From nobody Mon Feb 9 02:28:50 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1528307503892267.1864401603865; Wed, 6 Jun 2018 10:51:43 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3E138CD67C; Wed, 6 Jun 2018 17:51:41 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B9641608F2; Wed, 6 Jun 2018 17:51:40 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 3085D180BA86; Wed, 6 Jun 2018 17:51:40 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.26]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id w56Hp8JW016174 for ; Wed, 6 Jun 2018 13:51:08 -0400 Received: by smtp.corp.redhat.com (Postfix) id CF2503001A5A; Wed, 6 Jun 2018 17:51:08 +0000 (UTC) Received: from mx1.redhat.com (ext-mx09.extmail.prod.ext.phx2.redhat.com [10.5.110.38]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C79413083326 for ; Wed, 6 Jun 2018 17:51:06 +0000 (UTC) Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0063.outbound.protection.outlook.com [104.47.42.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 997E1E3133 for ; Wed, 6 Jun 2018 17:51:05 +0000 (UTC) Received: from wsp141597wss.amd.com (165.204.78.1) by DM5PR12MB2456.namprd12.prod.outlook.com (2603:10b6:4:b4::37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.820.15; Wed, 6 Jun 2018 17:50:56 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=No//8HL68LVE0NtHBv7lyDZJHeC6iGCTXs0d1vkBoks=; b=L1ws+769dRl7o3RAIAuk1lVObzTqmLS87th9lhe85bGMk9kS8wCWBAEF3c0UxlmWWBO1HrFxOyN8whp1A3cVDg6hxeH0ECe3agfqfEFLMpbP9vkfOJW2RyHmMtyraW21EdkGrnwD3J6I7lHAagnv8RgJZrbDX3i1rFGYRjS3CaY= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: libvir-list@redhat.com Date: Wed, 6 Jun 2018 12:50:17 -0500 Message-Id: <20180606175017.104019-12-brijesh.singh@amd.com> In-Reply-To: <20180606175017.104019-1-brijesh.singh@amd.com> References: <20180606175017.104019-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0201CA0014.namprd02.prod.outlook.com (2603:10b6:803:2b::24) To DM5PR12MB2456.namprd12.prod.outlook.com (2603:10b6:4:b4::37) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:DM5PR12MB2456; X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB2456; 3:cqaOrDHTf9s+B6fwtnzxqlhA1djcmT5W48Zl37Qi3/7I/is4JJl/7c/xVh/yEEPN+WAmWsjVdvG5fbh9rnP+YagO3lfqEbk2+KtmM8gri0a7aMXrtWjdGwchVM6x9szL/o+j21WE0CES4lbWeWO9HfJZal3xwax/NsQ+4LnaRZzpZGtvbQCKKWAOxK92e1uZEFWK7ivw9T/6sI7opZlAZ2p1JI1XfzbNJb1FZZRJmxA3nj7DYQMjQRf/IgXRhn6Y; 25:Ucl9pt6X6+cwatSFVz+oQMvz7igG+yg+yaZN1cwB2XbffCA3ovOC8o/lSznVujpm83fPbtbchzshOgrSJjFYHfM7+IYBX7vSbYAn3CkUITVexqmsEGOyTYwhTvzxl34N/7LWuUdmC6fqIHTNwV5+cxSbASGU/4wtJdK3guY8iMI6SsBr1aqnpdX4MCBPy6XxRU8M1oCe3gCKocSU+FD4kDZat2oH69FJLBEnrJOdVN74QzhggDyQ4R5IcRoH4dnXrQNNMiLFRPTj+Dv26nUIutCktGy1JHIPmofb8wDsi1JPH8TWoG5QLlU1IZhGL5zMBiPWQQkyXBvDaDL5BzpDww==; 31:HhlWAVjrQsZiC9UCaHtdKU5vbbYDP5DkxDk6TJ2zajDlVNxlMxIC4CEQ+ZbFxFq/MbYYSlrkrtqKHHwcYXQoeW9q0ZHHGWrgcI+fmfJq29V9SsfXTuI4qFYc7cSvsuA+s1X+L6AUlP1aea+qoqqxhRyw+loNlDASuFTeI7Zga/Jb7QxPhXBdbnDFyk4GuUj/fVswjE0mIEfR6/6lAyO1F++HVXCKfAPal4eKGald9VA= X-MS-TrafficTypeDiagnostic: DM5PR12MB2456: X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB2456; 20:TUNInGSynptCaqIFYZ4tT9igPL7hV3xpChB2aJIyDh77nFPeu4cewDWU+ahGrZFd5wW5YoABB1U6zrokbpFl5uWKrdBbacsqAmLNj4en8GJ86xO5V/2aOadQ+O1JE6LJhKbOsBrHAgkCYdC1LPDZixImmkS3/BHAI7KJzVOxY/n2K8ukHU7lLyxn2gMwhrN7xuXlxymJJKwvTXXn64AwRScUrRRF1tXfdXTqf4UG2AIusj+Lk2gkZAVrlaaDISyCDaGIWAcsMV4q/PJZjJrxBQ96vHVW6ONsdDkqvXAk4XDVOHfKMfVn1G9xrrijLVfkeYOGTDAYwOkpEYEg6Z36u0vEYAeh79ETMGXGsA0bNDehq/VlXCc10z3AVDbbdiEO9QcUOAbWtQj02wyGWbV+/TkZCF79TSjrrCHl1oD3RcKH3SoO74NqChWB8wlX+I504KH81WkqL652F4OJnH29dFQBrErhLYWh2AoKgCirEdG796budcpLxl3olHnPvbLa; 4:IoMfDfOXtYtfZXZGAfgJ6KpU1YI/S577pPL8MygqFBnsa7DVqo0hFXrg4ucBs34gK9vxS6gvpHjdcoP9tNQKvCqxBXIIgq7U47iqYnGu0Pk1umqbURgMFMPhbfR6QcyH+tUVsIj7+VQf2oKcQPDKe0RZ9XspLrGEGPTRRWR1qWzAWL8nxAYDbIPYx3F0BSOt096+BQKKor/VxMFUxn16gbNYECY08Ls8tYdYYj95y7gzzBVPBziBDZBDEqTdoFqyxh9cU4meJIhOMeIA3Ho3SiBQnbEYgwueAnPN+nlCrP4g3y1A3i3pGF0Yt1CBVMg/J3bdOUopfZRyVcrI03wxsw== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(767451399110); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(93006095)(93001095)(10201501046)(3002001)(3231254)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(20161123564045)(6072148)(201708071742011)(7699016); SRVR:DM5PR12MB2456; BCL:0; PCL:0; RULEID:; SRVR:DM5PR12MB2456; X-Forefront-PRVS: 06952FC175 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(366004)(346002)(376002)(39860400002)(39380400002)(396003)(199004)(189003)(2906002)(2351001)(305945005)(6116002)(3846002)(7736002)(59450400001)(1076002)(2361001)(7696005)(50226002)(8936002)(52116002)(51416003)(76176011)(5660300001)(48376002)(81156014)(8676002)(36756003)(81166006)(4326008)(386003)(53416004)(53936002)(26005)(106356001)(105586002)(186003)(97736004)(16526019)(50466002)(316002)(16586007)(54906003)(25786009)(47776003)(66066001)(68736007)(86362001)(6486002)(575784001)(6916009)(6666003)(956004)(476003)(11346002)(2616005)(44832011)(486006)(446003)(478600001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR12MB2456; H:wsp141597wss.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM5PR12MB2456; 23:dSI+NDFYb9ICK7cOOUpruLDhL1/NtePTEzbaIBROD?= =?us-ascii?Q?oeD5snrxbPh3LqZ0AqmTxbJOmJVA5MKIHHLEMQD+WbN7K/gK5jWdY0+DEjus?= =?us-ascii?Q?r7JoFpb9MEp7W5r4bo14m9npo1sDYyhCD2DcYqVlRPKyWhQJdxFX0twbOtod?= =?us-ascii?Q?0hFloPQ5+u6HgkObSvwUi8izjPYyf1DpWbz0FUNjMcZJ3MbAhkgxEJn71yJF?= =?us-ascii?Q?s4Xr3PCYfCP57UZZPm0ActUWXM+TOQiAcZAAwVym2UjPqkmlEaZZAmEn1UaB?= =?us-ascii?Q?SH7vqZvzkPDt/AMxr8J2L2wVAPt9uwup0xpxvxsAjb+19k+vwZVAwJrtOKZa?= =?us-ascii?Q?b2nNakOspolT4EDKrf+MuyJtQq/CUw6fepxdnB/SHCeQqYUUYbHYTeGxpPNU?= =?us-ascii?Q?aV/3f/jNkkkk8k8fg5jbEoKWiCBFJkWytFqk6fDR759h5v1DhxnZ2cRw6gNh?= =?us-ascii?Q?9OvUe5SW56VPCDWTFZ1mw8Dioy3gYFHfrSgcD1gvAmxv6Lpr+caqKAmp5fgH?= =?us-ascii?Q?uu57iOugnF81dWgOyqgVJm+mvKTRmxwvbkPI0jxefER14yFIpSuCPUD8lbbH?= =?us-ascii?Q?gXif89EU4SOykLS6LE2p6h8uC2jcjoNoS0eiObU1bNI7uh/jZSdQPU5cFSzi?= =?us-ascii?Q?KQY6KWL/9sMjRwcj6LV/upjhvZRmuIk/jbU2010hPTx1PpM8eXEDFz7JiiU6?= =?us-ascii?Q?Mf+ycFf/MivRHVdtyTZKZhHON3LM6U7Xx6s5kPXwphUYnwUgVUorr6o103Y/?= =?us-ascii?Q?6iGAzu7kPK6C4hWMSg8b9BGjJX1+Ftz1CB9M0cizUfCuwX+s81Wd9COMF+cA?= =?us-ascii?Q?eb8BmZHnjuUPs8kuIJ9bLNU8LZa+KKhNHMiUaOSiioG4TzBOTBEDJm5Ij0Uq?= =?us-ascii?Q?wELW+lBp9ZUz2js1I4ludLc/tC7JSQ8pY3gpUB5DW+oDXuVMh51SdFIO3owW?= =?us-ascii?Q?vNAPIZOc3+DgNYSnyTbZMY52AQNU9sOq7qNztoXCAXHx45gXiHt82xqITC2w?= =?us-ascii?Q?VT/lXGhv1VUUux2CWj+39zPFf9DhPjhBHluu9zmSs6VefotuN/h0+Ic9ki03?= =?us-ascii?Q?2CelS9IrTCImbMuR/MN7XBrEpxdSlaIgy2lJVyaWp3D2nlWRFe5wkUGlCvOo?= =?us-ascii?Q?9Tt4ksNtf1Q5X9F0/ubjSd9XRmulIefPTiDt8hrcmZKo22cUEd+AjpzwIn0Z?= =?us-ascii?Q?bOmyx9mBHilS6qt4kIgcMLuS1phjWCLEzReYfVP2SOqc1Lqe7EoQ8T5k42jc?= =?us-ascii?Q?CzpM0oG/X+w4keTFCw24G7iYC+9lkePjMhFhrRVB5D1Un0c8VDW0ohpQlmq5?= =?us-ascii?Q?gwXQvJAahkGWzWoJHJ0bVhQYKCAEjxLoBbJ4NpqVzjE?= X-Microsoft-Antispam-Message-Info: XfXzSawa2KOfC+MuUtJL5J1eLREae/Fs9nOo9OAzwlRckPhMySVj/uEMKpJ8E90zNpNEI1eFak6ZTM9ADcDb99Z92Qj5jjKMNsXlvHb5a2mV7RYsTDbXWaGJZtzRyCikpsQaQCbzf74ZkKMm/TYxiMD54vrCaxKhaSiSeB611JmU45h2HDUM8qqWtj2MS/uM X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB2456; 6:KNUCVtYsdZJx2lWLAriLH9ieZ1PfQTWH2HrfYTGLk5Pkvmg6YO5EN16O6ds5O2RbIg7l5EIVgaT0h24mRjgEs+0n56zXsK/W1L41gxL4kT26ehQ/sXDuASjWTb4zwCTc9n/Kdajn1ZTeN3tu/1fki+oD//SBS8vgxc3qFCb5l1hxQQor1H6ZBEzQHCgU/wDUgdjbCDALJWgI4xtOA7dQ+T18pWdZoJZiqfHLySgmzJhRIRuCjFe5ELVsNwvsofq4ehw1nWwG3ZUt79IV9sueCw5RlZYm7jToypjpmz/kUNMOcAvIVebWiLee2wU/89hfJK3TgtowHxT0PPJlZiK0VeLFY2rBNkJ4oSeRn1EZHiNqcsqGZhaPaJMdRf3W7e4c9ZQENCLzdFh4UcirMR85fMrz9jV9xlwK050UfnJDM2XJYBOaA7HNd6OAXAztuYsoyDme5FsMX028tqGb16b7eg==; 5:InDnCd3ppR5POgmBjLoWAAX42t+gW7thtXB4fLTsQi/nUOo5lytZbtmmXG+/SqqC7K0PavTDlgqCC/5mvL6Tt/QCkNcYt+Gc9kxcMWbFxEZIeYbfTN21ZKtERixVnDKPyrkfUXRbwLzD6kJvNW9N/Ry8ZfepaOHbarrqC6lmHww=; 24:xtYZfioROkRfmcRUGv5RfBEIiec2hEXy6nlk8rEVSNu3Po85HdfMXUfcueC9h1yhZKcs7Ekd4ePs3Xe8T3IaMJjrl6nLAIwsDw06WCkSjxc= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB2456; 7:TkoKthf9CmFAg3Od8MhXMX2DLxDZHonnhBAMGAg/JwPpu1F67UKeYbwlWYV6WT/87zkv29sNjYDpnlwbHByJ9HvsUIS4CStg1Zc1XRTohjW/lwncSDKDtp0f3SD/+DiiPFOr3lvxfI0K96ftfN7EtHWq511rLI8JMRCff/5ZUSeCNiSSk4KiasHdoI+ITT8S7pnsgZdzGAUiYaLwHts3LIumP1fv4foabT15nEVeuN3noo4Qkqo0sHkS9JnVJBm9; 20:ysRS5QwILQ64XHHVVc2FciIq9HVOwCsMrzTUnDcLO8ujpsGmeounT91Lg2gXfxLl/3Q8XLYXc7T1JYfrDQmkUDA9YUJ2Mz6T4UWUthnX9910Q6guDyGzg1xZhRDAnN8nQ6V83PfIBnhYJ1oHJzlRKfn6IUcgv++aos7pIEX7TU1/foY+6VehhBHaxhB+VMK2+7UDbBm++ZQ+K5x/fn2i334gfTaxRBYZmFAaQxXd4u3ev7Fq2AWTw+UPhmR0BDoo X-MS-Office365-Filtering-Correlation-Id: b3db3b27-39f4-4d10-8a85-08d5cbd60e7a X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jun 2018 17:50:56.3832 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b3db3b27-39f4-4d10-8a85-08d5cbd60e7a X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB2456 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 207 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Wed, 06 Jun 2018 17:51:05 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Wed, 06 Jun 2018 17:51:05 +0000 (UTC) for IP:'104.47.42.63' DOMAIN:'mail-by2nam03on0063.outbound.protection.outlook.com' HELO:'NAM03-BY2-obe.outbound.protection.outlook.com' FROM:'brijesh.singh@amd.com' RCPT:'' X-RedHat-Spam-Score: -0.021 (DKIM_SIGNED, DKIM_VALID, RCVD_IN_DNSWL_NONE, SPF_HELO_PASS, T_DKIMWL_WL_MED) 104.47.42.63 mail-by2nam03on0063.outbound.protection.outlook.com 104.47.42.63 mail-by2nam03on0063.outbound.protection.outlook.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.38 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.26 X-loop: libvir-list@redhat.com Cc: Tom Lendacky , Jon Grimm , Brijesh Singh , Borislav Petkov Subject: [libvirt] [PATCH v8 11/11] qemu: Add support to launch security info X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Wed, 06 Jun 2018 17:51:41 +0000 (UTC) X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" This patch implements the internal driver API for launch event into qemu driver. When SEV is enabled, execute 'query-sev-launch-measurement' to get the measurement of memory encrypted through launch sequence. Signed-off-by: Brijesh Singh --- src/qemu/qemu_driver.c | 69 ++++++++++++++++++++++++++++++++++++++++= ++++ src/qemu/qemu_monitor.c | 8 +++++ src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 42 +++++++++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 2 ++ 5 files changed, 124 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index c289b21..c0785c9 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -21527,6 +21527,74 @@ qemuNodeGetSEVInfo(virConnectPtr conn, } =20 =20 +static int +qemuDomainGetSEVMeasurement(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + int ret =3D -1; + char *tmp; + int maxpar =3D 0; + + virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); + + if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0) + return -1; + + if (qemuDomainObjEnterMonitorAsync(driver, vm, QEMU_ASYNC_JOB_NONE) < = 0) + goto endjob; + + tmp =3D qemuMonitorGetSEVMeasurement(QEMU_DOMAIN_PRIVATE(vm)->mon); + if (tmp =3D=3D NULL) + goto endjob; + + if (qemuDomainObjExitMonitor(driver, vm) < 0) + goto endjob; + + if (virTypedParamsAddString(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT, + tmp) < 0) + goto endjob; + + VIR_FREE(tmp); + ret =3D 0; + + endjob: + qemuDomainObjEndJob(driver, vm); + return ret; +} + + +static int +qemuDomainGetLaunchSecurityInfo(virDomainPtr domain, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) +{ + virQEMUDriverPtr driver =3D domain->conn->privateData; + virDomainObjPtr vm; + int ret =3D -1; + + if (!(vm =3D qemuDomObjFromDomain(domain))) + goto cleanup; + + if (virDomainGetLaunchSecurityInfoEnsureACL(domain->conn, vm->def) < 0) + goto cleanup; + + if (vm->def->sev) { + if (qemuDomainGetSEVMeasurement(driver, vm, params, nparams, flags= ) < 0) + goto cleanup; + } + + ret =3D 0; + + cleanup: + virDomainObjEndAPI(&vm); + return ret; +} + static virHypervisorDriver qemuHypervisorDriver =3D { .name =3D QEMU_DRIVER_NAME, .connectURIProbe =3D qemuConnectURIProbe, @@ -21751,6 +21819,7 @@ static virHypervisorDriver qemuHypervisorDriver =3D= { .connectCompareHypervisorCPU =3D qemuConnectCompareHypervisorCPU, /* 4= .4.0 */ .connectBaselineHypervisorCPU =3D qemuConnectBaselineHypervisorCPU, /*= 4.4.0 */ .nodeGetSEVInfo =3D qemuNodeGetSEVInfo, /* 4.5.0 */ + .domainGetLaunchSecurityInfo =3D qemuDomainGetLaunchSecurityInfo, /* 4= .5.0 */ }; =20 =20 diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index fd6bce9..6e0cdca 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4297,3 +4297,11 @@ qemuMonitorBlockdevDel(qemuMonitorPtr mon, =20 return qemuMonitorJSONBlockdevDel(mon, nodename); } + +char * +qemuMonitorGetSEVMeasurement(qemuMonitorPtr mon) +{ + QEMU_CHECK_MONITOR_NULL(mon); + + return qemuMonitorJSONGetSEVMeasurement(mon); +} diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 75d5d98..7432997 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -1142,4 +1142,7 @@ int qemuMonitorBlockdevAdd(qemuMonitorPtr mon, int qemuMonitorBlockdevDel(qemuMonitorPtr mon, const char *nodename); =20 +char * +qemuMonitorGetSEVMeasurement(qemuMonitorPtr mon); + #endif /* QEMU_MONITOR_H */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index ba0da9a..c5480a2 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -7994,3 +7994,45 @@ qemuMonitorJSONBlockdevDel(qemuMonitorPtr mon, virJSONValueFree(reply); return ret; } + +/** + * The function is used to retrieve the measurement of a SEV guest. + * The measurement is signature of the memory contents that was encrypted + * through the SEV launch flow. + * + * A example JSON output: + * + * { "execute" : "query-sev-launch-measure" } + * { "return" : { "data" : "4l8LXeNlSPUDlXPJG5966/8%YZ" } } + */ +char * +qemuMonitorJSONGetSEVMeasurement(qemuMonitorPtr mon) +{ + const char *tmp; + char *measurement =3D NULL; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr data; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev-launch-measure", N= ULL))) + return NULL; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + if (qemuMonitorJSONCheckReply(cmd, reply, VIR_JSON_TYPE_OBJECT) < 0) + goto cleanup; + + data =3D virJSONValueObjectGetObject(reply, "return"); + + if (!(tmp =3D virJSONValueObjectGetString(data, "data"))) + goto cleanup; + + if (VIR_STRDUP(measurement, tmp) < 0) + goto cleanup; + + cleanup: + virJSONValueFree(cmd); + virJSONValueFree(reply); + return measurement; +} diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 4c10574..6bc0dd3 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -343,6 +343,8 @@ int qemuMonitorJSONGetBlockIoThrottle(qemuMonitorPtr mo= n, =20 int qemuMonitorJSONSystemWakeup(qemuMonitorPtr mon); =20 +char *qemuMonitorJSONGetSEVMeasurement(qemuMonitorPtr mon); + int qemuMonitorJSONGetVersion(qemuMonitorPtr mon, int *major, int *minor, --=20 2.7.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list