On Thu, Mar 08, 2018 at 06:48:56AM -0600, Brijesh Singh wrote: > The command can be used by libvirt to retrieve the measurement of SEV guest. > This measurement is a signature of the memory contents that was encrypted > through the LAUNCH_UPDATE_DATA. > > Cc: "Daniel P. Berrangé" <berrange@xxxxxxxxxx> > Cc: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx> > Cc: Markus Armbruster <armbru@xxxxxxxxxx> > Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> > Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx> > --- > monitor.c | 7 +++++++ > qapi/misc.json | 29 +++++++++++++++++++++++++++++ > target/i386/monitor.c | 17 +++++++++++++++++ > 3 files changed, 53 insertions(+) > > diff --git a/monitor.c b/monitor.c > index 2225cf5030dc..d53ecc5ddab3 100644 > --- a/monitor.c > +++ b/monitor.c > @@ -984,6 +984,7 @@ static void qmp_unregister_commands_hack(void) > #ifndef TARGET_I386 > qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection"); > qmp_unregister_command(&qmp_commands, "query-sev"); > + qmp_unregister_command(&qmp_commands, "query-sev-launch-measure"); > #endif > #ifndef TARGET_S390X > qmp_unregister_command(&qmp_commands, "dump-skeys"); > @@ -4110,6 +4111,12 @@ SevInfo *qmp_query_sev(Error **errp) > error_setg(errp, QERR_FEATURE_DISABLED, "query-sev"); > return NULL; > } > + > +SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp) > +{ > + error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-launch-measure"); > + return NULL; > +} > #endif > > #ifndef TARGET_S390X > diff --git a/qapi/misc.json b/qapi/misc.json > index 14681729f8fc..a39c43aa64b1 100644 > --- a/qapi/misc.json > +++ b/qapi/misc.json > @@ -3277,3 +3277,32 @@ > # > ## > { 'command': 'query-sev', 'returns': 'SevInfo' } > + > +## > +# @SevLaunchMeasureInfo: > +# > +# SEV Guest Launch measurement information > +# > +# @data: the measurement value encoded in base64 > +# > +# Since: 2.12 > +# > +## > +{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'} } > + > +## > +# @query-sev-launch-measure: > +# > +# Query the SEV guest launch information. > +# > +# Returns: The @SevLaunchMeasureInfo for the guest > +# > +# Since: 2.12 > +# > +# Example: > +# > +# -> { "execute": "query-sev-launch-measure" } > +# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } } > +# > +## > +{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo' } > diff --git a/target/i386/monitor.c b/target/i386/monitor.c > index 7df31c3cdf1b..e5596bbc0fc2 100644 > --- a/target/i386/monitor.c > +++ b/target/i386/monitor.c > @@ -720,3 +720,20 @@ void hmp_info_sev(Monitor *mon, const QDict *qdict) > monitor_printf(mon, "SEV is not enabled\n"); > } > } > + > +SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp) > +{ > + char *data; > + SevLaunchMeasureInfo *info; > + > + data = sev_get_launch_measurement(); > + if (!data) { > + error_setg(errp, "Measurement is not available"); > + return NULL; > + } > + > + info = g_malloc0(sizeof(*info)); Minor preference for g_new0(SevLaunchMeasureInfo, 1); > + info->data = data; > + > + return info; > +} Regardless though Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|