The QMP query command can used to retrieve the SEV information when
memory encryption is enabled on AMD platform.
Cc: Eric Blake <eblake@xxxxxxxxxx>
Cc: "Daniel P. Berrangé" <berrange@xxxxxxxxxx>
Cc: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx>
Cc: Markus Armbruster <armbru@xxxxxxxxxx>
Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
---
monitor.c | 7 ++++++
qapi-schema.json | 61 +++++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/monitor.c | 8 +++++++
3 files changed, 76 insertions(+)
diff --git a/monitor.c b/monitor.c
index d77edc4bb692..356d550aaf2d 100644
--- a/monitor.c
+++ b/monitor.c
@@ -983,6 +983,7 @@ static void qmp_unregister_commands_hack(void)
#endif
#ifndef TARGET_I386
qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
+ qmp_unregister_command(&qmp_commands, "query-sev");
#endif
#ifndef TARGET_S390X
qmp_unregister_command(&qmp_commands, "dump-skeys");
@@ -4157,6 +4158,12 @@ void qmp_rtc_reset_reinjection(Error **errp)
{
error_setg(errp, QERR_FEATURE_DISABLED, "rtc-reset-reinjection");
}
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+ error_setg(errp, QERR_FEATURE_DISABLED, "query-sev");
+ return NULL;
+}
#endif
#ifndef TARGET_S390X
diff --git a/qapi-schema.json b/qapi-schema.json
index 0262b9f20bc6..467a06460ead 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -3189,3 +3189,64 @@
# Since: 2.11
##
{ 'command': 'watchdog-set-action', 'data' : {'action': 'WatchdogAction'} }
+
+##
+# @SevState:
+#
+# An enumeration of SEV state information used during @query-sev.
+#
+# Since: 2.12
+##
+{ 'enum': 'SevState',
+ 'data': ['uninit', 'lupdate', 'lsecret', 'running', 'supdate', 'rupdate' ] }
+
+##
+# @SevInfo:
+#
+# Information about Secure Encrypted Virtualization (SEV) support
+#
+# @enabled: true if SEV is active
+#
+# @api-major: SEV API major version
+#
+# @api-minor: SEV API minor version
+#
+# @build-id: SEV FW build id
+#
+# @policy: SEV policy value
+#
+# @state: SEV guest state
+#
+# @handle: SEV firmware handle
+#
+# Since: 2.12
+##
+{ 'struct': 'SevInfo',
+ 'data': { 'enabled': 'bool',
+ 'api-major': 'uint8',
+ 'api-minor' : 'uint8',
+ 'build-id' : 'uint8',
+ 'policy' : 'uint32',
+ 'state' : 'SevState',
+ 'handle' : 'uint32'
+ }
+}
+
+##
+# @query-sev:
+#
+# Returns information about SEV
+#
+# Returns: @SevInfo
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev" }
+# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
+# "build-id" : 0, "policy" : 0, "state" : "running",
+# "handle" : 1 } }
+#
+##
+{ 'command': 'query-sev', 'returns': 'SevInfo' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 55ea10deb8ef..f429b1fc5383 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -30,6 +30,8 @@
#include "hw/i386/pc.h"
#include "sysemu/kvm.h"
#include "hmp.h"
+#include "sev_i386.h"
+#include "qmp-commands.h"
static void print_pte(Monitor *mon, CPUArchState *env, hwaddr addr,
@@ -665,3 +667,9 @@ void hmp_info_io_apic(Monitor *mon, const QDict *qdict)
ioapic_dump_state(mon, qdict);
}
}
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+}
--
2.14.3
