From nobody Tue May 13 23:00:02 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 152846892066465.65869908799186; Fri, 8 Jun 2018 07:42:00 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 954A3308A940; Fri, 8 Jun 2018 14:41:56 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 00ED21001646; Fri, 8 Jun 2018 14:41:55 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6BED44CA80; Fri, 8 Jun 2018 14:41:54 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w58EfcSe026239 for ; Fri, 8 Jun 2018 10:41:38 -0400 Received: by smtp.corp.redhat.com (Postfix) id 4851816BF6; Fri, 8 Jun 2018 14:41:38 +0000 (UTC) Received: from mx1.redhat.com (ext-mx10.extmail.prod.ext.phx2.redhat.com [10.5.110.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3FD892A177 for ; Fri, 8 Jun 2018 14:41:35 +0000 (UTC) Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0047.outbound.protection.outlook.com [104.47.40.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B7BC95D68A for ; Fri, 8 Jun 2018 14:41:33 +0000 (UTC) Received: from localhost-010236106000.amd.com (165.204.78.1) by SN1PR12MB2461.namprd12.prod.outlook.com (2603:10b6:802:27::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.841.13; Fri, 8 Jun 2018 14:41:28 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=b34I3cAjMy5KR1Z1yo9z6KiGKi6V09nXYgRiQFdDFdw=; b=SAL/QQeIlf4s3b/IPgDRowbq2qRM14Q02WSB7plAMyAZFQZEjZMIuZATecRUrSDQgIBLkgXTcAX0ikDMdqbBXeyp3OF91HHC778XUMyiB6vVXOmwckdCvL6vP/tDAfeZB/yviK6Y8yfn3hhNX81HAAPU7159IYXP+WBO4FQwgXU= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: libvir-list@redhat.com Date: Fri, 8 Jun 2018 09:40:51 -0500 Message-Id: <20180608144101.34228-2-brijesh.singh@amd.com> In-Reply-To: <20180608144101.34228-1-brijesh.singh@amd.com> References: <20180608144101.34228-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0501CA0133.namprd05.prod.outlook.com (2603:10b6:803:2c::11) To SN1PR12MB2461.namprd12.prod.outlook.com (2603:10b6:802:27::24) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:SN1PR12MB2461; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB2461; 3:Y4rEabzzs2MhLWOm7iCIZLpNFwytIuDERS9O4kb4D7fqpOfgApgBDzf+WOs+s/mBJHQ2UNcQdjtrPwe1vUH5bpxKtyHDV6k7veCEpz6jDA+f9GMKicSh3cscpkAwPGTpB+Ccrvs1h/Bk35nU5TsbUBAJYWVHyUDpL2XCNlS+yJhBE6WZYtiKIrYhDnX6I5IeDdTVwV0n7SODGiHB1iWhz815ERWOSmVeSIAFaGcs0JryyhHEBFO8mXl7o+bk3Ei/; 25:Ke6CkLfOHoxlAsYO6xSgxRSc9csiKdNBdOorJcgSY7hMt0a7azMbDYMo9cRVFGpwZI+oEQXW4NWe0w/NmTjvr2wMaCRfctz2MN/DYQd57d3pIHjPinrMALRDtPdlxRVYWcVLk6DAGeJLFQKP2CZWAGArZwQbCCSN4MdL21TKDDATOhJOjfHuuQLLJ1PDltz8FCtu+LbhKZ4Xzl3riClEgW6N9eP5bc2U2UfM/Zt0R+aHt5JcpBkFWO77FkBhtEwsPw/ngHN2KWMBUYCmUIcBxa1x1E2FUiE5hyxS8qfpG/8HL3QDKuips4BWuoKKmvj1LpHtKSbvIK2iErhwI5V2CA==; 31:QjAOKWDenOpGP1n0TtS7PpSpeq5J2DaDUCyO5dAxt4TV6fDxAT534R90WRCTr+M6rwYHVnQ8tINXRSoxHsoodD/QePEn+/oS+l4HmhLhNAvveX5UuGcG1Z+At+CW8ajqak6L7vk4DBdX+Frhr5tPDtHBeKj6bqhL3zih3ZnOXipcuBGgtqg6vAzK2HGNd9i+Ep3q1/R+and1cmIxNqyfzgIHEVSOwRkfxTDIAAM3zTs= X-MS-TrafficTypeDiagnostic: SN1PR12MB2461: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB2461; 20:XBNJz0apSNXv8UWLbgNrqafpHwq00flAfx+xdMm11sLLIf5eyHv7/O/qGmT6oFhwx8FtKb0P0enpupVNisjJuUlsveEs/a0mY/CoCc1SOVXwaRPjWWx8Iu+MONWMTynWZ7U3pt+N0cRb4QmJsZBNvHowVuc+g8cOzIbIj7uH3ct8knmHY02r47St0Pjh3SNDn2vyLnX9bvSoQscA9aXd2U0kcMfO8JPabt4naidC+lixHogUxt6zbz+TQG3O31aPdRULyr9aBBaC2S/PtccTEIbGbYlGx2z2V5Xl5gjRUtYAiI+0XRoBUO2XPaqiELVQxwvxNZ8IKaoQ2BedKHK4mIOMsFGY8evgpEfgAe9XwUulguY1cUpeI6cUaSSmLAInPgI3NqFcTSBnoHdPJciKc9uPAA3Nween/W+adGs8tZaiInluLYRBs9rUXATvZDuIwq4uWSe/ZEhpE9TXemYa5dAcdJQlSPz1eljUHWwSZWROlv1grD9WgfbCq1iS86lm; 4:+G9c1kbbgtXZg2JSKqubZtRCqLtAAN5CPLNP9rxW9IsFwthUpqu0sagYszU5A7dSPrB6mK5DsVUfJtzs9pxmyDIjQGFWD2kYAmsBS0Ph3fOo0ZZxfDXdUKF6uV3Ju2kjV1aH5k7RdmYqJiNJlshFd6O8ZoJRyx7KxGgD8elmhtbiDki4AmjSUZU1slUS3cnRfhC+e6SvNwCAl0Jy8rVUbQNFyp8CQGoj7ABjcWdkBg52gHEKo1tQ8YrmcEoYIms3udUZZM3kDGtEotFPWXBOaP8mF0XhIwpDRnt1ggcGez27Ovk6YYOYljia9TM62sE0 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231254)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(20161123564045)(6072148)(201708071742011)(7699016); SRVR:SN1PR12MB2461; BCL:0; PCL:0; RULEID:; SRVR:SN1PR12MB2461; X-Forefront-PRVS: 06973FFAD3 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6069001)(376002)(39860400002)(39380400002)(346002)(396003)(366004)(189003)(199004)(106356001)(68736007)(2361001)(105586002)(305945005)(7736002)(4326008)(2351001)(53416004)(86362001)(575784001)(76506005)(5660300001)(50466002)(47776003)(6666003)(48376002)(81166006)(81156014)(66066001)(478600001)(6486002)(25786009)(8676002)(6916009)(6116002)(3846002)(8936002)(1076002)(97736004)(50226002)(386003)(59450400001)(54906003)(51416003)(76176011)(36756003)(52116002)(7696005)(53936002)(316002)(16586007)(476003)(956004)(2616005)(11346002)(446003)(44832011)(486006)(2906002)(16526019)(186003)(26005); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB2461; H:localhost-010236106000.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN1PR12MB2461; 23:o3EfReBZ3NJdRce9RdIBMGMIGPm3/1ru4f6pmcBbu?= =?us-ascii?Q?plSuf68QteE5k2+jKD6XhxPeIkj+wOCStLQuhvGWo9XBIFJ6vp9O4gWuYoCP?= =?us-ascii?Q?k+Zzq+tBpIV3qEp2MpfZrdGUr6lqhvbIx2IHYJRglzL4ND6Apbj4BwPtde7e?= =?us-ascii?Q?7fbu99++4bN3S+FBX98U9iIlylMpfV2kiNZSbMPdfryCi6WLcCKV0a1ol5/V?= =?us-ascii?Q?+tm6KuqaT0NseOBlnU898/lE2gwub/5uuDTJPrApOT9ASOF2G/L520vbnp6W?= =?us-ascii?Q?7lUOrWtLHpZz0DNBv0Ah01N7Dwl3dlPjG3wLw8s//M6i3tJuHvua+B8n83A+?= =?us-ascii?Q?1JXefgOxTeLjeyE4bKcvTG1ju7a+zWEAkMSHUWfGWXl7mPQpb0/Y5x1/eYc/?= =?us-ascii?Q?H9mS+WDo9cqgQHFE9DulL3pp5UNRRbxEUuR3DxASaaIXS8hXpl/Ji+8hgnqg?= =?us-ascii?Q?JZKU7Xz2HTD3kdswegM7/ScwvX7yGCmsr5VIZ7FIcY8sWuvk+1X55jNbrbk4?= =?us-ascii?Q?mi2YvPrtqBMq+zFtxUh7XlNuQ+qol4puEzEXpS4Q+qlakE8MdlsnlTIZounb?= =?us-ascii?Q?vj797DsWhtuApK1zxF5g8WJStPZwZl0FK8RjpuSW6eIMS9KeaX+OPdtME71w?= =?us-ascii?Q?F209gTEtzhhgdYts6hrL4Wb4Vey+woIvZ90wMi0INj80zrQF6PBogcTV2jbF?= =?us-ascii?Q?Y6f65GA8gY7CBiWW+b04irervIO7Z/2Pwg77GN/fvah//5h4pkZSIubUuDzG?= =?us-ascii?Q?Iu3fPY8Mm1CZKC5zuIl5nqDy6DQ5u8wkNJEUzfeuLTPI5kkKCptOx9bAThzA?= =?us-ascii?Q?S1FhJN1qVr0g6g019dkXKiGPkqahwzQkxCruLtSjVM+B4DBUdmHI29Fy2mA6?= =?us-ascii?Q?VGdBnVsI9wAictn/ySxSaKcFUOyK1hCYhbaeQP3SBDrCFJ62tVxCk7g+NVFE?= =?us-ascii?Q?1LNzF+LBnyD8KpFR6EiYEtx1snieEuSaWuyJkS8McubHUbHSamfE2b6Dn3Ck?= =?us-ascii?Q?E6MVLEH2mMQeUeNTPV/L4N17swxLgo7xXMJR/6zx1PwfpZtgedEoHnFKnR7k?= =?us-ascii?Q?mNxFtuoeAwksniTPamJSOk5uZv7hQJoi+Fm7s5eDYbCEHzALqGCypVCRcUCB?= =?us-ascii?Q?jnUyXcO/g8JhoNScXXX20y42Mk0yqh/jJtKqy06YVIA2c2z7u0K7znHzIs2u?= =?us-ascii?Q?QNB4WqY8JDDa2/efb1HaD+UOE5NvXQ2YDQe6kFLQPDZ2JYchxaGddHX/GTZk?= =?us-ascii?Q?WeY9SNj9RioOL66aZyfsS+PgU9V1yy9yrJTby9lZ8dB9HsRmajm+/59tFrTm?= =?us-ascii?Q?F5VQv0LqlI5xrjothoX1QVdDa1vfSc/qQ9VKSFdgmcNK4uTlRu3sfe67Xd19?= =?us-ascii?Q?Q9mT2cNvh6TNMPGYkaWXOpFQxE=3D?= X-Microsoft-Antispam-Message-Info: L06eSJDdlJ2Jcs9QKHp+GvYE2Lax/4KyVjWedAkWhuPX6WH9MX6nXw8boVB0fMiJIHDTusDDsbcCIW5lHe+nje5vW9kdqTeIOtWrwJWUgrgcceZhDR48tN4I0kZAgSCE8a1GqEo4pawyoUqwXWIU73N587vjz1bbbLLm9b8NBkSJ261NISuaVKRs7Qr5PVGH X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB2461; 6:/3544nQ6bIM4FrhARvhtjVngPta+ZIRQbkENkCUUHNIexE6xEtZnsJqcNJyH+7cby+VG72Ad0egyEtPxWdlGX3nM/bfJ6syQ7+J+hms63XLWYWk0fXNyBTFPKOIRkWsv4Tgfq3XyPQR5epCr6QufZedn720bMqCMUSleNDb2NYd2I4fZ6Z/y5SSFyG8PDC8pM/34zHMCmmi493cFyKc8Cz3T87wjfHljphVt2oZ3/9binKzvO5ccPfUpKbKgjHtwi6aQA0eWK4YkP1ch0nadkzbfaT4E42hg1xMlsqjFzaEW4gKIHZwweOGk9t55b1fWkiaCCZuxGxjqIcRtTjRgeZ4Xkc3ZYSbNYfci91jK8qG5wpQFaSVZ6gYYHtnMa31eL12n8y4l3XappHDNwLWskeYt63i9Rlk74qT4tzc2ShS4pMw6Wwwpyx5w1ql/m5L+7bAy+kXz+kwnH1WyhTUCfw==; 5:ViwDRzAOzEEynkOzlp+M3GjcEqYt0KiQ0FYiAGm9FLKq7h/ri2Opdwq3W9e1nbo4cfNzycTVCd5i+Y5bswWzdp0ZioUQFnAIlDBEBnlXkDCYj+SagIxGOWHvy83/NUGN8tNm8K+yRj8ZfNDEMmKtZjBkzxb4QbIHlBQ/aHjqgBM=; 24:0s2mfnDsaEBaRi+LZA408wPvGjK+jwiUmv7IJ05DDzq0/rz2tIPEDqbkVzr6AfLArqTQhrxWIETGBqXJ6UBpE+S5WxgCl/MpHr2qzdvYELQ= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB2461; 7:HrjX9vqLdsK5YdVKukbe7eZiNld7TwBcEBtzOjDMITQHNyFlcpTtJVXGoW53DMZoxYufuYM63bKHqf465tTB2BS2yXE/ObDXuRmnD/RziAVx3+4M5cBsCK9OaCuTrm/2lc/3pRB5ecYEzuK/8mvczGECwQWpFnN3rParOlZYjrVhMjBpMwV1JCzPxUdHysurOiJBjHULTyDXB511/jA0eX5nUWpIUYu1wookoS0hPXSF9FcVxZCn0J0kjeLCGRDe; 20:2MHfdxB4l66O+gg5upPlI5xiBp0cVZjKWNRkt3nX0dSBwGOEbbSzO1qowQ7JTz21VfRmHD9esRAjM0IOvnyXSXGST9CQOPFKWgmJnFAMeb94s9KM8JdfSM0nURUBjZIj1fI/nyXwFH+Ipaqt2EuCZ/VmESPVrtWbybxgcsZS/R21SiU82PXUk28d0d8T0siHd7E/ia7iYs0Bj6BybtieG5iCKI/XRDJre58Mi7p8BiMU78OoozYAfO6o9Ao73Zw4 X-MS-Office365-Filtering-Correlation-Id: e0c3912d-df76-4216-01da-08d5cd4deb3f X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Jun 2018 14:41:28.3912 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e0c3912d-df76-4216-01da-08d5cd4deb3f X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2461 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Fri, 08 Jun 2018 14:41:34 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Fri, 08 Jun 2018 14:41:34 +0000 (UTC) for IP:'104.47.40.47' DOMAIN:'mail-co1nam03on0047.outbound.protection.outlook.com' HELO:'NAM03-CO1-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.021 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, T_DKIMWL_WL_MED) 104.47.40.47 mail-co1nam03on0047.outbound.protection.outlook.com 104.47.40.47 mail-co1nam03on0047.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.39 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Jon Grimm , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v9 01/11] qemu: provide support to query the SEV capability X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]); Fri, 08 Jun 2018 14:42:00 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" QEMU version >=3D 2.12 provides support for launching an encrypted VMs on AMD x86 platform using Secure Encrypted Virtualization (SEV) feature. This patch adds support to query the SEV capability from the qemu. Signed-off-by: Brijesh Singh Reviewed-by: Erik Skultety --- src/conf/domain_capabilities.c | 12 ++++ src/conf/domain_capabilities.h | 12 ++++ src/libvirt_private.syms | 1 + src/qemu/qemu_capabilities.c | 37 ++++++++++ src/qemu/qemu_capabilities.h | 4 +- src/qemu/qemu_capspriv.h | 4 ++ src/qemu/qemu_monitor.c | 10 +++ src/qemu/qemu_monitor.h | 3 + src/qemu/qemu_monitor_json.c | 79 ++++++++++++++++++= ++++ src/qemu/qemu_monitor_json.h | 3 + .../caps_2.12.0.x86_64.replies | 10 +++ tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml | 3 +- 12 files changed, 176 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c index c20358e..3589777 100644 --- a/src/conf/domain_capabilities.c +++ b/src/conf/domain_capabilities.c @@ -67,6 +67,18 @@ virDomainCapsStringValuesFree(virDomainCapsStringValuesP= tr values) } =20 =20 +void +virSEVCapabilitiesFree(virSEVCapability *cap) +{ + if (!cap) + return; + + VIR_FREE(cap->pdh); + VIR_FREE(cap->cert_chain); + VIR_FREE(cap); +} + + static void virDomainCapsDispose(void *obj) { diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index b0eb4aa..56c1903 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -137,6 +137,15 @@ struct _virDomainCapsCPU { virDomainCapsCPUModelsPtr custom; }; =20 +typedef struct _virSEVCapability virSEVCapability; +typedef virSEVCapability *virSEVCapabilityPtr; +struct _virSEVCapability { + char *pdh; + char *cert_chain; + unsigned int cbitpos; + unsigned int reduced_phys_bits; +}; + struct _virDomainCaps { virObjectLockable parent; =20 @@ -202,4 +211,7 @@ int virDomainCapsEnumSet(virDomainCapsEnumPtr capsEnum, void virDomainCapsEnumClear(virDomainCapsEnumPtr capsEnum); =20 char * virDomainCapsFormat(virDomainCapsPtr const caps); + +void +virSEVCapabilitiesFree(virSEVCapability *capabilities); #endif /* __DOMAIN_CAPABILITIES_H__ */ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 2245101..ea24f28 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -185,6 +185,7 @@ virDomainCapsEnumClear; virDomainCapsEnumSet; virDomainCapsFormat; virDomainCapsNew; +virSEVCapabilitiesFree; =20 =20 # conf/domain_conf.h diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index a673709..8b3ffe1 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -497,6 +497,9 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST, "tpm-emulator", "mch", "mch.extended-tseg-mbytes", + + /* 310 */ + "sev-guest", ); =20 =20 @@ -563,6 +566,8 @@ struct _virQEMUCaps { size_t ngicCapabilities; virGICCapability *gicCapabilities; =20 + virSEVCapability *sevCapabilities; + virQEMUCapsHostCPUData kvmCPU; virQEMUCapsHostCPUData tcgCPU; }; @@ -1135,6 +1140,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "vmgenid", QEMU_CAPS_DEVICE_VMGENID }, { "vhost-vsock-device", QEMU_CAPS_DEVICE_VHOST_VSOCK }, { "mch", QEMU_CAPS_DEVICE_MCH }, + { "sev-guest", QEMU_CAPS_SEV_GUEST }, }; =20 static struct virQEMUCapsStringFlags virQEMUCapsDevicePropsVirtioBalloon[]= =3D { @@ -2078,6 +2084,16 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCap= s, } =20 =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities) +{ + virSEVCapabilitiesFree(qemuCaps->sevCapabilities); + + qemuCaps->sevCapabilities =3D capabilities; +} + + static int virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps, qemuMonitorPtr mon) @@ -2665,6 +2681,21 @@ virQEMUCapsProbeQMPGICCapabilities(virQEMUCapsPtr qe= muCaps, } =20 =20 +static int +virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps, + qemuMonitorPtr mon) +{ + virSEVCapability *caps =3D NULL; + + if (qemuMonitorGetSEVCapabilities(mon, &caps) < 0) + return -1; + + virQEMUCapsSetSEVCapabilities(qemuCaps, caps); + + return 0; +} + + bool virQEMUCapsCPUFilterFeatures(const char *name, void *opaque) @@ -4064,6 +4095,12 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps, virQEMUCapsClear(qemuCaps, QEMU_CAPS_DEVICE_VFIO_CCW); } =20 + /* Probe for SEV capabilities */ + if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) { + if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0) + virQEMUCapsClear(qemuCaps, QEMU_CAPS_SEV_GUEST); + } + ret =3D 0; cleanup: return ret; diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 884b406..f80da91 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -482,6 +482,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ QEMU_CAPS_DEVICE_MCH, /* Northbridge in q35 machine types */ QEMU_CAPS_MCH_EXTENDED_TSEG_MBYTES, /* -global mch.extended-tseg-mbyte= s */ =20 + /* 310 */ + QEMU_CAPS_SEV_GUEST, /* -object sev-guest,... */ + QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; =20 @@ -615,5 +618,4 @@ bool virQEMUCapsGuestIsNative(virArch host, =20 bool virQEMUCapsCPUFilterFeatures(const char *name, void *opaque); - #endif /* __QEMU_CAPABILITIES_H__*/ diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h index 4b7a04a..cb5e0dd 100644 --- a/src/qemu/qemu_capspriv.h +++ b/src/qemu/qemu_capspriv.h @@ -90,6 +90,10 @@ virQEMUCapsSetGICCapabilities(virQEMUCapsPtr qemuCaps, virGICCapability *capabilities, size_t ncapabilities); =20 +void +virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, + virSEVCapability *capabilities); + int virQEMUCapsProbeQMPCPUDefinitions(virQEMUCapsPtr qemuCaps, qemuMonitorPtr mon, diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 215135a..fd6bce9 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -3850,6 +3850,16 @@ qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, =20 =20 int +qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + QEMU_CHECK_MONITOR(mon); + + return qemuMonitorJSONGetSEVCapabilities(mon, capabilities); +} + + +int qemuMonitorNBDServerStart(qemuMonitorPtr mon, const char *host, unsigned int port, diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 4384372..75d5d98 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -711,6 +711,9 @@ int qemuMonitorSetMigrationCapabilities(qemuMonitorPtr = mon, int qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + typedef enum { QEMU_MONITOR_MIGRATE_BACKGROUND =3D 1 << 0, QEMU_MONITOR_MIGRATE_NON_SHARED_DISK =3D 1 << 1, /* migration with non-= shared storage with full disk copy */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index e8a46d2..ba0da9a 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -6401,6 +6401,85 @@ qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, return ret; } =20 + +int +qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities) +{ + int ret =3D -1; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr caps; + virSEVCapability *capability =3D NULL; + const char *pdh =3D NULL, *cert_chain =3D NULL; + unsigned int cbitpos, reduced_phys_bits; + + *capabilities =3D NULL; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-capabilities", + NULL))) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + goto cleanup; + + caps =3D virJSONValueObjectGetObject(reply, "return"); + + if (virJSONValueObjectGetNumberUint(caps, "cbitpos", &cbitpos) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sev-capabilities reply was missing" + " 'cbitpos' field")); + goto cleanup; + } + + if (virJSONValueObjectGetNumberUint(caps, "reduced-phys-bits", + &reduced_phys_bits) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sev-capabilities reply was missing" + " 'reduced-phys-bits' field")); + goto cleanup; + } + + if (!(pdh =3D virJSONValueObjectGetString(caps, "pdh"))) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sev-capabilities reply was missing" + " 'pdh' field")); + goto cleanup; + } + + if (!(cert_chain =3D virJSONValueObjectGetString(caps, "cert-chain")))= { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sev-capabilities reply was missing" + " 'cert-chain' field")); + goto cleanup; + } + + if (VIR_ALLOC(capability) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->pdh, pdh) < 0) + goto cleanup; + + if (VIR_STRDUP(capability->cert_chain, cert_chain) < 0) + goto cleanup; + + capability->cbitpos =3D cbitpos; + capability->reduced_phys_bits =3D reduced_phys_bits; + VIR_STEAL_PTR(*capabilities, capability); + ret =3D 0; + + cleanup: + virSEVCapabilitiesFree(capability); + virJSONValueFree(cmd); + virJSONValueFree(reply); + + return ret; +} + static virJSONValuePtr qemuMonitorJSONBuildInetSocketAddress(const char *host, const char *port) diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 2ae0faa..4c10574 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -152,6 +152,9 @@ int qemuMonitorJSONSetMigrationCapabilities(qemuMonitor= Ptr mon, int qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon, virGICCapability **capabilities); =20 +int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, + virSEVCapability **capabilities); + int qemuMonitorJSONMigrate(qemuMonitorPtr mon, unsigned int flags, const char *uri); diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.replies b/tests/= qemucapabilitiesdata/caps_2.12.0.x86_64.replies index 78e1b45..ddee9b9 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.replies +++ b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.replies @@ -19039,6 +19039,16 @@ } =20 { + "return" : { + "reduced-phys-bits": 1, + "cbitpos": 47, + "cert-chain": "AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA", + "pdh": "AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAO= AAA" + }, + "id": "libvirt-52" +} + +{ "return": { }, "id": "libvirt-1" diff --git a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml b/tests/qemu= capabilitiesdata/caps_2.12.0.x86_64.xml index 2afd7ad..0c38826 100644 --- a/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_2.12.0.x86_64.xml @@ -210,9 +210,10 @@ + 2011090 0 - 391586 + 391832 v2.12.0-rc0 x86_64 --=20 2.7.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list