From nobody Thu May 2 15:01:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1638989234; cv=none; d=zohomail.com; s=zohoarc; b=UGz8pQViKtLzjFAReaRXXy4qHGSa8t7QWgTV5NIWb5JLlQRTyGSOE0i2jItK2siMqjmfho0WIUMrZvJ2PWkqbPNcaCK/+UbNMyBb+XgyZs3nP5GP+iOd17xzYF75dLY8F5ko9thDuVB8stCdrBlBgOx0kanjhPsE0bNk7lJFlM4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638989234; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=xkFJJh+R2UX4lyJk9kNe6Kx/vaZlKbCRzku4Ahqywug=; b=VvyBXGbDURyrxpBOg1fpUpTwABXMp2v8M+gn5kqPFoN5tx9w8ycQX06b6UCJulExcmX4Ri0ZpA5L6oPHo9Rg0DqA8B0zCVOSZHLdk847Ghg7/3YEwMg2IL/V6tmHhWKfo28WIgSRGxhqNVc4LgJNthHJvoIICu4JRqsJIp8sVx0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1638989234744266.03333468478775; Wed, 8 Dec 2021 10:47:14 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-157-_N4QzChrO0OLoqRHD6bjCQ-1; Wed, 08 Dec 2021 13:47:12 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7D8FA101AFB4; Wed, 8 Dec 2021 18:47:06 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5E0F01000051; Wed, 8 Dec 2021 18:47:06 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 295C44A7C8; Wed, 8 Dec 2021 18:47:06 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1B8IjHhG017563 for ; Wed, 8 Dec 2021 13:45:17 -0500 Received: by smtp.corp.redhat.com (Postfix) id E97B65E24E; Wed, 8 Dec 2021 18:45:17 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 47A345E272; Wed, 8 Dec 2021 18:44:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638989233; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=xkFJJh+R2UX4lyJk9kNe6Kx/vaZlKbCRzku4Ahqywug=; b=FTZ1SUVJjfqo0mRMPQcBndyw7IAoQjix9wvfxTruXjYc5Xy2awjSVjhg0V2xjLbWY+dMMP PhhzRL7F5jZ79+tDEL7Ql8dg6RPaJd7cMuyGm+YhgbaltK+CWnG0/O1apA9L8LfQcb/y04 mUWHL+HSqQiRWzldikyBg10DK0ItOoI= X-MC-Unique: _N4QzChrO0OLoqRHD6bjCQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH 1/6] include: add new launch security parameters Date: Wed, 8 Dec 2021 18:44:29 +0000 Message-Id: <20211208184434.2819757-2-berrange@redhat.com> In-Reply-To: <20211208184434.2819757-1-berrange@redhat.com> References: <20211208184434.2819757-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1638989236060100001 Three more parameters are required in order that clients can perform a launch attestation on the SEV guest. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Peter Krempa --- include/libvirt/libvirt-domain.h | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-dom= ain.h index d0dd11ab01..5d3e15766e 100644 --- a/include/libvirt/libvirt-domain.h +++ b/include/libvirt/libvirt-domain.h @@ -5101,6 +5101,38 @@ int virDomainSetLifecycleAction(virDomainPtr domain, */ # define VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT "sev-measurement" =20 +/** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MAJOR: + * + * Macro represents the API major version of the SEV host, + * as VIR_TYPED_PARAM_UINT. + */ +# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MAJOR "sev-api-major" + +/** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MINOR: + * + * Macro represents the API minor version of the SEV guest, + * as VIR_TYPED_PARAM_UINT. + */ +# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MINOR "sev-api-minor" + +/** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_BUILD_ID: + * + * Macro represents the build ID of the SEV host, + * as VIR_TYPED_PARAM_UINT. + */ +# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_BUILD_ID "sev-build-id" + +/** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_POLICY: + * + * Macro represents the policy of the SEV guest, + * as VIR_TYPED_PARAM_UINT. + */ +# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_POLICY "sev-policy" + int virDomainGetLaunchSecurityInfo(virDomainPtr domain, virTypedParameterPtr *params, int *nparams, --=20 2.33.1 From nobody Thu May 2 15:01:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1638989237; cv=none; d=zohomail.com; s=zohoarc; b=Chjmch6Dcni9l1Cd/oBI/fzYembxqd2miOA6jkNjMVyBizN9nwh9tInI0O1jEMky0Ig5NFtvOJQWbxaAHLI90rrkGf/V+BZL8f1Q/nDpKj8q3lkkOKM2jvaw+57Z80VKvERxL6I7czbYDx4MBL8A3ZfUjBsfLyTZ4WhtGAX/m0I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638989237; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=mxuucAZ68EA9w7g00QnoLenSWATi+At4rb9lFBy9gD4=; b=eqCzKq/hBAVT3evsqhbjxxqYZGnyLMihTBK9I/52Zsse+XaeHP1J8BRkZ/yycjGv7ND6mPmuW2gh+xtopN2Y302lZ6xmIZXCoWGamoo3+h5Usy+vON+c387It3D/AKw35wpQ2FbucG5IYjh78jGTAuD9eg+X9xnnr2etCV+tX1A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1638989237683507.58323645189387; Wed, 8 Dec 2021 10:47:17 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-190-tladVEzAO3GozUueoyRPuA-1; Wed, 08 Dec 2021 13:47:14 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 25481101AFA8; Wed, 8 Dec 2021 18:47:10 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 029DD5D6D5; Wed, 8 Dec 2021 18:47:10 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B95031809CB8; Wed, 8 Dec 2021 18:47:09 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1B8IjIFD017568 for ; Wed, 8 Dec 2021 13:45:18 -0500 Received: by smtp.corp.redhat.com (Postfix) id EC36E5E24E; Wed, 8 Dec 2021 18:45:18 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 44D935E26A; Wed, 8 Dec 2021 18:45:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638989236; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=mxuucAZ68EA9w7g00QnoLenSWATi+At4rb9lFBy9gD4=; b=BjH1eurpy5k5yJ/Mj8tt3bD3d4mG4OZzny46IyupXzUyHAXEDDCVFup7RLDgCDBHg/7xY6 JAnp/RMWnpUQv1Zo2S6NPiKfsNIt+duSpVTTMY+n2gHZGwL9BDKeZ9JVtdzPzpjpe0Apk8 3cBot5rclnvBFTYAsrxpinr51JTIXRI= X-MC-Unique: tladVEzAO3GozUueoyRPuA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH 2/6] qemu: report error querying launch params for inactive guest Date: Wed, 8 Dec 2021 18:44:30 +0000 Message-Id: <20211208184434.2819757-3-berrange@redhat.com> In-Reply-To: <20211208184434.2819757-1-berrange@redhat.com> References: <20211208184434.2819757-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1638989238571100001 Querying launch params on a inactive guest currently triggers a warning about the monitor being NULL. Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Peter Krempa --- src/qemu/qemu_driver.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 8093b8f69b..5bacf73003 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -19992,6 +19992,12 @@ qemuDomainGetSEVMeasurement(virQEMUDriver *driver, if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_QUERY) < 0) return -1; =20 + if (!virDomainObjIsActive(vm)) { + virReportError(VIR_ERR_OPERATION_INVALID, + "%s", _("domain is not running")); + goto endjob; + } + qemuDomainObjEnterMonitor(driver, vm); tmp =3D qemuMonitorGetSEVMeasurement(QEMU_DOMAIN_PRIVATE(vm)->mon); =20 --=20 2.33.1 From nobody Thu May 2 15:01:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1638989243; cv=none; d=zohomail.com; s=zohoarc; b=VfmwOIFm7eZd5XAMsFpJ/Ua9VEZtX5Owixjo1go+1lXrcMbEpkv/IoYmEMvVVP2FUU2bzw95ouKeZ6Vb/3aYOI5csztZMJfiCRnhXLQMOreAmHUjjg3DSkRVtAZ7RuugdB+/DkIKar5KQDbkJbrql3YIOkaVPYeGQ23JCJVK0lk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638989243; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=8+Z7Ixyr6so4LNWJqHWDxX78aVUrR4m7MVqfABqGq8M=; b=YbSIp0NF7ch/OND6ce4uel4hzIuBmsxHAUP+PNCedDZmRGq9iTEKqx47NuQCo5MVqBtgWSgl/wiJPmqpFLJIBcQ9zTUyB7L5lZNgeiMf7tdle3Z+ERibV9YaMhg2dwGTJ1wPP9VpviIV+1TnaY6jg3cmkHBGt+2HaKRgohwWsVM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1638989243267611.5024093346851; Wed, 8 Dec 2021 10:47:23 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-187-bdiQ93CwMhiqMZGjygXxKw-1; Wed, 08 Dec 2021 13:47:20 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 61D392ED7; Wed, 8 Dec 2021 18:47:14 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 435D560843; Wed, 8 Dec 2021 18:47:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0606E4A7C8; Wed, 8 Dec 2021 18:47:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1B8IjJmo017576 for ; Wed, 8 Dec 2021 13:45:19 -0500 Received: by smtp.corp.redhat.com (Postfix) id EA25217CD9; Wed, 8 Dec 2021 18:45:19 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 47C045E26A; Wed, 8 Dec 2021 18:45:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638989242; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=8+Z7Ixyr6so4LNWJqHWDxX78aVUrR4m7MVqfABqGq8M=; b=bCDQ6C2dYF69FNAGhiEWnzMPd81C7rvBGSbkhxhk419Om/OS/HNNrCCEJ9LZ7NTWZeS6L6 TyAPKYvZ7aXT3XGZwiAyugMS+wt+k/vEPwVCnIgWYkugrC7l81yqOuqnAdttvb/Si7O3P8 titZ8Y2n5ff8jFwtIQdvFTalqnSRHR0= X-MC-Unique: bdiQ93CwMhiqMZGjygXxKw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH 3/6] qemu: add monitor APIs for query-sev Date: Wed, 8 Dec 2021 18:44:31 +0000 Message-Id: <20211208184434.2819757-4-berrange@redhat.com> In-Reply-To: <20211208184434.2819757-1-berrange@redhat.com> References: <20211208184434.2819757-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1638989245350100003 We're only returning the set of fields needed to perform an attestation, per the SEV API docs. Signed-off-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_monitor.c | 13 +++++++++++ src/qemu/qemu_monitor.h | 9 ++++++++ src/qemu/qemu_monitor_json.c | 45 ++++++++++++++++++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 8 +++++++ 4 files changed, 75 insertions(+) diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 75e0e4ed92..dda6ae9796 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4366,6 +4366,19 @@ qemuMonitorGetSEVMeasurement(qemuMonitor *mon) } =20 =20 +int +qemuMonitorGetSEVInfo(qemuMonitor *mon, + unsigned int *apiMajor, + unsigned int *apiMinor, + unsigned int *buildID, + unsigned int *policy) +{ + QEMU_CHECK_MONITOR(mon); + + return qemuMonitorJSONGetSEVInfo(mon, apiMajor, apiMinor, buildID, pol= icy); +} + + int qemuMonitorGetPRManagerInfo(qemuMonitor *mon, GHashTable **retinfo) diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index edc2b01a66..29746f0b8e 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -1445,6 +1445,15 @@ int qemuMonitorBlockdevMediumInsert(qemuMonitor *mon, char * qemuMonitorGetSEVMeasurement(qemuMonitor *mon); =20 +int +qemuMonitorGetSEVInfo(qemuMonitor *mon, + unsigned int *apiMajor, + unsigned int *apiMinor, + unsigned int *buildID, + unsigned int *policy) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) + ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5); + typedef struct _qemuMonitorPRManagerInfo qemuMonitorPRManagerInfo; struct _qemuMonitorPRManagerInfo { bool connected; diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index e00d785c20..423bae49d2 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -8216,6 +8216,51 @@ qemuMonitorJSONGetSEVMeasurement(qemuMonitor *mon) } =20 =20 +/** + * Retrive info about the SEV setup, returning those fields that + * are required to do a launch attestation, as per + * + * HMAC(0x04 || API_MAJOR || API_MINOR || BUILD || GCTX.POLICY || GCTX.LD = || MNONCE; GCTX.TIK) + * + * specified in section 6.5.1 of AMD Secure Encrypted + * Virtualization API. + * + * { "execute": "query-sev" } + * { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0, + * "build-id" : 0, "policy" : 0, "state" : "running", + * "handle" : 1 } } + */ +int qemuMonitorJSONGetSEVInfo(qemuMonitor *mon, + unsigned int *apiMajor, + unsigned int *apiMinor, + unsigned int *buildID, + unsigned int *policy) +{ + g_autoptr(virJSONValue) cmd =3D NULL; + g_autoptr(virJSONValue) reply =3D NULL; + virJSONValue *data; + + if (!(cmd =3D qemuMonitorJSONMakeCommand("query-sev", NULL))) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + return -1; + + if (qemuMonitorJSONCheckReply(cmd, reply, VIR_JSON_TYPE_OBJECT) < 0) + return -1; + + data =3D virJSONValueObjectGetObject(reply, "return"); + + if (virJSONValueObjectGetNumberUint(data, "api-major", apiMajor) < 0 || + virJSONValueObjectGetNumberUint(data, "api-minor", apiMinor) < 0 || + virJSONValueObjectGetNumberUint(data, "build-id", buildID) < 0 || + virJSONValueObjectGetNumberUint(data, "policy", policy) < 0) + return -1; + + return 0; +} + + /* * Example return data * diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 0984717675..163be25c32 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -369,6 +369,14 @@ int qemuMonitorJSONSystemWakeup(qemuMonitor *mon); =20 char *qemuMonitorJSONGetSEVMeasurement(qemuMonitor *mon); =20 +int qemuMonitorJSONGetSEVInfo(qemuMonitor *mon, + unsigned int *apiMajor, + unsigned int *apiMinor, + unsigned int *buildID, + unsigned int *policy) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) + ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5); + int qemuMonitorJSONGetVersion(qemuMonitor *mon, int *major, int *minor, --=20 2.33.1 From nobody Thu May 2 15:01:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1638989132; cv=none; d=zohomail.com; s=zohoarc; b=dM6Rd8NrsGzL7/BOovxGfQODi8xcjzlScF+GvWpEkFAKwdWfiCVOcF3EYzslNX924eEJ6GUQiEOJ6sW8Cizs0rlPk8crD5+1+s9gnPacRKoipzLSJOIWhJxoKsgdCahJQmfhTd2aqq75SnVGe0GHP3hbzOc+Y54xLqAqpF1FZVM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638989132; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=yAie7Y9bghlSqDdlr6YDTcXHZx/FXGp6vmuvDMHuck4=; b=ONjQhbPRMn2UyxgVhTbQh3e1kYaziW14q+bP6OyugW2QDdtaxv/0xumT8L73OD44MFdEdPGOJjzwOt+y/XQ6RWT2FmMcg37XUovGIgHT1ebVli1rT4FdtNgmlhrrfSu2q5mtQ9H4EbsOs81FRng+h84In71TIQgCSDRnbw5zrkg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 163898913290878.55804149902019; Wed, 8 Dec 2021 10:45:32 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-301-kwHN-IcXP7yj0jtncgmGzA-1; Wed, 08 Dec 2021 13:45:30 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 36AFE81EE60; Wed, 8 Dec 2021 18:45:24 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2127B5DF4F; Wed, 8 Dec 2021 18:45:23 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7FF244CA9B; Wed, 8 Dec 2021 18:45:22 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1B8IjKd6017583 for ; Wed, 8 Dec 2021 13:45:20 -0500 Received: by smtp.corp.redhat.com (Postfix) id E7DC84EC7E; Wed, 8 Dec 2021 18:45:20 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 460A317CD9; Wed, 8 Dec 2021 18:45:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638989132; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=yAie7Y9bghlSqDdlr6YDTcXHZx/FXGp6vmuvDMHuck4=; b=DWlXADyaQVy/lFzkxQX5l3oHll7cCU3+CmodE7F95KC4jQu8+197a8rVFa5uk1m6ioB9Y3 LEoUAZtv+vPlxTZPSllFGzXevQDtte+JBEVqOWx+gOke57IdxFRTdbjzwBb6n84Tsl2Kb/ wWL5hqgvcM7dL5QuqkmJPsBv2phM2rU= X-MC-Unique: kwHN-IcXP7yj0jtncgmGzA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH 4/6] qemu: report new launch security parameters Date: Wed, 8 Dec 2021 18:44:32 +0000 Message-Id: <20211208184434.2819757-5-berrange@redhat.com> In-Reply-To: <20211208184434.2819757-1-berrange@redhat.com> References: <20211208184434.2819757-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1638989134203100001 Signed-off-by: Daniel P. Berrang=C3=A9 Reviewed-by: Peter Krempa --- src/qemu/qemu_driver.c | 41 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 5bacf73003..e1296d3723 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -19977,14 +19977,19 @@ qemuNodeGetSEVInfo(virConnectPtr conn, =20 =20 static int -qemuDomainGetSEVMeasurement(virQEMUDriver *driver, - virDomainObj *vm, - virTypedParameterPtr *params, - int *nparams, - unsigned int flags) +qemuDomainGetSEVInfo(virQEMUDriver *driver, + virDomainObj *vm, + virTypedParameterPtr *params, + int *nparams, + unsigned int flags) { int ret =3D -1; + int rv; g_autofree char *tmp =3D NULL; + unsigned int apiMajor =3D 0; + unsigned int apiMinor =3D 0; + unsigned int buildID =3D 0; + unsigned int policy =3D 0; int maxpar =3D 0; =20 virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); @@ -20006,10 +20011,34 @@ qemuDomainGetSEVMeasurement(virQEMUDriver *driver, if (!tmp) goto endjob; =20 + qemuDomainObjEnterMonitor(driver, vm); + rv =3D qemuMonitorGetSEVInfo(QEMU_DOMAIN_PRIVATE(vm)->mon, + &apiMajor, &apiMinor, &buildID, &policy); + qemuDomainObjExitMonitor(driver, vm); + + if (rv < 0) + goto endjob; + if (virTypedParamsAddString(params, nparams, &maxpar, VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT, tmp) < 0) goto endjob; + if (virTypedParamsAddUInt(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MAJOR, + apiMajor) < 0) + goto endjob; + if (virTypedParamsAddUInt(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MINOR, + apiMinor) < 0) + goto endjob; + if (virTypedParamsAddUInt(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_BUILD_ID, + buildID) < 0) + goto endjob; + if (virTypedParamsAddUInt(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_POLICY, + policy) < 0) + goto endjob; =20 ret =3D 0; =20 @@ -20037,7 +20066,7 @@ qemuDomainGetLaunchSecurityInfo(virDomainPtr domain, =20 if (vm->def->sec && vm->def->sec->sectype =3D=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV) { - if (qemuDomainGetSEVMeasurement(driver, vm, params, nparams, flags= ) < 0) + if (qemuDomainGetSEVInfo(driver, vm, params, nparams, flags) < 0) goto cleanup; } =20 --=20 2.33.1 From nobody Thu May 2 15:01:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1638989174; cv=none; d=zohomail.com; s=zohoarc; b=JQmAgCb+cRJWRwibqvH0AulAWjM0kwnDWWA7HOTz1xtECqi/yzJNIBUJG8w/AzU1dbQRrUIYkypRbfTvCOhQqFwYCFTBTlke3NfQ9Hm9dU/vWHJuY/VNHKmBQAEX+mtDl42+TPdpqS16DSpCn6e7+/TTgdhAtZzjGOknKDPdJE4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638989174; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ugnXFc2znExf4r270/Qscbkd4aNSW+ymnWAWjSl989k=; b=MdY6ol4HFnB2igCFtc6MwGmwX6VukmuOwsEDcL7KGxByzV0Tl8ahzjDWc4lGSvlfVR1fg4D+0QfCa1dM/h6+qSfTuYZhckOSV4lc7W9D0GKYO0jThjc4IfAxAsE/t/O9ALAMTJKVT8FfIQLHd/KxSrkTk4ZWqZx6VCY1jS55vdM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1638989174531606.35224218656; Wed, 8 Dec 2021 10:46:14 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-328-MimtnNHXMZS4jCvtlFQNRw-1; Wed, 08 Dec 2021 13:46:09 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 61120101AFA8; Wed, 8 Dec 2021 18:46:05 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 166C51002390; Wed, 8 Dec 2021 18:46:05 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D4E931809CB8; Wed, 8 Dec 2021 18:46:04 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1B8IjMwr017591 for ; Wed, 8 Dec 2021 13:45:22 -0500 Received: by smtp.corp.redhat.com (Postfix) id F339517CD9; Wed, 8 Dec 2021 18:45:21 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 46ED25E24E; Wed, 8 Dec 2021 18:45:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638989173; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ugnXFc2znExf4r270/Qscbkd4aNSW+ymnWAWjSl989k=; b=dK7yEmU14vo7+MZVIVTSSjQhqSQ1yt+GxM7sx3xPBQpgTfptcphbrWHJ/n9FfJueSRRuwQ uiY1b8n7dAKP8hcpZQ0gEBwNV0thQBy6Bu0Ay0iwRaM/TBxHtauCsNbhsHXl5A0Ed3aOZX RGwi6Y3y6odJ88YH2YuZ2fDsO5eetMc= X-MC-Unique: MimtnNHXMZS4jCvtlFQNRw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH 5/6] tools: add 'domlaunchsecinfo' virsh command Date: Wed, 8 Dec 2021 18:44:33 +0000 Message-Id: <20211208184434.2819757-6-berrange@redhat.com> In-Reply-To: <20211208184434.2819757-1-berrange@redhat.com> References: <20211208184434.2819757-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1638989176382100001 This command reports the launch security parameters for a guest, allowing an external tool to perform a launch attestation. Signed-off-by: Daniel P. Berrang=C3=A9 --- tools/virsh-domain.c | 53 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 8379f9f135..1560a8ea0d 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -9525,6 +9525,53 @@ cmdNumatune(vshControl * ctl, const vshCmd * cmd) goto cleanup; } =20 +/* + * "domlaunchsecinfo" command + */ +static const vshCmdInfo info_domlaunchsecinfo[] =3D { + {.name =3D "help", + .data =3D N_("Get domain launch security info") + }, + {.name =3D "desc", + .data =3D N_("Get the launch security parameters for a guest domain") + }, + {.name =3D NULL} +}; + +static const vshCmdOptDef opts_domlaunchsecinfo[] =3D { + VIRSH_COMMON_OPT_DOMAIN_FULL(0), + {.name =3D NULL} +}; + +static bool +cmdDomLaunchSecInfo(vshControl * ctl, const vshCmd * cmd) +{ + g_autoptr(virshDomain) dom =3D NULL; + size_t i; + int nparams =3D 0; + virTypedParameterPtr params =3D NULL; + bool ret =3D false; + + if (!(dom =3D virshCommandOptDomain(ctl, cmd, NULL))) + return false; + + if (virDomainGetLaunchSecurityInfo(dom, ¶ms, &nparams, 0) !=3D 0) { + vshError(ctl, "%s", _("Unable to get launch security parameters")); + goto cleanup; + } + + for (i =3D 0; i < nparams; i++) { + g_autofree char *str =3D vshGetTypedParamValue(ctl, ¶ms[i]); + vshPrint(ctl, "%-15s: %s\n", params[i].field, str); + } + + ret =3D true; + + cleanup: + virTypedParamsFree(params, nparams); + return ret; +} + /* * "qemu-monitor-command" command */ @@ -14544,6 +14591,12 @@ const vshCmdDef domManagementCmds[] =3D { .info =3D info_domjobinfo, .flags =3D 0 }, + {.name =3D "domlaunchsecinfo", + .handler =3D cmdDomLaunchSecInfo, + .opts =3D opts_domlaunchsecinfo, + .info =3D info_domlaunchsecinfo, + .flags =3D 0 + }, {.name =3D "domname", .handler =3D cmdDomname, .opts =3D opts_domname, --=20 2.33.1 From nobody Thu May 2 15:01:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1638989248; cv=none; d=zohomail.com; s=zohoarc; b=Vcnglg3kqlBSKbVMXL+v3c9QcgwcGn/vaC0fpgxlDHYD8Qmye91gFDiZuAZfcFhGWkhYb5FGRGLMH1t50d4o+oJuzc+TBTj/tQoEItQp3+qoKciTgEM0Qi1d/nXwsK67IgNwbF/lGzGGgczgsnSzk/4VxLXlAUzgvQIJJyIEZT4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1638989248; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ETulMiTWuzzkToZiXkGSFC8Jiuw/+wXTp63h/ao6HiI=; b=imQgNhnmizc0JIRJoC6hKZTUpMElaFez7oqNE6QO0XOc39mH4vLJnjFdKu7U373WEbaQ/Z1NM1eLH/HbIG8KjtwnwKq6Fua7CjS4TtowU3cwDfaiiy2vaPCykoX8Z0OmUq3AR57yw3lMbobhD+YIqmp1MXpR63xWKAfzR/za6jE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1638989248221640.4149131748891; Wed, 8 Dec 2021 10:47:28 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-258-jw0ydPHBMkmOknOiAMaTkg-1; Wed, 08 Dec 2021 13:47:23 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2F2B61054F91; Wed, 8 Dec 2021 18:47:19 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 13013100E113; Wed, 8 Dec 2021 18:47:19 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id CB4A14A7CA; Wed, 8 Dec 2021 18:47:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1B8IjNLj017614 for ; Wed, 8 Dec 2021 13:45:23 -0500 Received: by smtp.corp.redhat.com (Postfix) id 0035817CD9; Wed, 8 Dec 2021 18:45:23 +0000 (UTC) Received: from localhost.localdomain.com (unknown [10.39.194.43]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4F7EE5E24E; Wed, 8 Dec 2021 18:45:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638989247; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ETulMiTWuzzkToZiXkGSFC8Jiuw/+wXTp63h/ao6HiI=; b=XJ7+sYa9+bk4p4eQUj3f6aN4f3tEQuknmOCiv8evURISRmGSYwQKpvzsfDX0/S7U4dyMGv uyfMQJ6W+45N/ZCmP5/XLprHcs750xYk24vV+McAxI8Mi6qQLOfX/gjsfdJlKUKWv+X7jl tYhVApoX1nLDxf+2cWQSQNAAqgZOcik= X-MC-Unique: jw0ydPHBMkmOknOiAMaTkg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH 6/6] tools: add 'nodesevinfo' virsh command Date: Wed, 8 Dec 2021 18:44:34 +0000 Message-Id: <20211208184434.2819757-7-berrange@redhat.com> In-Reply-To: <20211208184434.2819757-1-berrange@redhat.com> References: <20211208184434.2819757-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1638989248608100001 While some SEV info is reported in the domain capabilities, for reasons of size, this excludes the certificates. The nodesevinfo command provides the full set of information. Signed-off-by: Daniel P. Berrang=C3=A9 --- tools/virsh-host.c | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/tools/virsh-host.c b/tools/virsh-host.c index 5da1346a9c..5ee3834de2 100644 --- a/tools/virsh-host.c +++ b/tools/virsh-host.c @@ -888,6 +888,45 @@ cmdNodeMemStats(vshControl *ctl, const vshCmd *cmd) return true; } =20 +/* + * "nodesevinfo" command + */ +static const vshCmdInfo info_nodesevinfo[] =3D { + {.name =3D "help", + .data =3D N_("node SEV information") + }, + {.name =3D "desc", + .data =3D N_("Returns basic SEV information about the node.") + }, + {.name =3D NULL} +}; + +static bool +cmdNodeSEVInfo(vshControl *ctl, const vshCmd *cmd G_GNUC_UNUSED) +{ + virshControl *priv =3D ctl->privData; + size_t i; + int nparams =3D 0; + virTypedParameterPtr params =3D NULL; + bool ret =3D false; + + if (virNodeGetSEVInfo(priv->conn, ¶ms, &nparams, 0) !=3D 0) { + vshError(ctl, "%s", _("Unable to get host SEV information")); + goto cleanup; + } + + for (i =3D 0; i < nparams; i++) { + g_autofree char *str =3D vshGetTypedParamValue(ctl, ¶ms[i]); + vshPrint(ctl, "%-18s: %s\n", params[i].field, str); + } + + ret =3D true; + + cleanup: + virTypedParamsFree(params, nparams); + return ret; +} + /* * "nodesuspend" command */ @@ -1828,6 +1867,12 @@ const vshCmdDef hostAndHypervisorCmds[] =3D { .info =3D info_nodememstats, .flags =3D 0 }, + {.name =3D "nodesevinfo", + .handler =3D cmdNodeSEVInfo, + .opts =3D NULL, + .info =3D info_nodesevinfo, + .flags =3D 0 + }, {.name =3D "nodesuspend", .handler =3D cmdNodeSuspend, .opts =3D opts_node_suspend, --=20 2.33.1