* Brijesh Singh (brijesh.singh@xxxxxxx) wrote:
>
>
> On 2/1/18 11:58 AM, Dr. David Alan Gilbert wrote:
> > * Brijesh Singh (brijesh.singh@xxxxxxx) wrote:
> >> update 'info kvm' to display the memory encryption support.
> >>
> >> (qemu) info kvm
> >> kvm support: enabled
> >> memory encryption: disabled
> > As Markus said, this should be split qmp/hmp; but something else to
> > think about is whether this is a boolean or needs to be an enum; do
> > you have one version of encryption or are we going to need to flag up
> > versions or the features of the encryption?
>
> In future I could see us providing encrypted state status when we
> implement SEV-ES support, something like
>
> (qemu) info kvm
> kvm support: enabled
> memory encryption: enabled
> cpu register state: encrypted
>
> but so far I do not see need to provide the version string. If user
> wants to know the SEV version then it can open /dev/sev device to get
> platform status and more.
Yes, I was worried a bit more about how general that was going to be
or whether we're collecting a lot of architecture specific fields here.
So I wondered, if it was an enum, whether that would be come:
memory encryption: none
memory encryption: SEV
memory encryption: SEV-ES
(I'm not too sure whether that's better or not, just a suggestion)
Dave
>
> > Dave
> >
> >> Cc: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx>
> >> Cc: Eric Blake <eblake@xxxxxxxxxx>
> >> Cc: Markus Armbruster <armbru@xxxxxxxxxx>
> >> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> >> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
> >> ---
> >> hmp.c | 2 ++
> >> qapi-schema.json | 5 ++++-
> >> qmp.c | 1 +
> >> 3 files changed, 7 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/hmp.c b/hmp.c
> >> index 056bf70cf1e2..6ceb6b30af75 100644
> >> --- a/hmp.c
> >> +++ b/hmp.c
> >> @@ -88,6 +88,8 @@ void hmp_info_kvm(Monitor *mon, const QDict *qdict)
> >> monitor_printf(mon, "kvm support: ");
> >> if (info->present) {
> >> monitor_printf(mon, "%s\n", info->enabled ? "enabled" : "disabled");
> >> + monitor_printf(mon, "memory encryption: %s\n",
> >> + info->mem_encryption ? "enabled" : "disabled");
> >> } else {
> >> monitor_printf(mon, "not compiled\n");
> >> }
> >> diff --git a/qapi-schema.json b/qapi-schema.json
> >> index 5c06745c7927..2046c96669bf 100644
> >> --- a/qapi-schema.json
> >> +++ b/qapi-schema.json
> >> @@ -314,9 +314,12 @@
> >> #
> >> # @present: true if KVM acceleration is built into this executable
> >> #
> >> +# @mem-encryption: true if Memory Encryption is active (since 2.12)
> >> +#
> >> # Since: 0.14.0
> >> ##
> >> -{ 'struct': 'KvmInfo', 'data': {'enabled': 'bool', 'present': 'bool'} }
> >> +{ 'struct': 'KvmInfo', 'data': {'enabled': 'bool', 'present': 'bool',
> >> + 'mem-encryption' : 'bool'} }
> >>
> >> ##
> >> # @query-kvm:
> >> diff --git a/qmp.c b/qmp.c
> >> index 52cfd2d81c0f..3a527bc8c39c 100644
> >> --- a/qmp.c
> >> +++ b/qmp.c
> >> @@ -69,6 +69,7 @@ KvmInfo *qmp_query_kvm(Error **errp)
> >>
> >> info->enabled = kvm_enabled();
> >> info->present = kvm_available();
> >> + info->mem_encryption = kvm_memcrypt_enabled();
> >>
> >> return info;
> >> }
> >> --
> >> 2.9.5
> >>
> > --
> > Dr. David Alan Gilbert / dgilbert@xxxxxxxxxx / Manchester, UK
>
--
Dr. David Alan Gilbert / dgilbert@xxxxxxxxxx / Manchester, UK
