[PATCH v14 08/15] qemu: Get SGX capabilities form QMP

Michal Prívozník mprivozn at redhat.com
Tue Aug 23 14:03:10 UTC 2022 

On 8/22/22 06:34, Yang, Lin A wrote:
> 
> @Michal, do you have any updated for v14 patches? If yes, I can rework on
> 
> top of your changes and submit for review.
> 
> https://gitlab.com/MichalPrivoznik/libvirt/-/commits/sgx_rework
> <https://gitlab.com/MichalPrivoznik/libvirt/-/commits/sgx_rework> ?

It's sgx_rework_v2 but it hasn't worked all Peter's suggestion in, yet.

Anyway, I've experimented with plain QEMU a bit (I think Peter asked
this somewhere in the review) and the way SGX works is by using a memory
that QEMU already has, e.g.:

./qemu-system-x86_64 \
-S \
-machine pc-q35-6.2,usb=off,dump-guest-core=off,sgx-epc.0.memdev=memepc0,sgx-epc.0.node=0,sgx-epc.1.memdev=memepc1,sgx-epc.1.node=0 \
-accel tcg \
-cpu qemu64 \
-m 128 \
-device virtio-balloon-pci,id=balloon0 \
-object '{"qom-type":"memory-backend-epc","id":"memepc0","prealloc":true,"size":67108864}' \
-object '{"qom-type":"memory-backend-epc","id":"memepc1","prealloc":true,"size":167}' \
-qmp stdio

{"QMP": {"version": {"qemu": {"micro": 93, "minor": 0, "major": 7}, "package": "v7.1.0-rc3-30-g08eb7aa318"}, "capabilities": ["oob"]}}

{"execute":"qmp_capabilities"}
{"return": {}}

{"execute":"query-memory-size-summary"}
{"return": {"base-memory": 134217728, "plugged-memory": 0}}

{"execute":"query-balloon"}
{"return": {"actual": 134217728}}

{"execute":"query-memory-devices"}
{"return": [{"type": "sgx-epc", "data": {"memdev": "/objects/memepc0", "memaddr": 4294967296, "size": 67108864, "node": 0}}, {"type": "sgx-epc", "data": {"memdev": "/objects/memepc1", "memaddr": 4362076160, "size": 167, "node": 0}}]}

{"execute":"query-memdev"}
{"return": [{"share": true, "reserve": true, "prealloc": true, "host-nodes": [], "size": 167, "merge": false, "dump": false, "policy": "default", "id": "memepc1"}, {"share": false, "reserve": true, "prealloc": false, "host-nodes": [], "size": 134217728, "merge": true, "dump": false, "policy": "default", "id": "pc.ram"}, {"share": true, "reserve": true, "prealloc": true, "host-nodes": [], "size": 67108864, "merge": false, "dump": false, "policy": "default", "id": "memepc0"}]}


IOW, it looks like memory-backend-epc does not add any additional memory (like other backends do). Therefore I'm not sure whether <memory/> device is the right element to represent this, but I don't have a good alternative either.

Feel free to take my patches and rework them as I'll be traveling in near future and might not get enough time to work on this.

Michal

More information about the libvir-list mailing list