On Thu, Mar 08, 2018 at 06:48:59AM -0600, Brijesh Singh wrote:
> The command can be used by libvirt to query the SEV capabilities.
>
> Cc: "Daniel P. Berrangé" <berrange@xxxxxxxxxx>
> Cc: "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx>
> Cc: Markus Armbruster <armbru@xxxxxxxxxx>
> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
> ---
> monitor.c | 7 +++++++
> qapi/misc.json | 42 ++++++++++++++++++++++++++++++++++++++++++
> target/i386/monitor.c | 6 ++++++
> 3 files changed, 55 insertions(+)
>
> diff --git a/monitor.c b/monitor.c
> index d53ecc5ddab3..29ce695a80d5 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -985,6 +985,7 @@ static void qmp_unregister_commands_hack(void)
> qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
> qmp_unregister_command(&qmp_commands, "query-sev");
> qmp_unregister_command(&qmp_commands, "query-sev-launch-measure");
> + qmp_unregister_command(&qmp_commands, "query-sev-capabilities");
> #endif
> #ifndef TARGET_S390X
> qmp_unregister_command(&qmp_commands, "dump-skeys");
> @@ -4117,6 +4118,12 @@ SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
> error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-launch-measure");
> return NULL;
> }
> +
> +SevCapability *qmp_query_sev_capabilities(Error **errp)
> +{
> + error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-capabilities");
> + return NULL;
> +}
> #endif
>
> #ifndef TARGET_S390X
> diff --git a/qapi/misc.json b/qapi/misc.json
> index a39c43aa64b1..37c89663d8f4 100644
> --- a/qapi/misc.json
> +++ b/qapi/misc.json
> @@ -3306,3 +3306,45 @@
> #
> ##
> { 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo' }
> +
> +##
> +# @SevCapability:
> +#
> +# The struct describes capability for a Secure Encrypted Virtualization
> +# feature.
> +#
> +# @pdh: Platform Diffie-Hellman key
> +#
> +# @cert-chain: PDH certificate chain
Are either of these base64 encoded ? If so nice to document that.
> +#
> +# @cbitpos: C-bit location in page table entry
> +#
> +# @reduced-phys-bits: Number of physical Address bit reduction when SEV is
> +# enabled
> +#
> +# Since: 2.12
> +##
> +{ 'struct': 'SevCapability',
> + 'data': { 'pdh': 'str',
> + 'cert-chain': 'str',
> + 'cbitpos': 'int',
> + 'reduced-phys-bits': 'int'} }
Regardless of answer to above Q,
Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
