[libvirt] [PATCH v2 1/9] qemu: provide support to query the SEV capability
Brijesh Singh
brijesh.singh at amd.com
Mon Mar 12 15:14:59 UTC 2018
On 03/12/2018 08:31 AM, Daniel P. Berrangé wrote:
> On Thu, Mar 08, 2018 at 11:12:00AM -0600, Brijesh Singh wrote:
>> QEMU version >= 2.12 provides support for launching an encrypted VMs on
>> AMD x86 platform using Secure Encrypted Virtualization (SEV) feature.
>> This patch adds support to query the SEV capability from the qemu.
>>
>> Signed-off-by: Brijesh Singh <brijesh.singh at amd.com>
>> ---
>> src/conf/domain_capabilities.h | 13 ++++++++
>> src/qemu/qemu_capabilities.c | 43 +++++++++++++++++++++++++
>> src/qemu/qemu_capabilities.h | 1 +
>> src/qemu/qemu_capspriv.h | 4 +++
>> src/qemu/qemu_monitor.c | 9 ++++++
>> src/qemu/qemu_monitor.h | 3 ++
>> src/qemu/qemu_monitor_json.c | 73 ++++++++++++++++++++++++++++++++++++++++++
>> src/qemu/qemu_monitor_json.h | 3 ++
>> 8 files changed, 149 insertions(+)
>>
>> diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h
>> index fa4c1e442f57..83d04d4c8506 100644
>> --- a/src/conf/domain_capabilities.h
>> +++ b/src/conf/domain_capabilities.h
>> @@ -137,6 +137,19 @@ struct _virDomainCapsCPU {
>> virDomainCapsCPUModelsPtr custom;
>> };
>>
>> +/*
>> + * SEV capabilities
>> + */
>> +typedef struct _virSEVCapability virSEVCapability;
>> +typedef virSEVCapability *virSEVCapabilityPtr;
>> +struct _virSEVCapability {
>> + char *pdh;
>> + char *cert_chain;
>> + int cbitpos;
>> + int reduced_phys_bits;
>
> If you have any reason to re-spin this patch series, lets make these
> two be unsigned int, since IIUC -ve values are not possible.
>
Will make the changes in next rev.
>>
>> + /* no way to query -object sev-guest */
>> + if (ARCH_IS_X86(qemuCaps->arch) &&
>> + qemuCaps->version >= 2012000) {
>> + virQEMUCapsSet(qemuCaps, QEMU_CAPS_SEV);
>> + }
>
> Sigh, we really need to fix introspection of -object types one day...
>
I will take Peter's suggestion and look at -secret object and see how
its probed and will do similar thing for sev-guest.
Thanks
More information about the libvir-list
mailing list