From nobody Tue Feb 10 04:03:24 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1558137404; cv=none; d=zoho.com; s=zohoarc; b=I1gbGOaqilXqoWvcp3IP7z1W8zgtldJ5MuwsMoRAXiekasAWYVwPqulR/ERaj0NSj0HhZAKWlsPoGfo2dgZ03VfLxRsp17ijiH31ioSnepuakp0os3sYqZjEWPDWCa5aqLGUtVin7Cc77ZUkgoh3pzf41xllZWBU1DE+GHMbJF0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1558137404; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=c8rqxfEV7n2e2sfGPCo2ZXbDFNUWwfKSsqMthBwDxaU=; b=RKfsbyEiXmYbo5iLSSTnMrAyb7jqkIAGxgOYF5GCgNj6rC+bIvPjuS1IRO7FA0yymYwTw0UfnlSBKgdivfCzgNnB3Qjcpua5xj/nA1vUz27BLwCinLFkjsNzpVB5otqeZDvVym79RAZ3cqpXSwUEn1T4ohapYNfUpXkd4wfZcls= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1558137404724627.8491618627655; Fri, 17 May 2019 16:56:44 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id A74B2308213A; Fri, 17 May 2019 23:56:08 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 37AC91A4D9; Fri, 17 May 2019 23:56:07 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8AB521806B11; Fri, 17 May 2019 23:56:02 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x4HNtx8k014175 for ; Fri, 17 May 2019 19:55:59 -0400 Received: by smtp.corp.redhat.com (Postfix) id AF596100203C; Fri, 17 May 2019 23:55:59 +0000 (UTC) Received: from mx1.redhat.com (ext-mx04.extmail.prod.ext.phx2.redhat.com [10.5.110.28]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8735E1001DE1; Fri, 17 May 2019 23:55:57 +0000 (UTC) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 712278553F; Fri, 17 May 2019 23:55:56 +0000 (UTC) Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 May 2019 16:55:54 -0700 Received: from llcarval-mobl1.amr.corp.intel.com ([10.3.52.66]) by fmsmga007.fm.intel.com with ESMTP; 17 May 2019 16:55:54 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 From: Larkins Carvalho To: libvir-list@redhat.com Date: Fri, 17 May 2019 16:55:46 -0700 Message-Id: <20190517235552.12256-2-larkins.l.carvalho@intel.com> In-Reply-To: <20190517235552.12256-1-larkins.l.carvalho@intel.com> References: <20190517235552.12256-1-larkins.l.carvalho@intel.com> MIME-Version: 1.0 X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 216 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Fri, 17 May 2019 23:55:56 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Fri, 17 May 2019 23:55:56 +0000 (UTC) for IP:'192.55.52.88' DOMAIN:'mga01.intel.com' HELO:'mga01.intel.com' FROM:'larkins.l.carvalho@intel.com' RCPT:'' X-RedHat-Spam-Score: -5 (RCVD_IN_DNSWL_HI, SPF_HELO_NONE, SPF_PASS) 192.55.52.88 mga01.intel.com 192.55.52.88 mga01.intel.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.28 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Cc: karimullah.mohammed@intel.com, larkins.l.carvalho@intel.com, pkrempa@redhat.com Subject: [libvirt] [PATCH 1/7] qemu: provide support to query the MKTME capability X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Fri, 17 May 2019 23:56:09 +0000 (UTC) Content-Type: text/plain; charset="utf-8" This patch adds support to query the MKTME capability from the qemu. --- src/conf/domain_capabilities.c | 10 ++++++ src/conf/domain_capabilities.h | 11 ++++++ src/libvirt_private.syms | 1 + src/qemu/qemu_capabilities.c | 36 ++++++++++++++++++++ src/qemu/qemu_capabilities.h | 4 +++ src/qemu/qemu_capspriv.h | 4 +++ src/qemu/qemu_monitor.c | 10 ++++++ src/qemu/qemu_monitor.h | 3 ++ src/qemu/qemu_monitor_json.c | 61 ++++++++++++++++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 3 ++ 10 files changed, 143 insertions(+) diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c index 2e7e1c206b..db39c39120 100644 --- a/src/conf/domain_capabilities.c +++ b/src/conf/domain_capabilities.c @@ -79,6 +79,16 @@ virSEVCapabilitiesFree(virSEVCapability *cap) } =20 =20 +void +virMKTMECapabilitiesFree(virMKTMECapability *cap) +{ + if (!cap) + return; + + VIR_FREE(cap); +} + + static void virDomainCapsDispose(void *obj) { diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h index cd09d50cee..a6ad849950 100644 --- a/src/conf/domain_capabilities.h +++ b/src/conf/domain_capabilities.h @@ -150,6 +150,12 @@ struct _virSEVCapability { unsigned int reduced_phys_bits; }; =20 +typedef struct _virMKTMECapability virMKTMECapability; +typedef virMKTMECapability *virMKTMECapabilityPtr; +struct _virMKTMECapability { + unsigned int keys_supported; +}; + struct _virDomainCaps { virObjectLockable parent; =20 @@ -222,4 +228,9 @@ virSEVCapabilitiesFree(virSEVCapability *capabilities); =20 VIR_DEFINE_AUTOPTR_FUNC(virSEVCapability, virSEVCapabilitiesFree); =20 +void +virMKTMECapabilitiesFree(virMKTMECapability *capabilities); + +VIR_DEFINE_AUTOPTR_FUNC(virMKTMECapability, virMKTMECapabilitiesFree); + #endif /* LIBVIRT_DOMAIN_CAPABILITIES_H */ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 909975750c..1b83e44b15 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -189,6 +189,7 @@ virDomainCapsEnumClear; virDomainCapsEnumSet; virDomainCapsFormat; virDomainCapsNew; +virMKTMECapabilitiesFree; virSEVCapabilitiesFree; =20 =20 diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index a827bd24e3..49ee802479 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -525,6 +525,7 @@ VIR_ENUM_IMPL(virQEMUCaps, "virtio-pci-non-transitional", "overcommit", "query-current-machine", + "mktme-guest", ); =20 =20 @@ -595,6 +596,8 @@ struct _virQEMUCaps { =20 virSEVCapability *sevCapabilities; =20 + virMKTMECapability *mktmeCapabilities; + virQEMUCapsHostCPUData kvmCPU; virQEMUCapsHostCPUData tcgCPU; }; @@ -1113,6 +1116,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "virtio-scsi-pci-non-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIONA= L }, { "virtio-serial-pci-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL = }, { "virtio-serial-pci-non-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIO= NAL }, + { "mktme-guest", QEMU_CAPS_MKTME_GUEST }, }; =20 static struct virQEMUCapsStringFlags virQEMUCapsDevicePropsVirtioBalloon[]= =3D { @@ -2103,6 +2107,13 @@ virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCap= s) } =20 =20 +virMKTMECapabilityPtr +virQEMUCapsGetMKTMECapabilities(virQEMUCapsPtr qemuCaps) +{ + return qemuCaps->mktmeCapabilities; +} + + static int virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps, qemuMonitorPtr mon) @@ -2811,6 +2822,29 @@ virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qe= muCaps, } =20 =20 +static int +virQEMUCapsProbeQMPMKTMECapabilities(virQEMUCapsPtr qemuCaps, + qemuMonitorPtr mon) +{ + int rc =3D -1; + virMKTMECapability *caps =3D NULL; + + if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MKTME_GUEST)) + return 0; + if ((rc =3D qemuMonitorGetMKTMECapabilities(mon, &caps)) < 0) + return -1; + + if (rc =3D=3D 0) { + virQEMUCapsClear(qemuCaps, QEMU_CAPS_MKTME_GUEST); + return 0; + } + + virMKTMECapabilitiesFree(qemuCaps->mktmeCapabilities); + qemuCaps->mktmeCapabilities =3D caps; + return 0; +} + + bool virQEMUCapsCPUFilterFeatures(const char *name, void *opaque) @@ -4417,6 +4451,8 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps, return -1; if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0) return -1; + if (virQEMUCapsProbeQMPMKTMECapabilities(qemuCaps, mon) < 0) + return -1; =20 virQEMUCapsInitProcessCaps(qemuCaps); =20 diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 67c8e80462..5614479617 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -507,6 +507,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL, /* virtio *-pci-{non-}transitional = devices */ QEMU_CAPS_OVERCOMMIT, /* -overcommit */ QEMU_CAPS_QUERY_CURRENT_MACHINE, /* query-current-machine command */ + QEMU_CAPS_MKTME_GUEST, /* -object mktme-guest,... */ =20 QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; @@ -644,6 +645,9 @@ bool virQEMUCapsCPUFilterFeatures(const char *name, virSEVCapabilityPtr virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCaps); =20 +virMKTMECapabilityPtr +virQEMUCapsGetMKTMECapabilities(virQEMUCapsPtr qemuCaps); + virArch virQEMUCapsArchFromString(const char *arch); const char *virQEMUCapsArchToString(virArch arch); =20 diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h index 2d059bee8c..4e1559d13f 100644 --- a/src/qemu/qemu_capspriv.h +++ b/src/qemu/qemu_capspriv.h @@ -95,6 +95,10 @@ void virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps, virSEVCapability *capabilities); =20 +void +virQEMUCapsSetMKTMECapabilities(virQEMUCapsPtr qemuCaps, + virMKTMECapability *capabilities); + int virQEMUCapsProbeQMPCPUDefinitions(virQEMUCapsPtr qemuCaps, qemuMonitorPtr mon, diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index e1fcbac13f..918a9d1c5d 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -3922,6 +3922,16 @@ qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, } =20 =20 +int +qemuMonitorGetMKTMECapabilities(qemuMonitorPtr mon, + virMKTMECapability **capabilities) +{ + QEMU_CHECK_MONITOR(mon); + + return qemuMonitorJSONGetMKTMECapabilities(mon, capabilities); +} + + int qemuMonitorNBDServerStart(qemuMonitorPtr mon, const char *host, diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 9242d37407..ef4f5326bc 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -761,6 +761,9 @@ int qemuMonitorGetGICCapabilities(qemuMonitorPtr mon, int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon, virSEVCapability **capabilities); =20 +int qemuMonitorGetMKTMECapabilities(qemuMonitorPtr mon, + virMKTMECapability **capabilities); + typedef enum { QEMU_MONITOR_MIGRATE_BACKGROUND =3D 1 << 0, QEMU_MONITOR_MIGRATE_NON_SHARED_DISK =3D 1 << 1, /* migration with non-= shared storage with full disk copy */ diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 908967f46c..eca4d82c24 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -6654,6 +6654,67 @@ qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, return ret; } =20 +/** + * qemuMonitorJSONGetMKTMECapabilities: + * @mon: qemu monitor object + * @capabilities: pointer to pointer to a MKTME capability structure to be= filled + * + * This function queries and fills in Intel's MKTME platform-specific data. + * + * Returns -1 on error, 0 if MKTME is not supported, and 1 if MKTME is sup= ported on + * the platform. + */ +int +qemuMonitorJSONGetMKTMECapabilities(qemuMonitorPtr mon, + virMKTMECapability **capabilities) +{ + int ret =3D -1; + virJSONValuePtr cmd; + virJSONValuePtr reply =3D NULL; + virJSONValuePtr caps; + unsigned int keys_supported; + VIR_AUTOPTR(virMKTMECapability) capability =3D NULL; + + *capabilities =3D NULL; + + /* Query may change*/ + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-mktme-capabilities", + NULL))) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + goto cleanup; + + if (qemuMonitorJSONHasError(reply, "GenericError")) { + ret =3D 0; + goto cleanup; + } + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + goto cleanup; + + caps =3D virJSONValueObjectGetObject(reply, "return"); + + if (virJSONValueObjectGetNumberUint(caps, "keys_supported", &keys_supp= orted) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-mktme-capabilities reply was missing" + " 'keys_supported' field")); + goto cleanup; + } + + if (VIR_ALLOC(capability) < 0) + goto cleanup; + + capability->keys_supported =3D keys_supported; + VIR_STEAL_PTR(*capabilities, capability); + ret =3D 1; + cleanup: + virJSONValueFree(cmd); + virJSONValueFree(reply); + + return ret; +} + static virJSONValuePtr qemuMonitorJSONBuildInetSocketAddress(const char *host, const char *port) diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 746b7072ca..5094d91195 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -158,6 +158,9 @@ int qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mo= n, int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon, virSEVCapability **capabilities); =20 +int qemuMonitorJSONGetMKTMECapabilities(qemuMonitorPtr mon, + virMKTMECapability **capabilities); + int qemuMonitorJSONMigrate(qemuMonitorPtr mon, unsigned int flags, const char *uri); --=20 2.21.0.windows.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list