm7n/nVqPO4inXgP8rbT8KmEuZTXzWL4/+P5AS/J77emvCqeo4wLbFKKauLvc2Y4hWdYgIjPgAnVzYixqDg= From: Brijesh Singh To: libvir-list@redhat.com Date: Tue, 5 Jun 2018 12:59:26 -0500 Message-Id: <20180605175932.62322-5-brijesh.singh@amd.com> In-Reply-To: <20180605175932.62322-1-brijesh.singh@amd.com> References: <20180605175932.62322-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0501CA0018.namprd05.prod.outlook.com (2603:10b6:803:40::31) To BL0PR12MB2452.namprd12.prod.outlook.com (2603:10b6:207:4e::11) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BL0PR12MB2452; X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2452; 3:51Nht6qrM5qhuFQ6ZI+sFa+x1OQzpJs+5Jv8xBfwgcVEgE1nFV4F4nj+SH1PCd0+AI5DnUe/qvokz1mcjzz8nSXIn72800Gfet/BxpI3mwn0kQF84C7qNJJ5GMVitEkfmt/VjHUxKm48xhvgo+rtZuFSzMWLeU0sYV/5N0Z72fcex/B1EfUb5b2PufyeRyM7RECKCO93Y8VxnxH3yTf2QkWl8H3/M7hqwUo3ZgHt3ZSThy1X9yLDZ2DVctwSqwuj; 25:xVImh2pli/qVqNMB2CY/Jc3LOPF+subYbNuJJSWzlWoGkHjw8vER8c8WBjj4QwtbnnOKpO54ML5GitizDhThoN8AAcm+Ljjh+B8d8WG2G+LQFdF54r+c6rmnaMR4F4NkbVbWpz2dcNe4LW/H76UxG7Dtn2HbaC9vauA7re+dUnWKTr3Pg4hQcgK4cFAtVyPzUTstRCTzHXegxK55xet/u0TYKYIxcwm8QmdRA5KsejMix65guP6m2wkSlEpoYx01dsmcqlYcfbXOgtxPkkNSOFX8Zdfmrva/PgAu1tm6qpYKY4SqrJNhK2MKFzVzzKbd3ih96KJmCWpj1hATVc8tZw==; 31:24pREyin0khlnYt5lRpQZQ9gVouJENuA7U4udckgZU7prvp5Xa6ZlwmNr1KWA+u05ly14yNXbrlAevOSfudNxzdQx1cXm8kTE2QdxWeIsmbxJDb6/Q/6637+ZYpLbArVpRPdblRJK9GLxeS5/PJWO40td5xAhACRfUKYhdEzwokAdJobfw37yM1IQzKt9jE/wCeHuO4gR1bzokCLnfGuJccyAxAKjfNOQZ6q2hTLvBg= X-MS-TrafficTypeDiagnostic: BL0PR12MB2452: Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2452; 20:lMkQhBHs1WtPW0+k4HZvSXrDvQ4m9aqZPz2sp4cOWtw3mfe233UoS62huS4eTskBNLI4mWosq7fiZ917URqHy7uKjnw2cjlg05IRDetaAZR9DPwMmhw2kFTmdLd+Vai1YBASG+6t1zHc2jA0Tpp1jb9RqqbBewIODWnN2yZSOATrnecL2QmF8bkFQoZ7K/CMBOzlKs6FwvEsQTI2o7kX3mLBr3HSPeCPJLbWNOI0S7n0/eTat3WAvtDyx4/549ZPTawyDYG9uPn0DLiN0PHNb1Rvsy+eibqKzC5Q92Mlzwhup2emvQg9ukyismEx0sxV4CAzJwLpRf7o/3jmIh5G4PhVnBaYxmWaqwvAIYYO91CD15TkysFQ+EJZ1OXlv+VZA3AV2LhkdHuskD4Ws74jEeoehl+dMd0BrAK7ydfABWkm9mfeAR9bFnJcOWuwv1/X+lqWMKOed5sjIoig/Ne9kWZCnbJiovb0SlQvKCjkHogHXuVSgyJt7hYo31zRXHQW; 4:gpSrRAf3UK1K2rfBVP/O8Ne6iwGLihnE7sRQACeyvVibFquxz+Q3dA90i2PK6V72zljVYjW6Zs7EysTwu8m7kOI1WwaAcaBT/kqNecsN2pWjd1wQ5X3SqHN2OZBdDtRzMQ/VLgZZUIJbfAmm5ttNae4+T9L5zl5VttEmO4tWZueppg36NowjV4L89dz31cn4zqtualHz3YF/JLXaEGWvr/obByIW0nZdZG+5KWqcTF5l+tzlZZ2C95u513bcxEeVh1npZHcXXTRMCeytYKH/7WyHgPeQGpUIhhlTyKkh6LgCZ7y9QkDD+1GWt8PxN5hPYCeCvdyjFO7DVXrehBb6UWt3nM76W5cSrViEiKv6n0mFIqPLoYSMPFwzE83pt+ps X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(158342451672863)(767451399110)(21532816269658); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3002001)(3231254)(944501410)(52105095)(93006095)(93001095)(10201501046)(6055026)(149027)(150027)(6041310)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(6072148)(201708071742011)(7699016); SRVR:BL0PR12MB2452; BCL:0; PCL:0; RULEID:; SRVR:BL0PR12MB2452; X-Forefront-PRVS: 0694C54398 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39380400002)(366004)(396003)(346002)(39860400002)(376002)(199004)(189003)(6916009)(1076002)(59450400001)(7696005)(2361001)(386003)(106356001)(2906002)(52116002)(53416004)(4326008)(68736007)(105586002)(8676002)(81156014)(76176011)(6486002)(2351001)(25786009)(81166006)(54906003)(36756003)(6116002)(3846002)(97736004)(47776003)(50466002)(6666003)(7736002)(44832011)(305945005)(26005)(51416003)(956004)(446003)(476003)(50226002)(86362001)(486006)(2616005)(575784001)(16586007)(478600001)(8936002)(66066001)(11346002)(53936002)(186003)(16526019)(5660300001)(316002)(48376002)(145543001); DIR:OUT; SFP:1101; SCL:1; SRVR:BL0PR12MB2452; H:wsp141597wss.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BL0PR12MB2452; 23:D8XJh4XDk0e/ELzC1BXymilhAE+clIqjDNdSoYD3A?= =?us-ascii?Q?9Od+N2wGCMjyfuYz+Ku7RhDKdV1EsNcbmoHiJ9G+LYiHKGzG8EOkXTOVYoSy?= =?us-ascii?Q?6mAGWbuMI2NjHUuHMJcaxGU3HJei6HSp8IhrSx2wEL/4m7Dpw2NzM0cARxJm?= =?us-ascii?Q?mlElHdSszrb3dwv/6H8ur3LZDeH2eq8eb5ipCyOZQVAO/S7nImKgWvb+wBbc?= =?us-ascii?Q?ZnX4rThzQMPtW8UvdviOStEfX4mduIYGXC6p3YlHRfSBHphH+QMrRgXaGJP2?= =?us-ascii?Q?WyAD2qaICBDgEZAIF/CI3TcmQx2wLRw9/2zBeaqSuu2O50MnCI9LB7bJJODu?= =?us-ascii?Q?gcUbLPJFKpVKjIrBk2rA6nCAZNiYCSWcDPN/7pzsegBa15iXFaexmyR+M9hf?= =?us-ascii?Q?2sDtSxeLAvk3SQ4yuV0qRingoFJZFZHvkxoY5A/6j2BlIglbRka0GCeJ8j1/?= =?us-ascii?Q?8Lqmxh8ddC1SzNhWgbCCYxfqyAcNTAhW1oe6VrJCF1Kt6ZoyZEu4GeD/Jh6w?= =?us-ascii?Q?8LUt9prZGUut923jBN2n/xvWGFIvjzViiT+Vzz2GLA8KzfKnQ5tiyNE3qK8w?= =?us-ascii?Q?Lzsa2jBIw2sEC3ye3Tba4eskR/OuYe/fA0ElZMl76gNAhOLzQgq1uWbFJLfq?= =?us-ascii?Q?z0qq4ltY0R7sfxPc8YYVlpk9jv5+CbIPoo5/x3ottVwQDjWcxZYX7EusfzMG?= =?us-ascii?Q?uG2AOiAwRG6rql4fCjB6lBBxUo3WaDcolqWCsADZ6x2f+TeBfT0hAx9IDdJx?= =?us-ascii?Q?jY9EAbViggXWNA4ZF7AeC4k9mFNXK6wvVpFMPV9TboD2oKrEWfGQkVAJ9e80?= =?us-ascii?Q?AmjkzGlCoA3gIgwz9S7JzaQJDzxNRPsaZUQpImhbXat872Vk47IMqqj3zoEf?= =?us-ascii?Q?KnFr3yYQhtAJDfM5qHJvReQgi411qvPCHas0IXhEW3fNEssaUHJ4lHwvWxbM?= =?us-ascii?Q?JWbnqz5q6xu9iMxUNfsPvVvVM6N1go9qnIDRcvxZI8a4ZehuaJpRO7bKfEeK?= =?us-ascii?Q?KHZTBkWl7prut+bpzN3J76IXdObwgblYVdfrSY0nJrvoiFJ37krrXuhyPls2?= =?us-ascii?Q?M+k5/TC4wpNfsT5A/m8I2K6MGWlBbSzFhuJCe8NGN0G0zK+r9h6HEq5Sdmh2?= =?us-ascii?Q?Lh0LnlVvpKzsnS+scmNIYWTQDXklLtfZ5ViTjwFeWDRyH1lUenSWk4UIMAiq?= =?us-ascii?Q?d7Gl8NXM6TJ+nDq83Xp2PQVnUmXeWOhnq37XzHmwRDWCTC20SUr+GNlgZE44?= =?us-ascii?Q?Qf7Kjm4KpU8xL7tJxxFR6USl90eaPgAZwuOE4A49cYSh+t9JVaFSGwvwQpsE?= =?us-ascii?Q?+CZ3y2B0YXWGt7vNnW2sQABMlBW0Ph905spN8g4pfmrG/6Xg0m/S5VYjmL7Z?= =?us-ascii?Q?QvnoQ=3D=3D?= X-Microsoft-Antispam-Message-Info: 7f0NohgqHP3lC3RLrhkcsZEM/et3WeNdYlpEuUZPUCSW9GpFOZxxJZYe9djo4MmaC71SFSWCK3soDpFbxrQOe3C6DuUHpmqOP5uxHMC8kLxDFfkyNcr8LQLhMn17WV10rBlkdLZRmCG76hbvp7WJUnXe8mLtXyCR+2i3WhYukxR8c/Jxlkfcr2DceraeqNwv X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2452; 6:lRgT8gtPmqei9+ONJ/leD5ecLBa94KjvOmiZpnmbQZnDPZbXVGmn5U31YnwV69jGJXYsODeIOA9TtZ8Gkc0/dV3hnBAtxalIrQSD+aHFmmEVOLYGTHOXpjKSVemSYhnRCbkFQfyAFKDWYxQolURSMFwxYgX+B3ynLj6bijB7JPz0tYhTTQfG/q4coo83j47BnFyU638b/JPny3kK4azem3w0HXuZdwkUeK4xJf76yzEBBOVOWbmF5qK3soCry/5V09pGNhkw6Hpq8uwrxY6J9XUSOSXVHF5N929H2t7Zfs4CKaFPxdmXboLUdw7WY7yvCIsbp4eXlENPn7C3BpNIH/4SmwGgtebnW8KY6J40tfmnIh5jSgh9LttCjI/HYI3jtw7coJAFfN1gx8yHox95AU+U+h0ZnhT+kWULmWyUQY+e6Wq+3O2XCv96daCZkH9M8pJ24W2rj0IuAplAF8bYFw==; 5:VzgRASmefhFIeKQt/LfgYnWDfliDa6YJHvhYhqj2dRfAnjaUv/xxhjLVvWGxSenx86PX+Um62nNKrOn5CyHCVFIJFDA6gSTL/KgoUABZKvoNe4ldAMWiOd0lwPucB7uqdB7Wn/Qq0zsNnm/sVgBNnmq1oEjGyZAZKtomwB4SeGE=; 24:s6FCk//yo7T+0OlLnxyErqrfVtSHOKZVF28w+e2Lr4FjyaE8E8sil7rfcH8K92ZWsj97YR8CjmpKKAv2hzrkRo+dWKI0W4Bvg0r8x+0JZcw= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BL0PR12MB2452; 7:5O0Z2G9vYHMOekD0kn1p9HRcTNU6iGXCOjKjOT6fpB+Amz5m+oE01KidXV2bcj/rsZoNT5gCImMSopGsOOs3U49ClTFZzbDdHKiv83LwLMT8vJCtMbZ6amgvZWtqaiawAebYr2QXyxMwZdZ7mN6Qj3TaOcr9zVW4/nKkzXSW0lbOVn7w6Zvzkm3tvKCPhqPIT0hMvHdY5D/eibGbAQdwxTUJjfWKFZYAJTAPQQrz8puefas8OgeNKuSdhFRFBQCB; 20:S8rtBfc2NqMpwQX25mt/XG5iBsVP81X58ilf5Cs/b3iupGMDL1X0jmoqJvTFaCmxbn76cdmqnjxeEVA+yz0wgrWZEOUYRBBUuUnV8OTHFfejtw8/zH8H8hNvCOrUko8PeaYFZwy1f79njjbkg9p3HiWYF1SHBr3GICTEJAWISJoRUnElWBCFMGsjq8u5GVWklx9ysZ4I7Psps8PWgRKp/kUloNObpjhikR5dXfQJ66IHj6nNFay2zCiN83cbIFjT X-MS-Office365-Filtering-Correlation-Id: ad949ae2-9d02-4804-472e-08d5cb0e25d8 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jun 2018 17:59:56.3201 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ad949ae2-9d02-4804-472e-08d5cb0e25d8 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR12MB2452 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 05 Jun 2018 18:00:05 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 05 Jun 2018 18:00:05 +0000 (UTC) for IP:'104.47.34.41' DOMAIN:'mail-by2nam01on0041.outbound.protection.outlook.com' HELO:'NAM01-BY2-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.021 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, T_DKIMWL_WL_MED) 104.47.34.41 mail-by2nam01on0041.outbound.protection.outlook.com 104.47.34.41 mail-by2nam01on0041.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.83 on 10.5.110.25 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Jon Grimm , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v7 3/9] libvirt-host: expose virNodeGetSEVCapability API X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Tue, 05 Jun 2018 18:00:14 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The API can be used by application to get the SEV capability (which includes platform certificate chain and other releated information) Signed-off-by: Brijesh Singh <> --- include/libvirt/libvirt-host.h | 42 +++++++++++++++++ src/driver-hypervisor.h | 6 +++ src/libvirt-host.c | 48 +++++++++++++++++++ src/libvirt_public.syms | 5 ++ src/qemu/qemu_capabilities.c | 7 +++ src/qemu/qemu_capabilities.h | 4 ++ src/qemu/qemu_driver.c | 91 +++++++++++++++++++++++++++++++++= ++++ src/remote/remote_daemon_dispatch.c | 44 ++++++++++++++++++ src/remote/remote_driver.c | 41 +++++++++++++++++ src/remote/remote_protocol.x | 22 ++++++++- src/remote_protocol-structs | 13 ++++++ 11 files changed, 322 insertions(+), 1 deletion(-) diff --git a/include/libvirt/libvirt-host.h b/include/libvirt/libvirt-host.h index 84f4858..d020597 100644 --- a/include/libvirt/libvirt-host.h +++ b/include/libvirt/libvirt-host.h @@ -432,6 +432,48 @@ typedef virNodeCPUStats *virNodeCPUStatsPtr; =20 typedef virNodeMemoryStats *virNodeMemoryStatsPtr; =20 + +/** + * + * SEV Parameters + */ + +/** + * VIR_NODE_SEV_PDH: + * + * Marco represents the Platform Diffie-Hellman key, as VIR_TYPED_PARAMS_S= TRING. + */ +# define VIR_NODE_SEV_PDH "pdh" + +/** + * VIR_NODE_SEV_CERT_CHAIN: + * + * Marco represents the Platform certificate chain that includes the + * endorsement key (PEK), owner certificate authority (OCD) and chip + * endorsement key (CEK), as VIR_TYPED_PARAMS_STRING. + */ +# define VIR_NODE_SEV_CERT_CHAIN "cert-chain" + +/** + * VIR_NODE_SEV_CBITPOS: + * + * Marco represents the CBit Position used by hypervisor when SEV is enabl= ed. + */ +# define VIR_NODE_SEV_CBITPOS "cbitpos" + +/** + * VIR_NODE_SEV_REDUCED_PHYS_BITS: + * + * Marco represents the number of bits we lose in physical address space + * when SEV is enabled in the guest. + */ +# define VIR_NODE_SEV_REDUCED_PHYS_BITS "reduced-phys-bits" + +int virNodeGetSEVCapability (virConnectPtr conn, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags); + /** * virConnectFlags * diff --git a/src/driver-hypervisor.h b/src/driver-hypervisor.h index aa99cbb..cb2ab9c 100644 --- a/src/driver-hypervisor.h +++ b/src/driver-hypervisor.h @@ -1309,6 +1309,11 @@ typedef int unsigned int action, unsigned int flags); =20 +typedef int +(*virDrvNodeGetSEVCapability)(virConnectPtr conn, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags); =20 typedef struct _virHypervisorDriver virHypervisorDriver; typedef virHypervisorDriver *virHypervisorDriverPtr; @@ -1558,6 +1563,7 @@ struct _virHypervisorDriver { virDrvDomainSetLifecycleAction domainSetLifecycleAction; virDrvConnectCompareHypervisorCPU connectCompareHypervisorCPU; virDrvConnectBaselineHypervisorCPU connectBaselineHypervisorCPU; + virDrvNodeGetSEVCapability nodeGetSEVCapability; }; =20 =20 diff --git a/src/libvirt-host.c b/src/libvirt-host.c index 3aaf558..6c47b69 100644 --- a/src/libvirt-host.c +++ b/src/libvirt-host.c @@ -1639,3 +1639,51 @@ virNodeAllocPages(virConnectPtr conn, virDispatchError(conn); return -1; } + +/* + * virNodeGetSEVCapability: + * @conn: pointer to the hypervisor connection + * @params: where to store SEV capabilities; output + * @nparams: pointer to number of SEV parameters; output + * @flags: extra flags; not used yet, so callers should always pass 0 + * + * Get the SEV host capabilities, If hypervisor supports SEV then @params + * will contains PDH and certificate chain. + * + * Returns 0 in case of success, and -1 in case of failure. + */ +int +virNodeGetSEVCapability(virConnectPtr conn, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + VIR_DEBUG("conn=3D%p, params=3D%p, nparams=3D%p (%d), flags=3D0x%x", + conn, params, nparams, *nparams, flags); + + virResetLastError(); + + virCheckConnectReturn(conn, -1); + virCheckNonNullArgGoto(nparams, error); + virCheckNonNegativeArgGoto(*nparams, error); + virCheckReadOnlyGoto(conn->flags, error); + + if (VIR_DRV_SUPPORTS_FEATURE(conn->driver, conn, + VIR_DRV_FEATURE_TYPED_PARAM_STRING)) + flags |=3D VIR_TYPED_PARAM_STRING_OKAY; + + if (conn->driver->nodeGetSEVCapability) { + int ret; + ret =3D conn->driver->nodeGetSEVCapability(conn, params, + nparams, flags); + if (ret < 0) + goto error; + return ret; + } + + virReportUnsupportedError(); + + error: + virDispatchError(conn); + return -1; +} diff --git a/src/libvirt_public.syms b/src/libvirt_public.syms index 958601b..438205f 100644 --- a/src/libvirt_public.syms +++ b/src/libvirt_public.syms @@ -792,4 +792,9 @@ LIBVIRT_4.4.0 { virConnectBaselineHypervisorCPU; } LIBVIRT_4.1.0; =20 +LIBVIRT_4.5.0 { + global: + virNodeGetSEVCapability; +} LIBVIRT_4.4.0; + # .... define new API here using predicted next version number .... diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 5db444c..82aec96 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -2080,6 +2080,13 @@ virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCap= s, } =20 =20 +virSEVCapabilityPtr +virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCaps) +{ + return qemuCaps->sevCapabilities; +} + + static int virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps, qemuMonitorPtr mon) diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index ad25e6c..630ce77 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -615,4 +615,8 @@ bool virQEMUCapsGuestIsNative(virArch host, =20 bool virQEMUCapsCPUFilterFeatures(const char *name, void *opaque); + +virSEVCapabilityPtr +virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCaps); + #endif /* __QEMU_CAPABILITIES_H__*/ diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index c200c5a..0fb1aba 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -21438,6 +21438,96 @@ qemuDomainSetLifecycleAction(virDomainPtr dom, } =20 =20 +static int +qemuGetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + int maxpar =3D 0; + virSEVCapabilityPtr sev =3D virQEMUCapsGetSEVCapabilities(qemuCaps); + + virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); + + if (virTypedParamsAddString(params, nparams, &maxpar, + VIR_NODE_SEV_PDH, sev->pdh) < 0) + return -1; + + if (virTypedParamsAddString(params, nparams, &maxpar, + VIR_NODE_SEV_CERT_CHAIN, sev->pdh) < 0) + goto cleanup; + + if (virTypedParamsAddUInt(params, nparams, &maxpar, + VIR_NODE_SEV_CBITPOS, sev->cbitpos) < 0) + goto cleanup; + + if (virTypedParamsAddUInt(params, nparams, &maxpar, + VIR_NODE_SEV_REDUCED_PHYS_BITS, + sev->reduced_phys_bits) < 0) + goto cleanup; + + return 0; + + cleanup: + return -1; +} + + +static int +qemuNodeGetSEVCapability(virConnectPtr conn, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + virQEMUDriverPtr driver =3D conn->privateData; + virCapsPtr caps =3D NULL; + virQEMUCapsPtr qemucaps =3D NULL; + virArch hostarch; + virCapsDomainDataPtr capsdata; + int ret =3D -1; + + if (virNodeGetSevCapabilityEnsureACL(conn) < 0) + return ret; + + if (!(caps =3D virQEMUDriverGetCapabilities(driver, true))) + return ret; + + hostarch =3D virArchFromHost(); + if (!(capsdata =3D virCapabilitiesDomainDataLookup(caps, + VIR_DOMAIN_OSTYPE_HVM, hostarch, VIR_DOMAIN_VIRT_QEMU, + NULL, NULL))) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Cannot find suitable emulator for %s"), + virArchToString(hostarch)); + goto UnrefCaps; + } + + qemucaps =3D virQEMUCapsCacheLookup(driver->qemuCapsCache, + capsdata->emulator); + VIR_FREE(capsdata); + if (!qemucaps) + goto UnrefCaps; + + if (!virQEMUCapsGet(qemucaps, QEMU_CAPS_SEV_GUEST)) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("QEMU does not support SEV guest")); + goto UnrefQemuCaps; + } + + if (qemuGetSEVCapabilities(qemucaps, params, nparams, flags) < 0) + goto UnrefQemuCaps; + + ret =3D 0; + + UnrefQemuCaps: + virObjectUnref(qemucaps); + UnrefCaps: + virObjectUnref(caps); + + return ret; +} + + static virHypervisorDriver qemuHypervisorDriver =3D { .name =3D QEMU_DRIVER_NAME, .connectURIProbe =3D qemuConnectURIProbe, @@ -21661,6 +21751,7 @@ static virHypervisorDriver qemuHypervisorDriver =3D= { .domainSetLifecycleAction =3D qemuDomainSetLifecycleAction, /* 3.9.0 */ .connectCompareHypervisorCPU =3D qemuConnectCompareHypervisorCPU, /* 4= .4.0 */ .connectBaselineHypervisorCPU =3D qemuConnectBaselineHypervisorCPU, /*= 4.4.0 */ + .nodeGetSEVCapability =3D qemuNodeGetSEVCapability, /* 4.5.0 */ }; =20 =20 diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon= _dispatch.c index 81d0445..f974b71 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -5001,6 +5001,50 @@ remoteDispatchDomainGetDiskErrors(virNetServerPtr se= rver ATTRIBUTE_UNUSED, =20 =20 static int +remoteDispatchNodeGetSevCapability(virNetServerPtr server ATTRIBUTE_UNUSED, + virNetServerClientPtr client ATTRIBUTE_= UNUSED, + virNetMessagePtr msg ATTRIBUTE_UNUSED, + virNetMessageErrorPtr rerr, + remote_node_get_sev_capability_args *ar= gs, + remote_node_get_sev_capability_ret *ret) +{ + virTypedParameterPtr params =3D NULL; + int nparams =3D 0; + int rv =3D -1; + struct daemonClientPrivate *priv =3D + virNetServerClientGetPrivateData(client); + + if (!priv->conn) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not ope= n")); + goto cleanup; + } + + if (virNodeGetSEVCapability(priv->conn, ¶ms, &nparams, args->flags= ) < 0) + goto cleanup; + + if (nparams > REMOTE_NODE_SEV_CAPABILITY_MAX) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("nparams too large"= )); + goto cleanup; + } + + + if (virTypedParamsSerialize(params, nparams, + (virTypedParameterRemotePtr *) &ret->param= s.params_val, + &ret->params.params_len, + args->flags) < 0) + goto cleanup; + + rv =3D 0; + + cleanup: + if (rv < 0) + virNetMessageSaveError(rerr); + virTypedParamsFree(params, nparams); + return rv; +} + + +static int remoteDispatchNodeGetMemoryParameters(virNetServerPtr server ATTRIBUTE_UNU= SED, virNetServerClientPtr client ATTRIBU= TE_UNUSED, virNetMessagePtr msg ATTRIBUTE_UNUSE= D, diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 3be30bd..cdc9a70 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -6776,6 +6776,46 @@ remoteNodeGetMemoryParameters(virConnectPtr conn, return rv; } =20 + +static int +remoteNodeGetSEVCapability(virConnectPtr conn, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + int rv =3D -1; + remote_node_get_sev_capability_args args; + remote_node_get_sev_capability_ret ret; + struct private_data *priv =3D conn->privateData; + + remoteDriverLock(priv); + + args.flags =3D flags; + + memset(&ret, 0, sizeof(ret)); + if (call(conn, priv, 0, REMOTE_PROC_NODE_GET_SEV_CAPABILITY, + (xdrproc_t) xdr_remote_node_get_sev_capability_args, (char *)= &args, + (xdrproc_t) xdr_remote_node_get_sev_capability_ret, (char *) = &ret) =3D=3D -1) + goto done; + + if (virTypedParamsDeserialize((virTypedParameterRemotePtr) ret.params.= params_val, + ret.params.params_len, + REMOTE_NODE_SEV_CAPABILITY_MAX, + params, + nparams) < 0) + goto cleanup; + + rv =3D 0; + + cleanup: + xdr_free((xdrproc_t) xdr_remote_node_get_sev_capability_ret, + (char *) &ret); + done: + remoteDriverUnlock(priv); + return rv; +} + + static int remoteNodeGetCPUMap(virConnectPtr conn, unsigned char **cpumap, @@ -8452,6 +8492,7 @@ static virHypervisorDriver hypervisor_driver =3D { .domainSetLifecycleAction =3D remoteDomainSetLifecycleAction, /* 3.9.0= */ .connectCompareHypervisorCPU =3D remoteConnectCompareHypervisorCPU, /*= 4.4.0 */ .connectBaselineHypervisorCPU =3D remoteConnectBaselineHypervisorCPU, = /* 4.4.0 */ + .nodeGetSEVCapability =3D remoteNodeGetSEVCapability, /* 4.5.0 */ }; =20 static virNetworkDriver network_driver =3D { diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x index a0ab7e9..a4e1166 100644 --- a/src/remote/remote_protocol.x +++ b/src/remote/remote_protocol.x @@ -253,6 +253,9 @@ const REMOTE_DOMAIN_IP_ADDR_MAX =3D 2048; /* Upper limit on number of guest vcpu information entries */ const REMOTE_DOMAIN_GUEST_VCPU_PARAMS_MAX =3D 64; =20 +/* Upper limit on number of SEV parameters */ +const REMOTE_NODE_SEV_CAPABILITY_MAX =3D 64; + /* UUID. VIR_UUID_BUFLEN definition comes from libvirt.h */ typedef opaque remote_uuid[VIR_UUID_BUFLEN]; =20 @@ -3480,6 +3483,17 @@ struct remote_connect_baseline_hypervisor_cpu_ret { remote_nonnull_string cpu; }; =20 +struct remote_node_get_sev_capability_args { + int nparams; + unsigned int flags; +}; + +struct remote_node_get_sev_capability_ret { + remote_typed_param params; + int nparams; +}; + + /*----- Protocol. -----*/ =20 /* Define the program number, protocol version and procedure numbers here.= */ @@ -6187,5 +6201,11 @@ enum remote_procedure { * @generate: both * @acl: connect:write */ - REMOTE_PROC_CONNECT_BASELINE_HYPERVISOR_CPU =3D 394 + REMOTE_PROC_CONNECT_BASELINE_HYPERVISOR_CPU =3D 394, + + /** + * @generate: none + * @acl: connect:read + */ + REMOTE_PROC_NODE_GET_SEV_CAPABILITY =3D 395 }; diff --git a/src/remote_protocol-structs b/src/remote_protocol-structs index 0c4cfc6..7705821 100644 --- a/src/remote_protocol-structs +++ b/src/remote_protocol-structs @@ -2907,6 +2907,18 @@ struct remote_connect_baseline_hypervisor_cpu_args { struct remote_connect_baseline_hypervisor_cpu_ret { remote_nonnull_string cpu; }; +struct remote_node_get_sev_capability_args { + int nparams; + u_int flags; +}; +struct remote_node_get_sev_capability_ret { + struct { + u_int params_len; + remote_typed_param * params_val; + } params; + int nparams; +}; + enum remote_procedure { REMOTE_PROC_CONNECT_OPEN =3D 1, REMOTE_PROC_CONNECT_CLOSE =3D 2, @@ -3302,4 +3314,5 @@ enum remote_procedure { REMOTE_PROC_DOMAIN_DETACH_DEVICE_ALIAS =3D 392, REMOTE_PROC_CONNECT_COMPARE_HYPERVISOR_CPU =3D 393, REMOTE_PROC_CONNECT_BASELINE_HYPERVISOR_CPU =3D 394, + REMOTE_PROC_NODE_SEV_CAPABILITY =3D 395, }; --=20 2.7.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list