Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
qemu-linux-user.9574
0050-sev-i386-qmp-add-query-sev-command.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0050-sev-i386-qmp-add-query-sev-command.patch of Package qemu-linux-user.9574
From 0ab72e871e0cf88fd4a3c45ec51ce04e3c2b4e09 Mon Sep 17 00:00:00 2001 From: Brijesh Singh <brijesh.singh@amd.com> Date: Thu, 8 Mar 2018 06:48:42 -0600 Subject: [PATCH] sev/i386: qmp: add query-sev command MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The QMP query command can used to retrieve the SEV information when memory encryption is enabled on AMD platform. Cc: Eric Blake <eblake@redhat.com> Cc: "Daniel P. Berrangé" <berrange@redhat.com> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> (cherry picked from commit 08a161fd35bb22b03298c7ce212a4baacfc42a83) [BR: FATE#322124] Signed-off-by: Bruce Rogers <brogers@suse.com> --- monitor.c | 7 ++++ qapi-schema.json | 77 +++++++++++++++++++++++++++++++++++++++++++ target/i386/monitor.c | 8 +++++ tests/qmp-test.c | 2 ++ 4 files changed, 94 insertions(+) diff --git a/monitor.c b/monitor.c index e36fb5308d..a395fe990f 100644 --- a/monitor.c +++ b/monitor.c @@ -981,6 +981,7 @@ static void qmp_unregister_commands_hack(void) #endif #ifndef TARGET_I386 qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection"); + qmp_unregister_command(&qmp_commands, "query-sev"); #endif #ifndef TARGET_S390X qmp_unregister_command(&qmp_commands, "dump-skeys"); @@ -4156,6 +4157,12 @@ void qmp_rtc_reset_reinjection(Error **errp) { error_setg(errp, QERR_FEATURE_DISABLED, "rtc-reset-reinjection"); } + +SevInfo *qmp_query_sev(Error **errp) +{ + error_setg(errp, QERR_FEATURE_DISABLED, "query-sev"); + return NULL; +} #endif #ifndef TARGET_S390X diff --git a/qapi-schema.json b/qapi-schema.json index 18457954a8..a1e274b062 100644 --- a/qapi-schema.json +++ b/qapi-schema.json @@ -3200,3 +3200,80 @@ # Since: 2.11 ## { 'command': 'watchdog-set-action', 'data' : {'action': 'WatchdogAction'} } + + +## +# @SevState: +# +# An enumeration of SEV state information used during @query-sev. +# +# @uninit: The guest is uninitialized. +# +# @launch-update: The guest is currently being launched; plaintext data and +# register state is being imported. +# +# @launch-secret: The guest is currently being launched; ciphertext data +# is being imported. +# +# @running: The guest is fully launched or migrated in. +# +# @send-update: The guest is currently being migrated out to another machine. +# +# @receive-update: The guest is currently being migrated from another machine. +# +# Since: 2.12 +## +{ 'enum': 'SevState', + 'data': ['uninit', 'launch-update', 'launch-secret', 'running', + 'send-update', 'receive-update' ] } + +## +# @SevInfo: +# +# Information about Secure Encrypted Virtualization (SEV) support +# +# @enabled: true if SEV is active +# +# @api-major: SEV API major version +# +# @api-minor: SEV API minor version +# +# @build-id: SEV FW build id +# +# @policy: SEV policy value +# +# @state: SEV guest state +# +# @handle: SEV firmware handle +# +# Since: 2.12 +## +{ 'struct': 'SevInfo', + 'data': { 'enabled': 'bool', + 'api-major': 'uint8', + 'api-minor' : 'uint8', + 'build-id' : 'uint8', + 'policy' : 'uint32', + 'state' : 'SevState', + 'handle' : 'uint32' + } +} + +## +# @query-sev: +# +# Returns information about SEV +# +# Returns: @SevInfo +# +# Since: 2.12 +# +# Example: +# +# -> { "execute": "query-sev" } +# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0, +# "build-id" : 0, "policy" : 0, "state" : "running", +# "handle" : 1 } } +# +## +{ 'command': 'query-sev', 'returns': 'SevInfo' } diff --git a/target/i386/monitor.c b/target/i386/monitor.c index 75e155ffb1..b208cdc2f6 100644 --- a/target/i386/monitor.c +++ b/target/i386/monitor.c @@ -28,6 +28,8 @@ #include "hw/i386/pc.h" #include "sysemu/kvm.h" #include "hmp.h" +#include "qapi/error.h" +#include "qmp-commands.h" static void print_pte(Monitor *mon, CPUArchState *env, hwaddr addr, @@ -659,3 +661,9 @@ void hmp_info_io_apic(Monitor *mon, const QDict *qdict) ioapic_dump_state(mon, qdict); } } + +SevInfo *qmp_query_sev(Error **errp) +{ + error_setg(errp, "SEV feature is not available"); + return NULL; +} diff --git a/tests/qmp-test.c b/tests/qmp-test.c index c5a5c10b41..0ec09dbf59 100644 --- a/tests/qmp-test.c +++ b/tests/qmp-test.c @@ -200,6 +200,8 @@ static bool query_is_blacklisted(const char *cmd) "query-gic-capabilities", /* arm */ /* Success depends on target-specific build configuration: */ "query-pci", /* CONFIG_PCI */ + /* Success depends on Host or Hypervisor SEV support */ + "query-sev", NULL }; int i;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor