This sev-guest object property indicates whether QEMU should
expose the kernel, ramdisk, cmdline hashes to the firmware
for measurement.
The 6.2.0 capabilities are selectively refreshed to pull in
the kernel-hashes parameter to the schema.
Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
src/qemu/qemu_capabilities.c | 2 ++
src/qemu/qemu_capabilities.h | 1 +
tests/qemucapabilitiesdata/caps_6.2.0.x86_64.replies | 5 +++++
tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml | 1 +
4 files changed, 9 insertions(+)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index ddd61ecfc9..c1b06998af 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -652,6 +652,7 @@ VIR_ENUM_IMPL(virQEMUCaps,
"device.json", /* QEMU_CAPS_DEVICE_JSON */
"query-dirty-rate", /* QEMU_CAPS_QUERY_DIRTY_RATE */
"rbd-encryption", /* QEMU_CAPS_RBD_ENCRYPTION */
+ "sev-guest-kernel-hashes", /* QEMU_CAPS_SEV_GUEST_KERNEL_HASHES */
);
@@ -1571,6 +1572,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsQMPSchemaQueries[] = {
{ "query-named-block-nodes/arg-type/flat", QEMU_CAPS_QMP_QUERY_NAMED_BLOCK_NODES_FLAT },
{ "screendump/arg-type/device", QEMU_CAPS_SCREENDUMP_DEVICE },
{ "set-numa-node/arg-type/+hmat-lb", QEMU_CAPS_NUMA_HMAT },
+ { "object-add/arg-type/+sev-guest/kernel-hashes", QEMU_CAPS_SEV_GUEST_KERNEL_HASHES },
};
typedef struct _virQEMUCapsObjectTypeProps virQEMUCapsObjectTypeProps;
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 716e09123c..aaac20a834 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -631,6 +631,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */
QEMU_CAPS_DEVICE_JSON, /* -device accepts JSON */
QEMU_CAPS_QUERY_DIRTY_RATE, /* accepts query-dirty-rate */
QEMU_CAPS_RBD_ENCRYPTION, /* Ceph RBD encryption support */
+ QEMU_CAPS_SEV_GUEST_KERNEL_HASHES, /* sev-guest.kernel-hashes= */
QEMU_CAPS_LAST /* this must always be the last item */
} virQEMUCapsFlags;
diff --git a/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.replies b/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.replies
index 69d3b1b12a..9de8e3bd66 100644
--- a/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.replies
+++ b/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.replies
@@ -13315,6 +13315,11 @@
{
"name": "reduced-phys-bits",
"type": "int"
+ },
+ {
+ "name": "kernel-hashes",
+ "default": null,
+ "type": "bool"
}
],
"meta-type": "object"
diff --git a/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml b/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml
index 39179916c5..5aa65679ee 100644
--- a/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml
+++ b/tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml
@@ -240,6 +240,7 @@
<flag name='device.json'/>
<flag name='query-dirty-rate'/>
<flag name='rbd-encryption'/>
+ <flag name='sev-guest-kernel-hashes'/>
<version>6001050</version>
<kvmVersion>0</kvmVersion>
<microcodeVersion>43100244</microcodeVersion>
--
2.33.1
