From nobody Tue May 13 23:11:58 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528468964204658.8762978480881; Fri, 8 Jun 2018 07:42:44 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 066714E4EE; Fri, 8 Jun 2018 14:42:42 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 942E46253E; Fri, 8 Jun 2018 14:42:41 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 288351800FED; Fri, 8 Jun 2018 14:42:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w58EfpZN026339 for ; Fri, 8 Jun 2018 10:41:51 -0400 Received: by smtp.corp.redhat.com (Postfix) id 935CE67656; Fri, 8 Jun 2018 14:41:51 +0000 (UTC) Received: from mx1.redhat.com (ext-mx12.extmail.prod.ext.phx2.redhat.com [10.5.110.41]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8681B67649 for ; Fri, 8 Jun 2018 14:41:45 +0000 (UTC) Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0052.outbound.protection.outlook.com [104.47.40.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 75FDE308A94A for ; Fri, 8 Jun 2018 14:41:44 +0000 (UTC) Received: from localhost-010236106000.amd.com (165.204.78.1) by SN1PR12MB2461.namprd12.prod.outlook.com (2603:10b6:802:27::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.841.13; Fri, 8 Jun 2018 14:41:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xFIc2bIvt6DTupWDndyUHTVh1t54WxoQp6D3t3egWkA=; b=Y6rsVRuIoaJjGoQt0Y7fTWh/dXSKF2X5QZ3Y/ROECnMJGOtrzI6WVgmkZ9nJ60VN85VUfXO7E2dwReoDACb3TXBGSTwQUJygqYj0G1Dwv5WBAZHZ1AhQkxVwxy/TS3JobE0YG2TRMoAATcaixiQ1HUv8uOXajjyUzos9Poewztc= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: libvir-list@redhat.com Date: Fri, 8 Jun 2018 09:41:01 -0500 Message-Id: <20180608144101.34228-12-brijesh.singh@amd.com> In-Reply-To: <20180608144101.34228-1-brijesh.singh@amd.com> References: <20180608144101.34228-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0501CA0133.namprd05.prod.outlook.com (2603:10b6:803:2c::11) To SN1PR12MB2461.namprd12.prod.outlook.com (2603:10b6:802:27::24) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:SN1PR12MB2461; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB2461; 3:HEcEEkkAZ/a/iJLl6efFS8A1c/RP+U9F232eKAXnmV/ThXKMUPk+LQ0IThPtD035FwmPYv+c8Iz1hsJ8NiKRykpOqn91o8NM/UbzwwAsN44OBtj9gv3XSRiHQz0EMrlkPvbxWTLo8OLy13qS2YLj73+kBTRyddM8zUi4gBtW0pOZmA8KqU8+UIoZRhkYenaK2dtPCwwadSDaufHmCUTEcii2UY9Vuoqk4lI9W4cpZ9C1ZAbJ8prsXe2YGB1CAjgV; 25:+TxSq9kL5h4XYddfOOur2Tof056Gd4OrVuRu2UODe5uaI0fZ7fCRRqvtp+8v0pvVOjNCcxhzMQOj68C/kzFjjVG6SxXFXRj4gE4fw+sr/+n1Oaz17BkBioQpwsZSusY3gp4go4sUqi4F4TWkmXW5s603giCuZpEmTSNAJ1CiKPfanyk24D94E04D2tnmxBODFlLBv5LppJpmGPmZdRrdCOvU6ad/RwXoD4sQxQkDsevQuI7Jo/q1dPy+I/z+TJn/c10h/Nu6pS7adshzfPv8bDR0vQufvXuLg4F1/ms2RbXZ1NXRpnekkMrRU/SOO2fzQpyNg5fYnZ0fVN+gEO+TFQ==; 31:58yw6HrFyiu/vzJ7oNNFTAdemlB9nPlPJjuwux83LUmyDl9LAa7TyFdvrIjTBGDPPk1tu97GklUgAg4ein2o02kKrEMdDqUI1xM629ycfJod2fjIrnt+SJj7vgZMQFI1n8+xHMSpsKfypPGZgXsBZwI1egFSONCuitdMOoWrz7qw4KiwSZ8gZeuMNCx0mVNVkPLZvnD4Jabq7o1nEOsdCcIK/lV4GlOiO0C8Xn909zc= X-MS-TrafficTypeDiagnostic: SN1PR12MB2461: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB2461; 20:oGXi8JY1YgfLT3YjD6W8XITy0WX34sMWU7r7I6LYygS+WSvrQImc/2NTjvTIjmwXWgKYKUBJZyAJ4eIF8CN75oa6w2Os2JXROeOLbA2sBTbHhY0YB63YiTJXTdPaGFcsOQV4xfmFMZ0EgntCLgUDK7ngvgQdkdW2PphhxcQNxh0YERN1vJiYYBIz4xOYHXYm7Q79z/o+QfhJAPQarvzOJhanMalscsMKbiSQgIxeIMHjULfT4utugv9i5gGApbKgOLP4c+dMCtRzQvAa8kMcpG1FtOYs44RDiqHgCMO2xzpwtab5lSQJFdGKmXSyKT073DOuJUsdtml+Z95AvrKs/BusRXpAPl3cbZGDxk/W0DdmM71d3kuR9BA/i8znTkravmQ7Tqs9n9uBXOd09sRifIWFvXB3yeJbumTy1VGGbCPuleE3TmjsqddkxQTp2vqE4WkbEqjHvCcrGU4lVvsLJhee0clQj2mChnz3TJfeLiqe0l9XuZe61BPDZikcj9hD; 4:QztOVKn6zlAesvRpuEIlM/FjcMUoa0D++0Qac7dUvuGVF7tgcdgtIgINwVxqLxUeEGp/QvfseDz1o4eOUJLnuAyYI2s2rHZSC+3iyMqANWAZo8mxg4VkZvlzbqa8Qm8MLwoTHqHk9wZeCsP8rEWBi+Ez+MsWpJ/Z1/Nm3b7BLKiyq4T0qpMzJqyCQsSaQ1mCbvTN2tVHG9k5OF6WfaWLpLQ19GSQ/CRkjEVL30RtD590RdREGngAyHCiQeKvOMy7c/qw2X8Cq2Za5J0/EvjCfUt+GcPh8IuqEA1j0m6Jm8yG3oBqCFgPQxLyAZlHds/p X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231254)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(20161123564045)(6072148)(201708071742011)(7699016); SRVR:SN1PR12MB2461; BCL:0; PCL:0; RULEID:; SRVR:SN1PR12MB2461; X-Forefront-PRVS: 06973FFAD3 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(979002)(6069001)(376002)(39860400002)(39380400002)(346002)(396003)(366004)(189003)(199004)(106356001)(68736007)(2361001)(105586002)(305945005)(7736002)(4326008)(2351001)(53416004)(86362001)(575784001)(76506005)(5660300001)(50466002)(47776003)(6666003)(48376002)(81166006)(81156014)(66066001)(478600001)(6486002)(25786009)(8676002)(6916009)(6116002)(3846002)(8936002)(1076002)(97736004)(50226002)(386003)(59450400001)(54906003)(51416003)(76176011)(36756003)(52116002)(7696005)(53936002)(316002)(16586007)(476003)(956004)(2616005)(11346002)(446003)(44832011)(486006)(2906002)(16526019)(186003)(26005)(145543001)(145603002)(213903007)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB2461; H:localhost-010236106000.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN1PR12MB2461; 23:zt+cgFFslrF+XK0JymLzkD1cJ3qbLMQHuf44GOfmp?= =?us-ascii?Q?MSVADKLNEIJHIQi+gtPb5uiZP7Vzw1AmcjykqXarvr5cr9NtOO7rjmD616tZ?= =?us-ascii?Q?+Bef0ArI3GgBmF1WqHZFUDAsP/XqQfkWL/OLG1zw3ILp2tyKvmLVUcaVo1px?= =?us-ascii?Q?eNP8LIx41i4EwM2/qCZhk5e3SE1SgdbE8ttAHneM4j/9En/pPxSdbdbKQMgZ?= =?us-ascii?Q?21nw1ieEbw8kTPxha59fbM7dPWxtfe6Xq/QTMwxslKM48w8OVIJ4a5lyItyn?= =?us-ascii?Q?5Ag834ddv7klLqrPBFipoVLfDcE8Kk5i2tBfueyAtfj9OPuIv70cRbV0Iqic?= =?us-ascii?Q?p8Jf8OgryRxIpKFlkkTpAzmI4ICuBgiEORZssSVxyVRwo7epmKKkcoAtNIFk?= =?us-ascii?Q?YBKMSoKNiLHKq9g869vMhg1nPHUqhXP8YVpmA8etmaAgwjTlUAdaMZVGnAEP?= =?us-ascii?Q?yeucZ06nn4BYcd64mLt5vhivWpt5wM6cG7YrvyfeFFTRbNF62yMnwEVz/p4h?= =?us-ascii?Q?6qj/Y1EfSZ0YqsafsokFqrk9XwyUNJMTbR+gT2v43akOHrxuPEIh6MjsYijg?= =?us-ascii?Q?w2jlpdVZxpssoB/XCBSvxhGQ8nIq0J7Pq/wzwz7gn2SjcNAZEAOJ3dgMUluF?= =?us-ascii?Q?QXLE9dB0PGBQ8fGFvyminHcrvWlcSRd35PFvlNC7/l/ymG30H/n65Jgx2Grj?= =?us-ascii?Q?PcGAXNzyEfrQXIx9mq2xnvauP8Odi9j+b6YXRKK0FpMTQUpXi4kJdTLhdycf?= =?us-ascii?Q?E0LIIA81QCNkLaBx2pCFlkTKoCQFlStd51VjgW/Y781ZjnQGwaeNT5MTmorg?= =?us-ascii?Q?pVyb7RXVrlJJ9JiMKQ/OwhP4hAln7w3VwisAnLikM5sUF132yM8ZeNDsYyCf?= =?us-ascii?Q?xmuQMeoJRsRkXgXtJyoaIaGE7ipBxfRwUT2KE2Hf4JZM9mOCNaQknvDqzLp6?= =?us-ascii?Q?C86hhGbq4nQrjp1/NWSYIaDxz5rsVbGBWqzJoelOBS5HqZsnvyIYNNkNtx01?= =?us-ascii?Q?O9JNPZ1ba5wzd9Ka8j21iJj/A+jWs5zDHQvkAylo3/2CVxwKhp7IHFcMk0F1?= =?us-ascii?Q?7wnZ11xqOwx65AyunJ1Lexyemq/d1BwgT5nrXCLm3xzlvvTEhh8RSmzKDJl5?= =?us-ascii?Q?gyigwzdZ+v9IG5XKmbN8oeIiLu6HWi6z3hdbwotUHIS70Q5sYniHLAvBDd9e?= =?us-ascii?Q?znE5jwPNvgtEkxysfxgHzrWANnyI+o2wKpuRx30y9XqRJd+btKwON0oZ0tFz?= =?us-ascii?Q?XDmjqg+fABr3rLN8zrPaUKE79l3DR24dpz2Otqo404kO7n+DjkP/ab/qFFFT?= =?us-ascii?Q?tfSWRmRtt3c+nQ2TJWGRUv/zCnPAeY2k8hUG6UaWL2FpaiJ6VYgqajoSCJM2?= =?us-ascii?Q?T76J4SOLcxizITW2FDvOJSRGdymooOvP+IrzUV1VudkQMeWX3dMptUqYnQJL?= =?us-ascii?Q?WUzNfyFeuXLrJpB+EAaUo1Hk3x2YO/hFq6b8r4Ohaj6oc5WlVxQRDHcWO2Kl?= =?us-ascii?Q?VD4b4zwaTib2m/5VzxqXBPMT5ezImgQ+ccgrfVQk+31sOUV+oMeQdXx?= X-Microsoft-Antispam-Message-Info: xYFPv85LIvffjgmGqo09ao4IoRU3ouvdMc/7v9kBZWga8gVHQjN28PL2qagTA4jFfsctHkn2b94I+Ia0Fu011PaKdvsT5qBRbArRn5XFh9lOVtHLCxbuwYzsAzQPPQGXom39ZF8G8POj/PUw5s5rcMTYC0dEnPTylZUlj1fLWRibM9JNY5GkPjVr7PEVouV4 X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB2461; 6:Ga31svzVkb9zmK+R/MwkSZs7ziRO8dd95MITGdeZioZqxORdZRWPbZw6CW32GOXtTI1Jg+xn7VeJoQ+zRdL/iOvqcV870yabCoHnAAwltTjCBAjNmNJJMLtYzEF1JsKdfPWeRgUQhhw8kxbRt7wvXZzXOlH/Q669gAmyAIco4Bp/4tXV65VIQBL0WxqwIrFO82o82sOahyWHg7wjfPFIkkoK8Oe+MUFbeEeyG8Scl906CnP+z0zq8Owv1QBlmlMUnYdeNRp8P0bvUAWpg+8AfBbQlIrxRsfjUiL4fYXpCUOf8VNr0oiWYwQ5I9RByjxT9OPF1iKnaLjJHZ99Ot4FF+9LH0saws05F0XRDxGJBNnU15vubZGugh9ggaBwYrvK5DpROSv65ZHxpKOJcuuAVZ7O+rGxyJCEVwjX+qDO4M7x6eOSNtXf+G9K+d1qwEyPT/Yj+O8vLtOCLN9s/3XjKA==; 5:tWciMteBoU9XiSfZBdxfOwuzHrBKSEJLbbBI6NjFg5ihKfDxZdr9pLH0ofAFTUThosRhB7nHunTVDx6LWIqTVkPlwS6G5uWTJFHZ6dxyJS7MP4hSXgwqXKQltj6dC7N2JdJoewOAOX7mffZO2YKbC8ecstUxbsq80hFuHj2cwv0=; 24:kHOQPCag9p35MxQmBK5AAQyLzmuulLMwUgF3UiJ1RQx0rMauIiG/K7U4y9khQWX26Bggz3Q69Cg3UmMQ+l9Rxfq+bYGtoxicHKdWwFvPkes= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB2461; 7:QCuA9pn1AKLb4Tju40UD82akSHLfdYv/X270UiZCMxpxwSP8kXavtbYgJnUEQ2baVawELaiahIeGdTGi7K2SrcAs76vB/zESpNWcQQpyAfb2JRWMzWFLDXFP/KS3zUckfo0iJjUJtS5xfo/Z+juYl27Q1aKHR9sNBoFJ+j2ngLe//f60G1f77a+o/J9OUAr3o7VxwR4nEQGzAPBxZph7wfvAKsdmRVGJPhaDBKw+TMxRbxmxjZBNP6MV3zrsaH5e; 20:OHOxqSAEqoJqjqSIwx8RBN7O/VaLAJcljknS5k6Fnbwsf0kgLXsDe3dCQDZslTw2+j9vgHVAgiO3/5qiPXmfH+KCfa6Ua8ho8inwFbqdVPfMjYWI+O2OT61/9JkgVHx67beEuDiiE9qcgvG05553uKFuBn2fUUaBw+KvgsNn3gRk8HkxoisUyVKmY+JA+OCBmheYgIvpQHqaSGls10OApOn96t9WZI2/1CvT+YMTdr2nxuVQQLOAdDPq9iHF6m3b X-MS-Office365-Filtering-Correlation-Id: 586f5f39-d0d1-4253-e4c2-08d5cd4dee35 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jun 2018 14:41:33.3637 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 586f5f39-d0d1-4253-e4c2-08d5cd4dee35 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2461 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Fri, 08 Jun 2018 14:41:44 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Fri, 08 Jun 2018 14:41:44 +0000 (UTC) for IP:'104.47.40.52' DOMAIN:'mail-co1nam03on0052.outbound.protection.outlook.com' HELO:'NAM03-CO1-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.021 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, T_DKIMWL_WL_MED) 104.47.40.52 mail-co1nam03on0052.outbound.protection.outlook.com 104.47.40.52 mail-co1nam03on0052.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.84 on 10.5.110.41 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Jon Grimm , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v9 11/11] qemu: Implement the driver backend for virDomainGetLaunchSecurityInfo X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Fri, 08 Jun 2018 14:42:43 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This patch implements the internal driver API for launch event into qemu driver. When SEV is enabled, execute 'query-sev-launch-measurement' to get the measurement of memory encrypted through launch sequence. Signed-off-by: Brijesh Singh Reviewed-by: Erik Skultety --- src/qemu/qemu_driver.c | 69 ++++++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_monitor.c | 8 +++++ src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 42 +++++++++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 2 ++ 5 files changed, 124 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 264c47d..3f1eb8a 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -21505,6 +21505,74 @@ qemuNodeGetSEVInfo(virConnectPtr conn, } =20 =20 +static int +qemuDomainGetSEVMeasurement(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + int ret =3D -1; + char *tmp; + int maxpar =3D 0; + + virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); + + if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0) + return -1; + + if (qemuDomainObjEnterMonitorAsync(driver, vm, QEMU_ASYNC_JOB_NONE) < = 0) + goto endjob; + + tmp =3D qemuMonitorGetSEVMeasurement(QEMU_DOMAIN_PRIVATE(vm)->mon); + if (tmp =3D=3D NULL) + goto endjob; + + if (qemuDomainObjExitMonitor(driver, vm) < 0) + goto endjob; + + if (virTypedParamsAddString(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT, + tmp) < 0) + goto endjob; + + VIR_FREE(tmp); + ret =3D 0; + + endjob: + qemuDomainObjEndJob(driver, vm); + return ret; +} + + +static int +qemuDomainGetLaunchSecurityInfo(virDomainPtr domain, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + virQEMUDriverPtr driver =3D domain->conn->privateData; + virDomainObjPtr vm; + int ret =3D -1; + + if (!(vm =3D qemuDomObjFromDomain(domain))) + goto cleanup; + + if (virDomainGetLaunchSecurityInfoEnsureACL(domain->conn, vm->def) < 0) + goto cleanup; + + if (vm->def->sev) { + if (qemuDomainGetSEVMeasurement(driver, vm, params, nparams, flags= ) < 0) + goto cleanup; + } + + ret =3D 0; + + cleanup: + virDomainObjEndAPI(&vm); + return ret; +} + static virHypervisorDriver qemuHypervisorDriver =3D { .name =3D QEMU_DRIVER_NAME, .connectURIProbe =3D qemuConnectURIProbe, @@ -21729,6 +21797,7 @@ static virHypervisorDriver qemuHypervisorDriver =3D= { .connectCompareHypervisorCPU =3D qemuConnectCompareHypervisorCPU, /* 4= .4.0 */ .connectBaselineHypervisorCPU =3D qemuConnectBaselineHypervisorCPU, /*= 4.4.0 */ .nodeGetSEVInfo =3D qemuNodeGetSEVInfo, /* 4.5.0 */ + .domainGetLaunchSecurityInfo =3D qemuDomainGetLaunchSecurityInfo, /* 4= .5.0 */ }; =20 =20 diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index fd6bce9..6e0cdca 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4297,3 +4297,11 @@ qemuMonitorBlockdevDel(qemuMonitorPtr mon, =20 return qemuMonitorJSONBlockdevDel(mon, nodename); } + +char * +qemuMonitorGetSEVMeasurement(qemuMonitorPtr mon) +{ + QEMU_CHECK_MONITOR_NULL(mon); + + return qemuMonitorJSONGetSEVMeasurement(mon); +} diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 75d5d98..7432997 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -1142,4 +1142,7 @@ int qemuMonitorBlockdevAdd(qemuMonitorPtr mon, int qemuMonitorBlockdevDel(qemuMonitorPtr mon, const char *nodename); =20 +char * +qemuMonitorGetSEVMeasurement(qemuMonitorPtr mon); + #endif /* QEMU_MONITOR_H */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index ba0da9a..c5480a2 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -7994,3 +7994,45 @@ qemuMonitorJSONBlockdevDel(qemuMonitorPtr mon, virJSONValueFree(reply); return ret; } + +/** + * The function is used to retrieve the measurement of a SEV guest. + * The measurement is signature of the memory contents that was encrypted + * through the SEV launch flow. + * + * A example JSON output: + * + * { "execute" : "query-sev-launch-measure" } + * { "return" : { "data" : "4l8LXeNlSPUDlXPJG5966/8%YZ" } } + */ +char * +qemuMonitorJSONGetSEVMeasurement(qemuMonitorPtr mon) +{ + const char *tmp; + char *measurement =3D NULL; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr data; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-launch-measure", N= ULL))) + return NULL; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + if (qemuMonitorJSONCheckReply(cmd, reply, VIR_JSON_TYPE_OBJECT) < 0) + goto cleanup; + + data =3D virJSONValueObjectGetObject(reply, "return"); + + if (!(tmp =3D virJSONValueObjectGetString(data, "data"))) + goto cleanup; + + if (VIR_STRDUP(measurement, tmp) < 0) + goto cleanup; + + cleanup: + virJSONValueFree(cmd); + virJSONValueFree(reply); + return measurement; +} diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 4c10574..6bc0dd3 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -343,6 +343,8 @@ int qemuMonitorJSONGetBlockIoThrottle(qemuMonitorPtr mo= n, =20 int qemuMonitorJSONSystemWakeup(qemuMonitorPtr mon); =20 +char *qemuMonitorJSONGetSEVMeasurement(qemuMonitorPtr mon); + int qemuMonitorJSONGetVersion(qemuMonitorPtr mon, int *major, int *minor, --=20 2.7.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list