On Wed, Jul 07, 2021 at 05:55:03PM -0700, isaku.yamahata@xxxxxxxxx wrote: > From: Chenyi Qiang <chenyi.qiang@xxxxxxxxx> > > Add QMP commands that can be used by libvirt to query the TDX capabilities > and TDX info. The set of capabilities that needs to be reported is only > enabled at the moment, which means TDX is enabled. > > Signed-off-by: Chenyi Qiang <chenyi.qiang@xxxxxxxxx> > Co-developed-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> > Signed-off-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> > --- > include/sysemu/tdx.h | 6 ++++ > qapi/misc-target.json | 59 ++++++++++++++++++++++++++++++++++++++ In addition to Gerd's suggestion to use an enum, > +++ b/qapi/misc-target.json > @@ -323,3 +323,62 @@ > { 'command': 'query-sev-attestation-report', 'data': { 'mnonce': 'str' }, > 'returns': 'SevAttestationReport', > 'if': 'defined(TARGET_I386)' } > + > +## > +# @TDXInfo: > +# > +# Information about Trust Domain Extensions (TDX) support > +# > +# @enabled: true if TDX is active > +# > +## Missing a 'Since: 6.2' line, here and elsewhere in the patch. > +{ 'struct': 'TDXInfo', > + 'data': { 'enabled': 'bool' }, > + 'if': 'defined(TARGET_I386)' > +} > + > +## > +# @query-tdx: > +# > +# Returns information about TDX > +# > +# Returns: @TdxInfo > +# > +# > +# Example: > +# > +# -> { "execute": "query-tdx" } > +# <- { "return": { "enabled": true } } > +# > +## > +{ 'command': 'query-tdx', 'returns': 'TDXInfo', > + 'if': 'defined(TARGET_I386)' } > + > +## > +# @TDXCapability: > +# > +# The struct describes capability for a TDX > +# feature. > +# > +## > +{ 'struct': 'TDXCapability', > + 'data': { 'enabled': 'bool' }, > + 'if': 'defined(TARGET_I386)' } > + > +## > +# @query-tdx-capabilities: Do we need two separate commands, or could 'query-tdx' be made sufficiently powerful to tell you both whether tdx is available, and what capabilities it has, all in one command? > +# > +# This command is used to get the TDX capabilities, and is supported on Intel > +# X86 platforms only. > +# > +# Returns: @TDXCapability. > +# > +# > +# Example: > +# > +# -> { "execute": "query-tdx-capabilities" } > +# <- { "return": { 'enabled': 'bool' }} > +# > +## > +{ 'command': 'query-tdx-capabilities', 'returns': 'TDXCapability', > + 'if': 'defined(TARGET_I386)' } -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org